Modern IBM QRadar 7.5 SIEM Administration

Understand modern best practices that will make you a better SIEM administrator

Ratings: 4.49 / 5.00




Description

Hello everyone!

My name is Daniel Koifman, a recognized IBM Subject Matter Expert for QRadar, CASP+ Certified.

In this course, I will be showing you all of the most important subjects you need to know in order to be a skilled QRadar administrator, in addition to various real-world scenarios and best practices.

The course is divided into the following 15 sections:

  1. Introduction &  Installation

  2. QRadar overview

  3. Rules

  4. Working with Reference Data

  5. QRadar Administration - System Configuration

  6. QRadar Administration - Performance Optimization

  7. QRadar Administration - Data Source Configuration

  8. QRadar Administration - Accuracy Tuning

  9. QRadar Administration - User Management

  10. QRadar Administration - Reporting, Searching & Offense Management

  11. QRadar Administration - Tenants and Domains

  12. QRadar Administration - Troubleshooting

  13. Working with the QRadar Console

  14. Working with the API

  15. Practical Use Cases for New/Existing Deployments


Each section was carefully designed based on all of my experience working as a Senior Threat Detection engineer for fortune-500 and for MSSPs. This is the ONLY course with a detailed, in-depth practical use cases section, which will show you common problems that administrators are facing throughout the world. I developed this section based on my endless hours of trial & error and independent research, so I hope all of you can learn very useful things in the course, regardless of skill level!

What You Will Learn!

  • Administer IBM's QRadar SIEM
  • Create rules and detections based on different telemetry sources
  • Troubleshoot various technical issues
  • Understand QRadar core services and functions

Who Should Attend!

  • SOC Analysts who work with QRadar
  • Detection Engineers
  • SIEM Engineers
  • QRadar Administrators