QRadar EDR: Protecting Your Endpoints (BQ510XG-SPVC)

Overview

In this course, you gain hands-on experience with the IBM Security® QRadar® EDR user interface with a focus on threat hunting, learn how to investigate threats on your endpoints, and manage your endpoints to stay secured and up-to-date. You also observe a detailed demonstration about how to detect malware attacks, and how to remediate these threats.

This course applies to version 3.12 of the on-premises QRadar EDR offering as well as the January 2024 SaaS-based offering.

Audience

  • Security Operations Center (SOC) Analyst
  • Security Analyst
  • Incident Responder
  • Managed Service Security Provider (MSSP) 

Prerequisites

null

Objective

  • Investigating threats on endpoints
  • Managing endpoints
  • Understanding and responding to alerts and trends
  • Acting upon behavioral malware and ransomware attacks
  • Hunting for threats on your endpoint using a QRadar EDR lab
Show details

Course Outline

Unit 1: Investigating threats on endpoints

Unit 2: Managing endpoints

Unit 3: Understanding and responding to alerts and trends

Unit 4: Behavioral and ransomware malware attacks demonstration

Unit 5: Threat hunting lab