Webinar: The Evolving SIEM: Mapping to MITRE ATT&CK, Fine Tuning, and Exploring Rules

 View Only
When:  Nov 22, 2019 from 11:00 AM to 12:00 PM (ET)

Your SIEM needs to evolve to keep up with the changing threat landscape, technological advancements and infrastructure complexity. IBM QRadar Use Case Manager lets you do just that – it empowers you to maximize IBM QRadar efficiency while fortifying your security posture.

QRadar Use Case Manager gives you powerful features and benefits that include the ability to:

  • Improve your security posture by mapping threat coverage to the MITRE ATT&CK framework
    • Visually understand your ability to detect threats based on MITRE ATT&CK tactics and techniques.
    • View predefined QRadar tactic and technique mappings and add your own custom mappings to help complete coverage.
    • Use new insights to prioritize the rollout of new use cases and apps to proactively strengthen your security posture.
  • Fine tune your environment based on built-in analysis
    • Gain tuning recommendations unique to your environment right within the app.
    • Identify top offense-generating or CRE-generating rules, then follow the guide to tune them.
    • Reduce the number of false positives by reviewing the most common configuration steps. Easily update network hierarchy, building blocks, and server discovery based on recommendations.
  • Explore rules through visualization and generate reports
    • Explore the rules through different filters to ensure they work as intended.
    • Generate reports from predefined templates, such as searches based on rule response and actions, log source coverage, and many others.
    • Customize reports to only see the critical information for your analysis.

​​​​​​​Join our webcast to learn more about the new IBM QRadar Use Case Manager that can empower you to proactively improve your security posture, easily fine tune your environment as well as efficiently explore and update rules and generate reports.