0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Building a Next-Gen SOC with IBM QRadar

You're reading from Building a Next-Gen SOC with IBM QRadar Accelerate your security operations and detect cyber threats effectively

Product type Paperback

Published in Jun 2023

Publisher Packt

ISBN-13 9781801076029

Length 198 pages

Edition 1st Edition

Tools

IBM QRadar

Concepts

Cybersecurity

Author (1):

Ashish Kothekar

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Understanding Different QRadar Components and Architecture

2. Chapter 1: QRadar Components FREE CHAPTER

3. Chapter 2: How QRadar Components Fit Together

4. Chapter 3: Managing QRadar Deployments

5. Part 2: QRadar Features and Deployment

6. Chapter 4: Integrating Logs and Flows in QRadar

7. Chapter 5: Leaving No Data Behind

8. Chapter 6: QRadar Searches

9. Chapter 7: QRadar Rules and Offenses

10. Part 3: Understanding QRadar Apps, Extensions, and Their Deployment

11. Chapter 8: The Insider Threat – Detection and Mitigation

12. Chapter 9: Integrating AI into Threat Management

13. Chapter 10: Re-Designing User Experience

14. Chapter 11: WinCollect – the Agent for Windows

15. Chapter 12: Troubleshooting QRadar

16. Index

Why subscribe?

17. Other Books You May Enjoy

QRadar Advisor with Watson

QRAW is based on Watson’s cognitive intelligence. IBM Watson uses information from varied sources, breaks it into data points, and then uses the security domain knowledge to stitch together all the data points related to a certain parameter. For example, let’s say there is a known hash value for a certain malware, and that hash value is present in the event details in QRadar. IBM Watson uses this information to create graphs and correlations to explain which assets are affected by malware, how this malware entered the organization, how it proliferates or moves laterally, and so on. It also shows the assets and users involved. This kind of detailed analysis is done by QRAW in a matter of minutes. It would have taken SOC analysts weeks or months to get all this information.

QRAW uses Watson’s cognitive intelligence. Let us look at how QRAW works with QRadar with the help of the following flow chart:

Figure 9.1 – Internal workings of QRAW

Figure...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Ashish Kothekar

Ashish Kothekar

Ashish has a total experience of more than 15 years working for IBM on various different platforms. He is currently working as tech evangelist for IBM Security products. He has been instrumental in developing more than 10 IBM certification exams including IBM products like QRadar, Cloud Pak for Security, IBM SiteProtector, IBM XGS, etc. He has worked with multiple customers on deploying and then upgrading IBM security products. He has contributed regularly by writing blogs and giving talks on security products. He has published many redpapers on the integration of security products with IBM Storage solutions like IBM Spectrum scale. These redpapers are now full-fledged solutions that are being sold. He has also cleared two Mandarin language exams and is HSK2 qualified.

See other products by Ashish Kothekar

Ashish M Kothekar

Ashish M Kothekar

Ashish has a total experience of more than 15 years working for IBM on various different platforms. He is currently working as tech evangelist for IBM Security products. He has been instrumental in developing more than 10 IBM certification exams including IBM products like QRadar, Cloud Pak for Security, IBM SiteProtector, IBM XGS, etc. He has worked with multiple customers on deploying and then upgrading IBM security products. He has contributed regularly by writing blogs and giving talks on security products. He has published many redpapers on the integration of security products with IBM Storage solutions like IBM Spectrum scale. These redpapers are now full-fledged solutions that are being sold. He has also cleared two Mandarin language exams and is HSK2 qualified.

See other products by Ashish M Kothekar

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m