Descripción: Curso QRadar EDR: Integrating QRadar EDR with QRadar SIEM
Formación en
Gain knowledge on how to integrate IBM Security® QRadar® EDR and SIEM by creating an API application in QRadar EDR and by adding a new log source in QRadar SIEM to add endpoint detection and alerts to QRadar SIEM. Having advanced and automated response capabilities enables analysts to focus on the fight in front of them.
This course applies to version 3.12 of the on-premises QRadar EDR offering.
Formación IBM
Detalles
Unit 1: Integrating with QRadar SIEM
- Configure an API application in QRadar EDR
- Install a new log source in QRadar SIEM
- Configure the correct protocol for a log source in QRadar SIEM
- Analyze endpoint alerts from the SIEM dashboard using data from EDR
Unit 2: QRadar EDR - integrating with QRadar SIEM - Lab
- Exercise 1 - Configuring QRadar EDR and QRadar SIEM integration
- Exercise 2 - BitTorrent is run on an endpoint
- Exercise 3 – Malware detected (tryme.exe)
This course is tailored to IT security analysts in a Security Operations Center (SOC) environment who are tasked with endpoint protection and threat hunting, as well as QRadar EDR administrators, incident responders, and managed service security providers (MSSP).
- Configure an API application in QRadar EDR
- Install a new log source in QRadar SIEM
- Install the correct protocol for a log source in QRadar SIEM
- Analyze endpoint alerts from the SIEM dashboard using data from EDR
Contáctenos a través de >éste formulario<
Precios especiales para la formación de grupos
Podemos adaptar cualquier curso a sus necesidades, e impartirlo en sus instalaciones o en nuestros centro de formación ContáctenosCursos relacionados
