BQ405GUA — QRadar SOAR: Foundations
BQ405GUA - QRadar SOAR: Foundations
Course Description:
In this course, you learn about the IBM Security® QRadar® SOAR architecture, and how to position the product in your company’s security architecture design. You gain hands-on experience with the SOAR interface, by investigating and managing cases and users with the SOAR Breach Response module, playbooks, and email integration.
Objectives
In this course, you learn about the following topics:
QRadar SOAR architectural patterns
Install the product, and configure license and access
Review the SOAR Console
Manage cases
Utilize the concept of artifacts
Utilize case management capabilities
Integrate email system for users and case management
Focus on the Breach Response module
Gain hands-on experience with the SOAR platform
Design playbooks
Integrate IBM and third-party solutions with SOAR
Audience
Security operations center (SOC) Administrator
SOC Analyst
Security Analyst
Incident Responder
Managed Service Security Provider (MSSP)
Topics
Getting started
Describe architectural patterns
Install the product and configure license and access
Review the SOAR Console
Manage cases and use Breach Response add-on
Utilize the concept of artifacts
Case management and email integration
Utilize case management capabilities
Integrate email system for users and case management
Focus on the Breach Response module
Playbooks and integrations
Gain hands-on experience with the SOAR platform
Design playbooks
Integrate IBM and third-party solutions with SOAR