Hello Community Members,
I am happy to inform you that our free QRadar training on the Security Learning Academy is growing. As more apps are published to the IBM Security App Exchange, we add more categories to the Security Intelligence space on the Security Learning Academy.
At the beginning of this year, we created a new category for the IBM QRadar DNS Analyzer (IQDA) app. This free QRadar app brings increased value to security analysts, by detecting malicious activity that can be hidden in your local DNS traffic.
Check out the DNS Analyzer category, and watch the videos to get an overview of the app and an introduction to specific attack techniques that abuse the DNS protocol. The video also discusses the integration points with other IBM QRadar Apps, UBA (User Behavior Analysis), QNI (QRadar Network Insight), and Pulse.
In the videos, we talk about domain generation algorithm (DGA) techniques that are used in botnets, and detection of malicious Command and Control websites based on characteristics of domains it contains. We also explain domain squatting techniques that are used in phishing attacks.
Finally, you learn how to use domain blacklisting to detect whether users are accessing sites that are not compliant with your company security policies.
Remember to return to the Security Learning Academy often, as we are constantly adding more free training for this app as well as for the entire IBM Security product portfolio.#QRadar