QRadar SIEM Consulting for a South Asian Bank and Governmental Organization
In partnership with a South-Asian system integrator, ScienceSoft embarked on cooperation with two end customers in the same region: a major bank and a governmental organization.
To patch security gaps and master the variety of administrative tools for QRadar deployment, both customers were striving to provide their QRadar administrators and analysts with in-depth QRadar knowledge and skills. With that objective in view, based on the customers’ detailed requirements and the trainees’ SIEM experience, the team of ScienceSoft’s SIEM consultants organized and conducted tailored training sessions: Fundamentals and Advanced Training modules for the bank, and Advanced Training module for the governmental organization.
As a starting point, ScienceSoft’s team of SIEM experts drew up customer-specific agendas for the coming training sessions.
One-day Fundamentals Training module included the following highlights:
- Introduction into IBM Security QRadar SIEM
- Security Data
- QRadar User Interface
- Data Sources
- Advanced Searching
- Rules and Building Blocks
- Advanced Reporting
- Health Monitoring
The Advanced Training module of 4 days, targeted towards more QRadar-savvy specialists, extended the scope of topics and featured:
- Introduction to QRadar Administration Features and Functionality
- Security Events Normalization
- Building LSX (normalization part)
- Building LSX (mapping part)
- Building Blocks (BB) Overview and Specifics. Enabling Custom BB
- Rules Overview
- Creating Rules
- Tuning Rules
- Fine Tuning False Positives
- QRadar Risk Manager
- QRadar Vulnerability Manager
With the training agendas revised and approved, the venues and the necessary infrastructure provided, Sciencesoft’s SIEM professionals took up a thought-through training approach, combining interactive lecturing and mentoring, which enabled the trainees to acquire hands-on QRadar experience. At the end of the training session each participant was awarded the QRadar SIEM Training Certificate.
Having successfully completed QRadar Training course, the customers’ security specialists managed to take their organization’s security to a much higher level ensuring better security protection. Besides, the knowledge and skill base gained during the training session proved to be sufficient for obtaining IBM QRadar Associate Certificate.
Technologies and Tools
IBM® Security QRadar® SIEM