IBM QRadar Security Intelligence Fundamentals | Roland Costea | Skillshare

IBM QRadar Security Intelligence Fundamentals

Roland Costea, Information Security Leader

Play Speed
  • 0.5x
  • 1x (Normal)
  • 1.25x
  • 1.5x
  • 2x
54 Videos (4h 8m)
    • INTRO

      1:15
    • 1.1_Cybersecurity Trends

      4:44
    • 1.2_What type of intelligence do I need?

      5:26
    • 1.3_SIEM wrong expectations in the market

      2:37
    • 1.4_Ask the right Questions

      4:52
    • 1.5_Integration & Automation

      4:02
    • 1.6_What Happens After an Attack

      5:49
    • 1.7_IBM Resilient Acquisition

      5:31
    • 1.8_Watson in Security

      6:21
    • 2.1_Why IBM is no. 1?

      4:50
    • 2.2_Qradar Processes

      5:36
    • 2.3_IBM Qradar Offense Engine

      5:10
    • 2.4_Qradar Architecture

      5:59
    • 2.5_Qradar Licensing

      9:17
    • 2.6_What is a DSM?

      5:04
    • 2.7_Qradar Burst Strategy

      3:13
    • 2.8_Managing Users

      3:02
    • 2.9_High Availability & Disaster Recovery

      2:54
    • 2.10_Managing Data

      2:52
    • 2.11_Qradar Rules

      5:26
    • 2.12_Qradar Searches

      10:02
    • 2.13_Unsopported log searches - custom DSMs

      3:38
    • 2.14_Qradar Reports

      2:43
    • 2.15_Asset Profiles

      5:15
    • 2.16_Storage and Data Node

      5:37
    • 2.17_What is QFlow?

      4:23
    • 2.18_Qradar Historical Correlation

      6:08
    • 2.19_Qradar Multitenancy

      5:18
    • 3.1_Network Hierarchy

      6:12
    • 3.2_Data Retention

      3:24
    • 3.3_Extract Property Option

      4:14
    • 3.4_Managing False Positives

      4:49
    • 3.5_QRE vs ADE rules

      5:15
    • 3.6_Qradar reference sets and maps

      6:24
    • 4.1_Vulnerability Manegement Process

      4:20
    • 4.2_QVM unique integrated solution

      6:09
    • 4.3_How the scanner works?

      3:11
    • 4.4_QVM Filters

      2:02
    • 4.5_QVM BigFix integration

      5:14
    • 5.1_Configuration Errors

      2:19
    • 5.2_QRM Architecture & Licensing¬†

      5:10
    • 5.3_Topology View

      2:43
    • 5.4_Configuration Monitor

      2:45
    • 5.5_Device Discovery

      3:02
    • 5.6_Threat Modeling & Simulation

      3:09
    • 5.7_Modeling Topology Changes

      7:51
    • 5.8_Vulnerability & CIS Benchmark Assessment

      3:49
    • 6.1_Challenges

      5:11
    • 6.2_Network Forensics

      5:40
    • 6.3_QRIF Architecture

      5:33
    • 6.4_Storage and Data Export

      3:05
    • 6.5_Nomenclature of QRIF

      2:46
    • 6.6_Case Management

      2:48
    • 6.7_Surveyor & Digital Impression

      3:53

About This Class

This course is designed to teach you the technical concepts that sits behind the most valuable security intelligence platform these days, IBM Qradar. Learn what type of intelligence you can get, how collection, normalization and correlation work and what does IBM mean through VISIBILITY.

Understand all Qradar modules and how they integrate and BOOST your Security CAREER!!!

  • Qradar Security Information and Event Management (SIEM)
  • Qradar Vulnerability Manager
  • Qradar Risk Manager
  • Qradar Incident Forensics

IBM Security QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and the secure storage of events, flows, assets, topologies, and vulnerabilities. QRadar SIEM classifies suspected attacks and policy breaches as offenses.

2

Students

--

Projects

  • --
  • Beginner
  • Intermediate
  • Advanced
  • All Levels
  • Beg/Int
  • Int/Adv

Level

Community Generated

The level is determined by a majority opinion of students who have reviewed this class. The teacher's recommendation is shown until at least 5 student responses are collected.

Roland Costea

Information Security Leader

Highly motivated professional with working experience in IT Information Security Solutions evolving from technical engineer to customer oriented positions as presales/solution/enterprise architect and Information Security Leader, at big companies (> 500) in Central and Eastern Europe (Accenture, Star Storage, Teamnet WPS, IBM, Genpact, Microsoft). Result-oriented individual strongly focused on customers, trying to offer the best solution based on their needs, capable of implementing complex p...

See full profile

Technology Web Development
Report class