In this course, you learn about the IBM Security® QRadar® SOAR architecture, and how to position the product in your company's security architecture design. You gain hands-on experience with the SOAR interface, by investigating and managing cases and users with the SOAR Breach Response module, playbooks, and email integration.
TARGET AUDIENCE:
• Security operations center (SOC) Administrator
• SOC Analyst
• Security Analyst
• Incident Responder
• Managed Service Security Provider (MSSP)
COURSE PREREQUISITES:
Not available. Please contact.
COURSE CONTENT:
Getting started
• Describe architectural patterns
• Install the product and configure license and access
• Review the SOAR Console
• Manage cases and use Breach Response add-on
• Utilize the concept of artifacts
Case management and email integration
• Utilize case management capabilities
• Integrate email system for users and case management
• Focus on the Breach Response module
Playbooks and integrations
• Gain hands-on experience with the SOAR platform
• Design playbooks
• Integrate IBM and third-party solutions with SOAR
COURSE OBJECTIVE:
In this course, you learn about the following topics:
• QRadar SOAR architectural patterns
• Install the product, and configure license and access
• Review the SOAR Console
• Manage cases
• Utilize the concept of artifacts
• Utilize case management capabilities
• Integrate email system for users and case management
• Focus on the Breach Response module
• Gain hands-on experience with the SOAR platform
• Design playbooks
• Integrate IBM and third-party solutions with SOAR
FOLLOW ON COURSES:
Not available. Please contact.