Course Overview

QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.

This 2-day course walks you through various advanced topics about QRadar such as custom log sources, reference data collections and custom rules, X-Force data and the Threat Intelligence app, UBA and QRadar Advisor, tuning and custom action scripts. The course also discusses integration with IBM SOAR. Hands-on exercises reinforce the skills learned.

The lab environment for this course uses the IBM QRadar SIEM 7.4 platform.

Course Overview

IBM Security Verify Access* helps you simplify your users' access while more securely adopting web, mobile, IoT, and cloud technologies. It can be deployed on premises, in a virtual or hardware appliance, or containerized with Docker. Verify Access also directly connects with Verify SaaS for a modernized, hybrid IAM approach to enable your organization's migration to identity as a service (IDaaS) at a comfortable pace. Using the skills taught in this course, you learn how to run Verify Access via Docker, configure authentication and authorization mechanisms, implement policy access control, and set up reverse proxy junctions to process web requests. Hands-on exercises reinforce the skills learned.

Course Description

Overview

IBM Security® Guardium® Data Protection (Guardium) supports a zero trust approach to security. It discovers and classifies sensitive data from across an enterprise, providing real time data activity monitoring and advanced user behavior analytics to help discover unusual activity around sensitive data.

Guardium provides a broad range of data security and protection capabilities that can protect sensitive and regulated data across environments and platforms. This course provides the foundational level processes, procedures, and practices necessary to configure Guardium to monitor and protect sensitive data. Hands-on exercises reinforce the skills learned. 

IBM Security QRadar enables deep visibility into network, endpoint, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses. In this course, you learn about the solution architecture, how to navigate the user interface, and how to investigate offenses. You search and analyze the information from which QRadar concluded a suspicious activity. Hands-on exercises reinforce the skills learned.