IBM QRadar SIEM 7.5.2 Advanced Operations course – BQ205G (Updated)

New training updated to version 7.5.2 for advanced operations and best practices with IBM QRadar SIEM. Revised and improved by our experts.

Objectives

This training aims to deepen the learning of advanced analysis of security incidents with the advanced course of IBM QRadar SIEM, addressing various complex issues in order to optimize and get the most out of this platform.

During the course we will analyze different use cases based on real scenarios using anomaly detection rules employing different correlation methodologies for the detection of persistent threats (APTs), suspicious behavior and violations of the organization’s security policies. On the other hand, you will learn how to integrate new devices and advanced solutions into QRadar: third-party software, sensors, IoT devices and industrial cybersecurity tools (OT).

QRadar SIEM 7.5.2 – Advanced Operations Course Agenda

  • Implementation of practices in operations with IBM QRadar SIEM
  • Management of data structures such as Reference Maps, Sets & Tables for complex threat detection
  • Integration of devices, applications and sensors into IBM QRadar SIEM from the ground up
  • Detection of potential threats based on user behavior
  • Configuration of automated responses and integration via scripts with third-party APIs
  • Analysis of patterns and anomalies in the network
  • Multi-tenant environments. Adapting rules for multi-client deployments.
  • Platform Expansion: Incident Forensics, Network Insights, Vulnerability Manager, Watson Advisor
  • Open consultation for 1h (at no additional cost)
  • Preparation of official certifications (at no additional cost)

Audience

The advanced QRadar course is intended for cybersecurity analysts with at least three years of experience with SIEM solutions, either QRadar, Archsight or Splunk and a minimum of one year of IBM QRadar experience performing SOC level 2 or higher analyst duties. We recommend that students who do not meet these requirements first take our IBM Qradar Operations and Administration courses.

Need help with QRadar? Do you want to try it?

At SIXE we are IBM Security BP. We sell, install and support IBM QRadar SIEM. We also conduct tailor-made training, seminars and technical talks. Ask for a demonstration of the product without obligation.

Our added value

Our courses are deeply oriented to the role to be performed. It is not the same the needs of mastering a technology for a team of developers, as it is for the people in charge of deploying and managing the infrastructure.

That is why, beyond commands and tasks, we focus on solving the problems that arise in the day-to-day work of each team. We provide our students with the knowledge, competencies and skills required for each project. In addition, our documentation is based on the latest version of each product.

Course length and delivery options

This course is given in three days from 8:30 am to 4 pm both in Spain and in Latin America. It can be given in person or online through our virtual classroom.

Do you have doubts?

Request a meeting with our instructor without obligation. We will introduce you to the course, show you the materials and the laboratories.

SIXE