IBM Security Master Skills University

May 13-17, 2019

Orlando, FL

IBM QRadar Advanced

The QRadar Advanced track at Master Skills University offers experienced QRadar users a one-of-a-kind opportunity to learn from the teams who build, deploy, and support QRadar every day. This week-long deep-dive education experience includes the latest product updates, hands-on labs, interactive discussions on best practices and advanced workflows, and more. Based on feedback from clients like you, this track features a main-tent session in the morning, then offers your choice of two breakout sessions in the afternoons, enabling you to go to sessions on the topics you value most. Join us to advance your QRadar skills even further and gain the insights you need to achieve your 2019 security operations goals.

Who Should Attend

The QRadar Advanced track at Master Skills University is designed for experienced QRadar security professionals (e.g. analysts, admins, architects, engineers) who have used QRadar for at least three years, who may have attended other classes (101 & 102) and are ready for more advanced training. New for 2019, we also offer a QRadar Basic track designed for those who are newer to QRadar and require more foundational training. Learn more about the QRadar Basic track here.

System Requirements

To participate in lab exercises, you will need to bring a standard Win/MAC laptop with minimum 16GB Ram and minimum 200GB internal HDD storage or external HDD (SSD preferred) and ability to connect to wifi.


    Main-tent topics:
  • Roadmap and beyond
  • Architecture – Event Pipeline
  • Data Ingestion
  • Rule and Use Case Implementation and Tuning
  • Getting Support and Advanced Troubleshooting
    Breakout topics:
  • AppExchange, including Developing
  • QRadar Advisor with Watson, Cognitive
  • User Behavior Analytics (UBA) and LDAP App Deep Dive
  • Searching, Reporting, Filtering, Performance, and Health (AQL, Reference Data, etc.)
  • Ingestion, Integrations (DSM) Roadmap and Q&A
  • Effective Network Monitoring and Forensics
  • Multi-Tenancy, Domains, and Role-Based Access Controls
  • QRadar Best Practices and Integration
  • Windows Log Collection (WinCollect, etc.)
  • Resiliency (HA/DR Best Practices, etc.)
  • QRoC – Cloud Architecture, SaaS, Monitoring and Integrations
  • Effective SOC Integrations/Visualization
  • Solve Your Own Support Case/Deployment Troubleshooting
  • Open Lab Sessions, Use Cases, and New Product Showcases