Understand modern best practices that will make you a better SIEM administrator
Description
Hello everyone!
My name is Daniel Koifman, a recognized IBM Subject Matter Expert for QRadar, CASP+ Certified.
In this course, I will be showing you all of the most important subjects you need to know in order to be a skilled QRadar administrator, in addition to various real-world scenarios and best practices.
The course is divided into the following 15 sections:
- Introduction & Installation
- QRadar overview
- Rules
- Working with Reference Data
- QRadar Administration – System Configuration
- QRadar Administration – Performance Optimization
- QRadar Administration – Data Source Configuration
- QRadar Administration – Accuracy Tuning
- QRadar Administration – User Management
- QRadar Administration – Reporting, Searching & Offense Management
- QRadar Administration – Tenants and Domains
- QRadar Administration – Troubleshooting
- Working with the QRadar Console
- Working with the API
- Practical Use Cases for New/Existing Deployments
Each section was carefully designed based on all of my experience working as a Senior Threat Detection engineer for fortune-500 and for MSSPs. This is the ONLY course with a detailed, in-depth practical use cases section, which will show you common problems that administrators are facing throughout the world. I developed this section based on my endless hours of trial & error and independent research, so I hope all of you can learn very useful things in the course, regardless of skill level!
Who this course is for:
- SOC Analysts who work with QRadar
- Detection Engineers
- SIEM Engineers
- QRadar Administrators
