Learn the fundamental and advanced concepts of QRdar SIEM v7.3.
IBM QRadar SIEM provides collection, normalization, correlation, and secure storage of events, flows, asset profiles, and vulnerabilities. This product classifies suspected attacks and policy violations as offenses. IBM® Security QRadar® enables you to minimize the time gap between when a suspicious activity occurs and when you detect it. Attacks and policy violations leave their footprints in log events and network flows of your IT systems. To connect the dots, QRadar SIEM correlates these scattered events and flows into offenses that alert you to suspicious activities. Using the skills taught in this course, you will be able to configure processing of uncommon events, work with reference data, and develop custom rules, custom actions, and custom anomaly detection rules.
Before taking this course, you should have the following skills:
- IT infrastructure
- IT security fundamentals
- TCP/IP networking
- Network flows