QRadar: Creating Searches, Rules and Offenses using Categories

preview_player
Показать описание
QRadar taxonomy simplify the process of creating searches and rules because you do not have to necessarily actually see the actual event to create the search or the rule. The Taxonomy has been created so well that it covers a great variety of events.
A file with the links to all my recent videos can be found here:
  1. Jose Bravo
  2. rule
  3. qradar
  4. qid
  5. category
  6. high level category
Рекомендации по теме
QRadar: Creating Searches, 0:16:15

QRadar: Creating Searches, Rules and Offenses using Categories

QRadar Searches in 0:06:13

QRadar Searches in Six Minutes

QRadar: Creating your 0:08:59

QRadar: Creating your first search

QRadar CE 733 0:12:42

QRadar CE 733 Intro to Rules Offense and Searches

Searches in Qradar 0:05:22

Searches in Qradar

QRadar: How to 0:09:06

QRadar: How to search offenses

How to easily 0:04:28

How to easily search for additional QRadar Rules

Rule creation, use 0:14:10

Rule creation, use case creation Basic in Qradar SIEM

QRadar: All about 0:22:50

QRadar: All about QRadar Rules - Part 1

QRadar: How to 0:05:41

QRadar: How to use search filters

QRadar Search Tutorial 0:10:46

QRadar Search Tutorial

Detecting Anomalies with 0:04:42

Detecting Anomalies with Qradar

Advanced Searches in 0:11:01

Advanced Searches in QRadar. Part 1: Introduction

Searching in QRadar 0:11:52

Searching in QRadar Part One: Ariel Searches

QRadar Creating a 0:08:58

QRadar Creating a rule that fires with internal communication to C&C or bad site

Creating behavior, anomaly 0:02:45

Creating behavior, anomaly and threshold rules in QRadar

QRadar CE -Advanced 0:04:01

QRadar CE -Advanced Searches

Advanced Searches in 0:03:37

Advanced Searches in QRadar Part 4 Creating reports with application names and user names

QRadar: Performing AQL 0:12:07

QRadar: Performing AQL searches Part 1

Qradar Filters and 0:11:28

Qradar Filters and Searches

QRadar: Rules, Offenses 0:33:41

QRadar: Rules, Offenses and Searches - Best Practices

QRadar detecting Phishing 0:05:10

QRadar detecting Phishing and Ransomware

QRadar Why isn't 0:08:03

QRadar Why isn't my rule firing? Part 1. How to collect & replay logs

What Makes Qradar 0:16:35

What Makes Qradar so Special 2020 Part One

Комментарии
Автор

Just to let you know, you're the best Qradar teacher in Youtube! :)

JB-rzqe
Автор

Excellent, I am from Brazil!, Thanks

studiodesign
Автор

Great video! As far as you know, is it possible to create an offense through script with APIs? Or generate a log event and configure a rule to generate an offense when that event is created?

danieleargento