YoVDO

Incident Detection and Investigation with QRadar Apps

Offered By: Pluralsight

Tags

IBM Security QRadar Courses Artificial Intelligence Courses

Course Description

Overview

This course will teach you about the main QRadar apps and how you can improve your incident investigation with them. You learn not only the technical aspect of each app, but also the investigation step-by-step of the main incident types using apps.

One of the major features introduced in QRadar is the ability to install apps, which expands the SIEM features and helps on incident investigation. In this course, Incident Detection and Investigation with QRadar Apps, you will learn about the most interesting QRadar apps for a SOC analyst. First, you will learn how to create interactive dashboards with the Pulse app. Next, you will discover about the use of artificial intelligence for incident investigation using the QRadar Advisor with Watson app. Finally, you will explore how to detect internal threats using the User Behaviour Analytics (UBA) app. You also will explore other interesting apps that will help you to monitor QRadar system health. The course is filled with demos showing the QRadar apps being used in several incident investigations, such as malware outbreaks, rouge employees, internal threats, and compromised accounts. When you're finished with this course, you will have the skills and knowledge of the main QRadar apps needed to improve your incident investigation game.

Syllabus

  • Course Overview 2mins
  • The QRadar App Framework 8mins
  • Creating Interactive Dashboards 20mins
  • Becoming a QRadar Guru with the Assistant App 13mins
  • Incident Investigation with Artificial Intelligence 12mins
  • Detecting Internal Threats with User Behavior Analytics (UBA) 27mins
  • Monitoring the QRadar Activities 13mins
  • Managing System Health 16mins

Taught by

Ricardo Reimao

Related Courses

Incident Detection and Investigation with QRadar
Pluralsight
Incident Detection and Investigation with QRadar
Pluralsight
Planning, Deploying, and Maintaining QRadar
Pluralsight
Vulnerability Management with QRadar
Pluralsight