+48 22 208 28 61    szkolenia@cts.com.pl
Menu

QRadar SIEM: Exploring reports, rules, and offenses (v7.5) – bq320gspl

Course #: bq320gspl

Duration: 4.8 Hours

Communicating the details and statistics from your security investigation and proving your organization’s compliance are crucial responsibilities. You want to present your findings so that upper management can clearly understand the results. That’s where QRadar reports come in. Gain the skills you need to optimize your QRadar SIEM reports.

Manage your organization’s cybersecurity risks with up-to-date input by comparing your QRadar rules to the MITRE ATT@CK framework and install the updates that it recommends.

Customize your organization’s dashboards and put custom rules in place to filter QRadar data. Security analysts appreciate getting the right data to investigate security incidents.

Expand your capabilities in investigating security incidents with QRadar SIEM offenses.

Objectives

Upon successful completion of this course, you can:

  • Customize and generate QRadar reports
  • Create, edit and manage QRadar rules
  • Investigate QRadar offenses

Audience

  • Security Analyst
  • Security Administrator

Topics

This course covers the following topics:

  • QRadar Reporting and dashboards
  • Custom Rule Engine (CRE)
  • QRadar Use Case Manager app
  • Working with offenses

Contact us regarding the training