Under the Radar: Deep Dive on Network Insights with Jose Bravo

 View Only
When:  Mar 20, 2020 from 11:00 AM to 12:00 PM (ET)


Join IBM Security Architect and QRadar expert Jose Bravo as he gives a live demo of QRadar Network Insights (QNI).

This technical session starts with an overview of the value getting standard netflows into QRadar. Jose will show some offenses that could only fire if you are processing standard netflows.

Jose will then:

  • Analyze the content of the traffic payload
  • Explain how QNI scrutinizes the entire payload, extracts information, runs Yara rules and puts its findings into a special type of flows named IPFIX, sending them to QRadar
  • Show some offenses that fire base on malicious payload content
  • Demonstrate what corporations can do to keep monitoring traffic when everything is encrypted
  • Discuss common techniques like MITM, but in particular focus on a new mechanism named JA# and show an example


This immersive session will be on a whiteboard and within the QRadar console.

Location

Online Instructions:
Url: http://event.on24.com/wcc/r/2186394/296D528318F523165D01D65176996FC4
Login: Please use the link to register for this webinar