What you'll learn:
- Administer IBM's QRadar SIEM
- Create rules and detections based on different telemetry sources
- Troubleshoot various technical issues
- Understand QRadar core services and functions
Hello everyone!
My name is Daniel Koifman, a recognized IBMSubject MatterExpert for QRadar, CASP+ Certified.
In this course, I will be showing you all of the most important subjects you need to know in order to be a skilled QRadar administrator, in addition to various real-world scenarios and best practices.
The course is divided into the following 15 sections:
Introduction &Installation
QRadar overview
Rules
Working with Reference Data
QRadar Administration - System Configuration
QRadar Administration - Performance Optimization
QRadar Administration - Data Source Configuration
QRadar Administration - Accuracy Tuning
QRadar Administration - User Management
QRadar Administration - Reporting, Searching & Offense Management
QRadar Administration - Tenants and Domains
QRadar Administration - Troubleshooting
Working with the QRadar Console
Working with the API
Practical Use Cases for New/Existing Deployments
Each section was carefully designed based on all of my experience working as a Senior Threat Detection engineer for fortune-500 and for MSSPs. This is the ONLY course with a detailed, in-depth practical use cases section, which will show you common problems that administrators are facing throughout the world. Ideveloped this section based on my endless hours of trial &error and independent research, so Ihope all of you can learn very useful things in the course, regardless of skill level!
