QRadar SOAR training session and labs for EMEA & APAC

 View Only
Starts:  Aug 29, 2022 08:30 AM (CET)
Ends:  Sep 2, 2022 12:00 PM (CET)
Summary

Please join our Proof of Technology event for IBM Customers and Business Partners and IBMers with a need to become more familiar with QRadar SOAR (Resilient). During this workshop, you can learn best practices and trends about Security Incident Response using QRadar, you will be able to network with your industry peers and participate in different hands-on LAB Exercises. 

This 5 half-day workshop will be delivered in English

Agenda

Half-day 1 & 2: UI - Rules - Customization - email Collection

  • Introduction to the IR problem
  • Marketing and product placement
  • Architecture overview and installation options
  • Resilient Platform Overview (Demo)
  • Lab 1: Prepare the environment
  • Lab 2: Incident Creation & Editing
  • Lab 3: Working with the Privacy Module and Breach
  • Lab 4: Reports & Dashboards
  • Lab 5: Field & Tab Customization
  • Lab 6: Incident Types, Phases, and Tasks
  • Lab 7: Scripts
  • Lab 8: Rules
  • Lab 9: Additional script and rule 
  • Lab 10: Inbound Email

Half-day 3 & 4 Playbooks - Integration Server - App Host

  • Review last labs & Feedback
  • Lab 11: Playbooks(New Playbook Design)
  • Lab 12: Install the Integration Server 
  • Lab 13: Install app from App Exchange
  • Lab 14: Creating your own function
  • Lab 15: Installing QRadar SOAR Circuits as a Service
  • Lab 16: install the apphost package
  • Lab 17: install your first app
  • Lab 18: Install fn_utilities app
  • Lab 19: Create new Custom Palybook that uses our Shell Command Function
  • Lab 20: Install nmap in AppHost and remote control to VM
  • Lab 21: Install the Components File for App Host

Half-day 5: Link your QRadar to SOAR (QRadar Labs are provided to BPs and IBMers only)

  • Review last labs & Feedback
  • Lab 22: Reserve a QRadar for demo on TechZone, or use your own QRadar Lab (NOT PROD)
  • Lab 23: Configure your QRadar to send Alerts to SOAR
  • Lab 24: Configure your SOAR to Query QRadar with 2 apps 
  • Lab 25: Create offense and see them in SOAR

Speakers



Gaëtan Lodde - Technical Sales Engineer - IBM Security


Registration 

EMEA & APAC session dates August 29 - September 2 2022, Starting at 8:30 AM (CEST) until 12:00 PM (CEST)

Send an email to gaetan.lodde@ibm.com  

Subject: Registration for EMEA-APAC SOAR POT in English Aug. 29th – Sept. 2nd 2022, 8:30-12:30 CEST
Body:
I would like to register to the Aug. 29th – Sept. 2nd 2022, 8:30-12:30 CEST

Please fill ALL the fields below: 

Company: 

Select Partner or Customer or IBM: 

Country: 

Full Name: 

Professional Email: 

Mobile: 

I confirm my intention to follow the technical training labs the whole session: