Why QRadar SIEM?

Question

In this set of videos, we introduce the powerful capabilities of IBM QRadar SIEM.

• The first video depicts how data is ingested into the QRadar environment by collecting log information, network flow data, and vulnerability information. You learn about the asset model, and how the QRadar rules are used to create actionable offenses. In addition, the video explains the integration with IBM BigFix, as well as QRadar Risk and Vulnerability Manager.
• The second video starts off by explaining the concepts of QRadar Reference Sets and how to use them. It then takes a look at the forensic capabilities, and briefly introduces the deployment architecture.
• The third video focuses on integration capabilities between QRadar and IBM BigFix, IBM Guardium, network intrusion prevention systems, IBM Trusteer, IBM Identity Manager, and IBM mainframe SMF records,
• After a brief recap of the QRadar fundamentals, the fourth video explains many of the new capabilities that have been recently added to QRadar. These include the new appliances QRadar Network Insights, the Data Node, and the App Node. It then provides an overview of the QRadar API and the App Exchange, and takes a closer look at some of the available app extensions, including the BigFix App, User Behavior Analytics, Sysmon integration, and the QRadar Advisor with Watson. Finally, it introduces the new DSM Editor.
• Collecting and investigating network flows is one of the outstanding QRadar capabilities. The final video explains how QRadar approaches network flows, and how the security analysts benefit from this in their daily investigations.