Scribd Logo
Upload

Welcome to Scribd!

  • Qradar Soar Pot / Partner Day Session: Dates

    Uploaded by

    Munaam Tariq
    3 views3 pages

    Original Title

    QRadar SOAR POT Agenda

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views3 pages

    Qradar Soar Pot / Partner Day Session: Dates

    Uploaded by

    Munaam Tariq

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    QRadar SOAR POT / Partner Day Session

    Dates
    AMA session dates August 22-26 2022, Starting at 9:30 AM (EST/GMT-4) until 1:00 PM (EST/GMT-4)
    EMEA & APAC session dates Aug. 29 – Sept. 2nd 2022, Starting at 8:30 AM (CEST) until 12:00 PM (CEST)

    Description
    Please join our Proof of Technology event for IBM Customers and Business Partners and IBMers with a need to
    become more familiar with QRadar SOAR (Resilient). During this workshop, you can learn best practices and
    trends about Security Incident Response using QRadar, you will be able to network with your industry peers and
    participate in different hands-on LAB Exercises.
    This 5 half-day workshop will be delivered in English

    Agenda
    Half-day 1 & 2: UI – Rules – Customization – email Collection
    • Introduction to the IR problem
    • Marketing and product placement
    • Architecture overview and installation options
    • Resilient Platform Overview (Demo)
    • Lab 1: Prepare the environment
    • Lab 2: Incident Creation & Editing
    • Lab 3: Working with the Privacy Module and Breach
    • Lab 4: Reports & Dashboards
    • Lab 5: Field & Tab Customization
    • Lab 6: Incident Types, Phases, and Tasks
    • Lab 7: Scripts
    • Lab 8: Rules
    • Lab 9: Additional script and rule
    • Lab 10: Inbound Email
    Half-day 3 & 4: Playbooks – Integration Server – AppHost
    • Review last labs & Feedback
    • Lab 11: Playbooks
    • Lab 12: Install the Integration Server
    • Lab 13: Install app from App Exchange
    • Lab 14: Creating your own function
    • Lab 15: Installing QRadar SOAR Circuits as a Service
    • Lab 16: install the apphost package
    • Lab 17: install your first app
    • Lab 18: Install fn_utilities app
    • Lab 19: Create new Custom Palybook that uses our Shell Command Function
    • Lab 20: Install nmap in AppHost and remote control to VM
    • Lab 21: Install the Components File for App Host
    Half-day 5: Link your QRadar to SOAR (QRadar Labs are provided to BPs and IBMers only)
    • Review last labs & Feedback
    • Lab 22: Reserve a QRadar for demo on TechZone, or use your own QRadar Lab (NOT PROD)
    • Lab 23: Configure your QRadar to send Alerts to SOAR
    • Lab 24: Configure your SOAR to Query QRadar with 2 apps
    • Lab 25: Create offense and see them in SOAR

    Location: Webex – link given on the invitation


    Registration: Click on the link of the offered sessions BELOW
    AMA session dates August 22-26 2022, Starting at 9:30 AM (EST/GMT-4) until 1:00 PM (EST/GMT-4)
    EMEA & APAC session dates August 29 - September 2 2022, Starting at 8:30 AM (CEST) until 12:00 PM
    (CEST)

    QRADAR SOAR TRAINING

    Labs plan
    Lab 1 : Prepare the environment Lab 11 : Playbooks
    Lab 2 : Incident Creation & Editing Lab 12 : Install the Integration Server
    Lab 3 : Working with the Privacy Module Lab 13 : Install app from App Exchange
    and Breach Lab 14 : Creating your own function
    Lab 4 : Reports & Dashboards Lab 15 : Installing QRadar SOAR Circuits as a Service
    Lab 5 : Field & Tab Customization Lab 16 : install the apphost package
    Lab 6 : Incident Types, Phases, and Tasks Lab 17 : install your first app
    Lab 7 : Scripts Lab 18 : Install fn_utilities app
    Lab 8 : Rules Lab 19 : Create new Custom Palybook that uses our
    Lab 9 : Additional script and rule Shell Command Function
    Lab 10 : Inbound Email Lab 20 : Install nmap in AppHost and remote control to VM
    Lab 21 : Install the Components File for App Host

    Specific last half day for Partners & IBMers: Link your QRadar to SOAR
    Lab 22 : Reserve a QRadar for demo on TechZone – Must Have a Partner IBMiD or be IBMers for the Labs
    Lab 23 : Configure your QRadar to send Alerts to SOAR
    Lab 24 : Configure your SOAR to Query QRadar with 2 apps
    Lab 25 : Create offense and see them in SOAR

    This agenda may change depending on sessions.


    QRADAR SOAR TRAINING Day 3:

    CEST Agenda 8h30 – 10:00 Playbook Design – Lab 11


    10:00 – 10:15 Break

    EMEA & APAC 10:15 – 12:00 Labs 12-13-14-15 + Q&A

    Day 1: Day 4:
    8h30 – 10:00 SOAR presentation and 8h30 – 10:00 Labs 16-17-18-19
    positioning – Demo of a successful 10:00 – 10:15 Break
    automated playbook
    10:15 – 12:00 20-21-22 + Q&A
    10:00 – 10:15 Break
    10:15 – 12:00 Labs 1-2-3-4 + Q&A

    Day 5:
    Day 2:
    8h30 – 10:00 Labs 22-23
    8h30 – 10:00 Labs 5-6-7-8
    10:00 – 10:15 Break
    10:00 – 10:15 Break
    10:15 – 12:00 23-24 + Q&A
    10:15 – 12:00 Labs 9-10 + Q&A

    QRADAR SOAR TRAINING Day 3:

    EST Agenda 9h30 – 11:00 Playbook Design – Lab 11


    11:00 – 11:15 Break

    US & CANADA 11:15 – 13:00 Labs 12-13-14-15 + Q&A

    Day 1: Day 4:
    9h30 – 11:00 SOAR presentation and 9h30 – 11:00 Labs 16-17-18-19
    positioning – Demo of a successful 11:00 – 11:15 Break
    automated playbook
    11:15 – 13:00 Labs 20-21-22 + Q&A
    11:00 – 11:15 Break
    11:15 – 13:00 Labs 1-2-3-4 + Q&A

    Day 5:
    Day 2:
    9h30 – 11:00 Labs 22-23
    9h30 – 11:00 Labs 5-6-7-8
    11:00 – 11:15 Break
    11:00 – 11:15 Break
    11:15 – 13:00 Labs 23-24 + Q&A
    11:15 – 13:00 Labs 9-10 + Q&A

    You might also like