0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Building a Next-Gen SOC with IBM QRadar

You're reading from Building a Next-Gen SOC with IBM QRadar Accelerate your security operations and detect cyber threats effectively

Product type Paperback

Published in Jun 2023

Publisher Packt

ISBN-13 9781801076029

Length 198 pages

Edition 1st Edition

Tools

IBM QRadar

Concepts

Cybersecurity

Author (1):

Ashish Kothekar

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Understanding Different QRadar Components and Architecture

2. Chapter 1: QRadar Components FREE CHAPTER

3. Chapter 2: How QRadar Components Fit Together

4. Chapter 3: Managing QRadar Deployments

5. Part 2: QRadar Features and Deployment

6. Chapter 4: Integrating Logs and Flows in QRadar

7. Chapter 5: Leaving No Data Behind

8. Chapter 6: QRadar Searches

9. Chapter 7: QRadar Rules and Offenses

10. Part 3: Understanding QRadar Apps, Extensions, and Their Deployment

11. Chapter 8: The Insider Threat – Detection and Mitigation

12. Chapter 9: Integrating AI into Threat Management

13. Chapter 10: Re-Designing User Experience

14. Chapter 11: WinCollect – the Agent for Windows

15. Chapter 12: Troubleshooting QRadar

16. Index

Why subscribe?

17. Other Books You May Enjoy

QRadar Use Case Manager app

While working with QRadar, you might have noticed the enormity of data and the number of rules that a QRadar administrator must work with. The sheer number of rules that come out of the box with the system, and the rules added when new apps and extensions are installed, can be overwhelming. On top of that, some organizations need customized alerts for which custom rules must be created. Managing these rules is a challenge. As we learned in earlier chapters, enabling all the rules is counterproductive and will adversely affect QRadar performance. So how do you manage QRadar rules? The QRadar Use Case Manager app is designed to manage QRadar rules and optimize them. We will look at both these functionalities.

Before we discuss this app in detail, let us understand what the MITRE ATT&CK framework is and how it is used by the QRadar Use Case Manager app.

MITRE ATT&CK is a framework designed for security analysts, threat hunters, red/blue teams...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Ashish Kothekar

Ashish Kothekar

Ashish has a total experience of more than 15 years working for IBM on various different platforms. He is currently working as tech evangelist for IBM Security products. He has been instrumental in developing more than 10 IBM certification exams including IBM products like QRadar, Cloud Pak for Security, IBM SiteProtector, IBM XGS, etc. He has worked with multiple customers on deploying and then upgrading IBM security products. He has contributed regularly by writing blogs and giving talks on security products. He has published many redpapers on the integration of security products with IBM Storage solutions like IBM Spectrum scale. These redpapers are now full-fledged solutions that are being sold. He has also cleared two Mandarin language exams and is HSK2 qualified.

See other products by Ashish Kothekar

Ashish M Kothekar

Ashish M Kothekar

Ashish has a total experience of more than 15 years working for IBM on various different platforms. He is currently working as tech evangelist for IBM Security products. He has been instrumental in developing more than 10 IBM certification exams including IBM products like QRadar, Cloud Pak for Security, IBM SiteProtector, IBM XGS, etc. He has worked with multiple customers on deploying and then upgrading IBM security products. He has contributed regularly by writing blogs and giving talks on security products. He has published many redpapers on the integration of security products with IBM Storage solutions like IBM Spectrum scale. These redpapers are now full-fledged solutions that are being sold. He has also cleared two Mandarin language exams and is HSK2 qualified.

See other products by Ashish M Kothekar

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m