IBM Security QRadar

 View Only

Highlights of QRadar Content (Blog Posts references)

By Gladys Koskas posted Wed May 25, 2022 05:44 AM

  
Hi guys


This post is meant to be a central place where you can find all the blog posts related to QRadar Content.
If there is one page to bookmark, it is this one !

I added a table with all the quick links to the blog posts, then a summary of their content.

 

Content pack related (general)

Everything you need to know about QRadar Rules (for beginners and experts)

Content management using the API

IBM Security's Cost of a Data Breach report and QRadar content

Endpoint Monitoring

Diving into Windows UAC Bypasses

Link

QRadar YARA Rule Manager App awesome updates

X-Force

 

Threat Hunting

Microsoft Exchange RCE vulnerabilities - Sept 2022

Content pack related (general)

Everything you need to know about QRadar Rules (for beginners and experts)

Link
This blog is an advanced documentation to learn everything from "what are the different types of rules" to "how does the correlation engine processes the rules
 

Content management using the API

Link
This blog shows how to export and import content using the API


IBM Security's Cost of a Data Breach report and QRadar content

Link
This blog post extracts a few highlights of the Cost of a Data Breach 2022 report and shows how to quickly implement some detections and responses for the biggest attack vectors and threats


This blog is a review of H1 2021. It shows:
- The new content for Hybrid-Cloud environments
- CEP Rebaselining
- The new Custom Properties that have been released
- And other essentials

Diving into Windows UAC Bypasses

Link
This blog explains how the Endpoint content extension can help detection dozens of exploitation of the Windows User Access Control.

QRadar YARA Rule Manager App awesome updates

Link
This blog shows the updates that have been made in the version 1.2.0 of the app, with an improvement of the searching capabilities and namespaces update.


X-Force


This blog explains how X-Force and QRadar integrate with each other as well as the different service options available

Threat Hunting

Microsoft Exchange RCE vulnerabilities - Sept 2022



#Spotlight
#QRadar
0 comments
1441 views

Permalink