Back

QRadar SOAR: Foundations (BQ405G)

Kurskategori Underkategori

In this course, you learn about the IBM Security® QRadar® SOAR architecture, and how to position the product in your company's security architecture design. You gain hands-on experience with the SOAR interface, by investigating and managing cases and users with the SOAR Breach Response module, playbooks, and email integration.

COURSE OBJECTIVE:
In this course, you learn about the following topics:

• QRadar SOAR architectural patterns
• Install the product, and configure license and access
• Review the SOAR Console
• Manage cases
• Utilize the concept of artifacts
• Utilize case management capabilities
• Integrate email system for users and case management
• Focus on the Breach Response module
• Gain hands-on experience with the SOAR platform
• Design playbooks
• Integrate IBM and third-party solutions with SOAR

TARGET AUDIENCE:
• Security operations center (SOC) Administrator
• SOC Analyst
• Security Analyst
• Incident Responder
• Managed Service Security Provider (MSSP)

COURSE PREREQUISITES:
Not available. Please contact.

COURSE CONTENT:
Getting started

• Describe architectural patterns
• Install the product and configure license and access
• Review the SOAR Console
• Manage cases and use Breach Response add-on
• Utilize the concept of artifacts

Case management and email integration

• Utilize case management capabilities
• Integrate email system for users and case management
• Focus on the Breach Response module

Playbooks and integrations

• Gain hands-on experience with the SOAR platform
• Design playbooks
• Integrate IBM and third-party solutions with SOAR

FOLLOW ON COURSES:
Not available. Please contact.