IBM Qradar SIEM Fundamentals Full Course
4.3 (4 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
26 students enrolled
Wishlisted Wishlist

Please confirm that you want to add IBM Qradar SIEM Fundamentals Full Course to your Wishlist.

Add to Wishlist

IBM Qradar SIEM Fundamentals Full Course

Learn IBM Qradar SIEM Architecture, Modules, Licensing and Processes
4.3 (4 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
26 students enrolled
Created by Roland Costea
Last updated 8/2017
Current price: $40 Original price: $160 Discount: 75% off
5 hours left at this price!
30-Day Money-Back Guarantee
  • 4 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Understand IBM Qradar SIEM modules
  • Understand IBM Qradar SIEM architecture
  • Understand IBM Qradar SIEM Processes
  • Understand IBM Qradar SIEM Offense and Correlation Engine
  • Understand IBM Qradar SIEM Licensing
View Curriculum
  • Basic IT Infrastructure
  • Basic Windows/Linux OS
  • IT Security fundamentals
  • TCP/IP Networking

Learn what type of intelligence you can get, how collection, normalization and correlation work and what does IBM Qradar SIEM mean through VISIBILITY.

Understand all IBM Qradar modules and how they integrate and BOOST your Security CAREER!!!

  • IBM Qradar Security Information and Event Management (SIEM)
  • IBM Qradar Vulnerability Manager
  • IBM Qradar Risk Manager
  • IBM Qradar Incident Forensics
  • The goal of this course is to show you the secrets behind IBM Qradar SIEM platform
  • This is an incredible course that bundles all you have to know in the proper order, making it easier for somebody with no knowledge to understand.
  • 55+ lectures and 6+ hours of content
  • Included my own opinions and customer experience
  • Create a differentiator in your company by knowing no.1 platform every security analyst would like to know, IBM Qradar SIEM
  • Boost your career and search for the companies willing to pay high amount of money for this type of knowledge

IBM Security QRadar SIEM provides deep visibility into network, user, and application activity. It provides collection, normalization, correlation, and the secure storage of events, flows, assets, topologies, and vulnerabilities. IBM QRadar SIEM classifies suspected attacks and policy breaches as offenses.

Contents and Overview

This is a comprehensive technical course that will guide you through the strategy of IBM security, basics and more advanced architecture concepts of all IBM Qradar modules and also licensing. The course will focus on theory, and represents the 1st in a series of IBM Qradar trainings I will develop based on your feedback.

You need to understand all these theory and concepts before start using the product. The 2nd training will be focused on hands-on activities.

Who is the target audience?
  • security administrators
  • security analysts
  • security enthusiasts
  • chief security officer
  • security engineer
Students Who Viewed This Course Also Viewed
Curriculum For This Course
54 Lectures
9 Lectures 42:24

Learn about cybersecurity in the market nowadays

Preview 04:44

Learn what exactly is a SIEM and what companies are using it for

What is a SIEM?

Learn what is security intelligence and how it can fit your organization's picture

What type of intelligence do I need?

Learn what you will not be able to do with a SIEM tool

Preview 02:37

Learn what questions you need to ask in order to size correctly and define the need

Preview 04:52

Learn about integration and automation processes and how they relate one to each other

Integration and Automation

Learn what happens after an attack and why incident response in cybersecurity is so important

What happens after an attack

Learn abou IBM Resilient for Incident Response

IBM Resilient acquisition

Learn about Watson and how can be used in cybersecurity

Watson in Security
Security Information & Event Management (SIEM)
19 Lectures 01:36:27

Learn why IBM Qradar SIEM is no.1 in gartner in the last 6 years

Why IBM is no.1?

Learn about IBM Qradar SIEM Processes

IBM Qradar SIEM Processes

Learn about IBM Qradar SIEM Offense Engine

Preview 05:10

Learn about IBM Qradar SIEM architecture and components

IBM Qradar SIEM Architecture

Learn about IBM Qradar SIEM licensing and how to build a configuration

IBM Qradar SIEM Licensing

Learn about IBM Qradar SIEMs DSMs and how to use them correctly

Preview 05:04

Learn about IBM Qradar SIEM burst strategy

IBM Qradar SIEM Burst Strategy

Learn about IBM Qradar SIEM users

Managing Users

Learn about IBM Qradar SIEM HA and DR processes and the difference between them from IBM perspective

High Availability & Disaster Recovery

Learn about IBM Qradar SIEM data

Managing Data

Learn about IBM Qradar SIEM rules

IBM Qradar SIEM Rules

Learn about IBM Qradar SIEM searches

IBM Qradar SIEM Searches

Learn about IBM Qradar SIEM custom DSMs

Unsupported log sources - Custom DSMs

Learn about IBM Qradar SIEM reports

IBM Qradar SIEM Reports

Learn about IBM Qradar SIEM asset profiles

Asset Profiles

Learn about IBM Qradar SIEM storage and data node

Storage and Data Node

Learn about IBM Qradar SIEM Qflow component

What is Qflow?

Learn about IBM Qradar SIEM historical correlation

IBM Qradar SIEM Historical Correlation

Learn about IBM Qradar SIEM multitenancy

IBM Qradar SIEM Multitenancy
Fine Tuning
6 Lectures 30:18

Learn about IBM Qradar SIEM network hierarchy

Preview 06:12

Learn about IBM Qradar SIEM data retention

Data Retention

Learn about IBM Qradar SIEM extract property feature

Extract Property Option

Learn about IBM Qradar SIEM false positives

Managing False Positives

Learn about IBM Qradar SIEM rules: CRE vs ADE

CRE vs ADE rules

Learn about IBM Qradar SIEM reference sets and maps

Qradar Reference sets and maps
IBM Qradar Vulnerability Manager (QVM)
5 Lectures 20:56

Learn about IBM Qradar QVM

IBM Qradar Vulnerability Manager Processes

Learn about IBM Qradar QVM unique value

IBM Qradar QVM unique integrated solution

Learn about IBM Qradar QVM scanner

How the scanner works

Learn about IBM Qradar QVM filters

QVM Filters

Learn about IBM Qradar QVM and BigFix integration

QVM Bigfix integration
IBM Qradar Risk Manager (QRM)
8 Lectures 30:48

Learn about IBM Qradar QRM configuration errors

Configuration Errors

Learn about IBM Qradar QRM architecture and licensing

QRM Architecture & Licensing

Learn about IBM Qradar QRM topology view

Preview 02:43

Learn about IBM Qradar QRM configuration monitor

Configuration Monitor

Learn about IBM Qradar QRM device discovery

Device Discovery

Learn about IBM Qradar QRM threat modelling and simulation

Threat Modeling and Simulation

Learn about IBM Qradar QRM topology changes

Modeling Topology Changes

Learn about IBM Qradar QRM vulnerability and CIS benchmark

Vulnerability & CIS Benchmark Assessment
IBM Qradar Incident Forensics (QRIF)
7 Lectures 28:56

Learn about challenges of incident forensics


Learn about network forensics concepts

Network Forensics

Learn about IBM Qradar QRIF architecture

QRIF Architecture

Learn about IBM Qradar storage and data exports needs

Preview 03:05

Learn about QRIF nomenclature

Nomenclature of QRIF

Learn about IBM Qradar QRMIF case management features

Case Management

Learn about IBM Qradar QRIF surveyor and digital impression

Surveyor and Digital Impression

end quiz

End Quiz
5 questions
About the Instructor
Roland Costea
4.5 Average rating
15 Reviews
101 Students
4 Courses
Security Architect & Trainer

Highly motivated professional with working experience in IT Information Security Solutions evolving from technical engineer to customer oriented positions as presales/solution/enterprise architect and Information Security Leader, at big companies (> 500) in Central and Eastern Europe (Accenture, Star Storage, Teamnet WPS, IBM, Genpact). Result-oriented individual strongly focused on costumers, trying to offer the best solution based on their needs, capable of implementing complex projects under time pressure, while securing full commitment from key stakeholders.

Working as Technical Architect/Lead for IBM in the last 3 years (SEE – South East Europe region), trying Part of IBM Software Sales group and responsible for IBM Security sales productivity and deal flow by securing the “technical close”. Duties include deep understand in the Security and Cyber client needs and combines leadership skills and technical skills and requires close work with the management team to define scope and timeline and applicability meeting the business goals of the group.

Qradar is my main focus of expertise, being also a successful trainer for clients and partners in my region.

Certifications: CISSP, CISM, CRISC, TOGAF, ITIL-F, LPT, ECSA, CEH, CCNP, CCSP, CCDP, ISO 20000 Lead Auditor, ISO 27001 Lead Auditor,  IBM Security QRadar SIEM Certified.