Overview

In this course, you gain hands-on experience with the IBM Security® QRadar® EDR user interface with a focus on threat hunting, learn how to investigate threats on your endpoints, and manage your endpoints to stay secured and up-to-date. You also observe a detailed demonstration about how to detect malware attacks, and how to remediate these threats.

This course applies to version 3.12 of the on-premises QRadar EDR offering as well as the January 2024 SaaS-based offering.

Audience

• Security Operations Center (SOC) Analyst
• Security Analyst
• Incident Responder
• Managed Service Security Provider (MSSP) 

Prerequisites

Objective

• Investigating threats on endpoints
• Managing endpoints
• Understanding and responding to alerts and trends
• Acting upon behavioral malware and ransomware attacks
• Hunting for threats on your endpoint using a QRadar EDR lab

Course Outline

Unit 1: Investigating threats on endpoints

Unit 2: Managing endpoints

Unit 3: Understanding and responding to alerts and trends

Unit 4: Behavioral and ransomware malware attacks demonstration

Unit 5: Threat hunting lab