QRadar SIEM: Exploring reports, rules, and offenses (v7.5) (BQ320G-SPVC)

Overview

Communicating the details and statistics from your security investigation and proving your organization's compliance are crucial responsibilities. You want to present your findings so that upper management can clearly understand the results. That's where QRadar reports come in. Gain the skills you need to optimize your QRadar SIEM reports. 

 

Manage your organization's cybersecurity risks with up-to-date input by comparing your QRadar rules to the MITRE ATT@CK framework and install the updates that it recommends.

 

Customize your organization's dashboards and put custom rules in place to filter QRadar data. Security analysts appreciate getting the right data to investigate security incidents. 

 

Expand your capabilities in investigating security incidents with QRadar SIEM offenses.

Audience

  • Security Analyst
  • Security Administrator

Prerequisites

null

Objective

Upon successful completion of this course, you can:

  • Customize and generate QRadar reports
  • Create, edit and manage QRadar rules
  • Investigate QRadar offenses
Mostra dettagli

Course Outline

This course covers the following topics:

  • QRadar Reporting and dashboards
  • Custom Rule Engine (CRE)
  • QRadar Use Case Manager app
  • Working with offenses