QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected attacks and policy breaches are highlighted as offenses.
This self-paced 2-day course walks you through various advanced topics about QRadar such as custom log sources, reference data collections and custom rules, X-Force data and the Threat Intelligence app, UBA and QRadar Advisor, tuning and custom action scripts. The course also discusses integration with IBM SOAR. Hands-on exercises reinforce the skills learned.
The lab environment for this course uses the IBM QRadar SIEM 7.4 platform.
Who should attend
This course is designed for security administrators and security analysts.
Course Prerequisites
Students should be knowledgeable about the following topics:
- IT infrastructure
- IT security fundamentals
- Linux
- Windows
- TCP/IP networking
- Syslog
- Foundational skills for the IBM QRadar Security Intelligence Platform (at least the skills that are taught in the IBM QRadar SIEM Foundations - BQ104 course)
Additional information
PLEASE NOTE: It may take 2-3 business days for your course access to be activated. You will receive an email from us with all necessary details.
Only registered users can write reviews. Please Sign in or create an account
Industry Partners
