On top of the Jose Bravo videos, IBM themselves also have exte | CISO as a Service

On top of the Jose Bravo videos, IBM themselves also have extensive QRadar guides. They have 108 various videos, labs and challenges here – https://www.securitylearningacademy.com/local/navigator/index.php?level=sisi01.

AZURE SENTINEL
Microsoft Azure Sentinel is the fastest growing SIEM platform in the market. The cloud based SIEM ties in easily with other Microsoft products such as O365 and Azure AD, making it a very attractive proposition. Again, there are a lot of resources to learn the product made either by Microsoft or contributors.
If you need to learn Azure fundamentals first, I recommend following Microsoft’ Azure fundamentals course – https://docs.microsoft.com/en-us/learn/paths/azure-fundamentals/ Understanding Azure and how it works is important before setting up Sentinel. Once you are happy with these fundamentals, move to the next step.
Disclaimer – This is the most difficult SIEM / Lab to set up for a beginner. However, if you have the time and are willing to go through it, it is well worth it.
Next, I would follow this post from Cyb3rWard0g – https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-to-go-part1-a-lab-w-prerecorded-data-amp-a-custom/ba-p/1260191 This guide shows you how to set up an Azure Sentinel Lab and ingest pre recorded data.
Once you have this setup, I recommend looking at this very extensive post from Microsoft trainer Ofer Shezaf – https://techcommunity.microsoft.com/t5/azure-sentinel/become-an-azure-sentinel-ninja-the-complete-level-400-training/ba-p/1246310 This takes you from a high level overview of Azure Sentinel through to advanced topics. Take thing things you learn from this and practice on the lab you have set up.


-آگاهي رساني امنيت سايبري-

Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1401.06.10