QRadar SOAR training session and labs for EMEA & APAC Jan. 30th – Feb. 3rd 2023

 View Only
Starts:  Jan 30, 2023 08:30 AM (CET)
Ends:  Feb 3, 2023 12:00 PM (CET)
Summary

Please join our Proof of Technology event for IBM Customers, Business Partners and IBMers with a need to become more familiar with QRadar SOAR (Resilient). During this workshop, you can learn best practices and trends about Security Incident Response using QRadar, you will be able to network with your industry peers and participate in different hands-on LAB Exercises. 

This 5 half-day workshop will be delivered in English

Agenda

Half-day 1 & 2: UI - Rules - Customization - email Collection

  • Introduction to the IR problem
  • Marketing and product placement
  • Architecture overview and installation options
  • Resilient Platform Overview (Demo)
  • Lab 1: Prepare the environment
  • Lab 2: Incident Creation & Editing
  • Lab 3: Working with the Privacy Module and Breach
  • Lab 4: Reports & Dashboards
  • Lab 5: Field & Tab Customization
  • Lab 6: Incident Types, Phases, and Tasks
  • Lab 7: Scripts
  • Lab 8: Rules
  • Lab 9: Additional script and rule 
  • Lab 10: Inbound Email

Half-day 3 & 4 Playbooks - Integration Server - App Host

  • Review last labs & Feedback
  • Lab 11: Playbooks(New Playbook Design)
  • Lab 12: Install the Integration Server 
  • Lab 13: Install app from App Exchange
  • Lab 14: Creating your own function
  • Lab 15: Installing QRadar SOAR Circuits as a Service
  • Lab 16: install the apphost package
  • Lab 17: install your first app
  • Lab 18: Install fn_utilities app
  • Lab 19: Create new Custom Palybook that uses our Shell Command Function
  • Lab 20: Install nmap in AppHost and remote control to VM
  • Lab 21: Install the Components File for App Host

Half-day 5: Link your QRadar to SOAR (QRadar Labs are provided to BPs and IBMers only)

  • Review last labs & Feedback
  • Lab 22: Reserve a QRadar for demo on TechZone, or use your own QRadar Lab (NOT PROD)
  • Lab 23: Configure your QRadar to send Alerts to SOAR
  • Lab 24: Configure your SOAR to Query QRadar with 2 apps 
  • Lab 25: Create offense and see them in SOAR

Key Speaker 


Gaëtan Lodde - Technical Sales Engineer - IBM Security

To attend this event please join the Security Community: If you haven't already done so, join the Security Community by clicking the blue "Sign in or Join" button in the top right corner of this page. After signing up with your IBM ID (you'll have the opportunity to create one if necessary), navigate back to the  Community--Events Tab, select this event, register and click download to your calendar.

Location

Dial-in Instructions:

Pricing Information

Registration Price
All Registrants Free Event