#QRadar #SIEM #SOC #cybersecurity #socanalyst #blueteam #proxmox #pfsense
Audience: SOC Team
Welcome to Part 1 of our SOC Lab Series. In this series, we are going to simulate a cooperate network as close as possible. Then, we are going to explore SIEM Use Cases, SOAR Playbooks and simulate Attack Scenarios.
In this video, we are going to to install IBM QRadar Community Edition 7.5 with overview for its deployment and architecture. Then, we will integrate pfSense and check its logs on the Log Activity Tab, and finally we will explore a Firewall use case.
Chapters:
00:00 – Agenda
01:10 – Overview of SOC Lab Series
04:34 – Overview of QRadar SIEM
06:37 – Overview of QRadar Deployment
11:25 – Overview of QRadar Architecture
24:10 – Install QRadar SIEM Community Edition 7.5 on Proxmox
34:47 – Configure Firewall Access to QRadar for SOC Team
40:19 – Overview of QRadar GUI (Analyst and Admin)
47:20 – Integrate pfSense to QRadar SIEM
52:37 – Validate pfSense on Log Activity Tab
55:15 – Validate Log Source Parsing Ordering
56:30 – Develop a simple Use Case (Rule) for pfSense
Our Network Topology
To download IBM QRadar Community Edition 7.5
QRadar deployment overview
QRadar architecture overview
Configuring Netgate pfSense to communicate with QRadar
Social
Website:
YouTube:
LinkedIn:
Medium:
⚠️ DISCLAIMER
Kareem Fetiany share technical content that will hopefully be useful to you. However, this content is provided without any warranty (expressed or implied). Kareem Fetiany is not responsible for any damages that may arise from any use of the content and information that’s being provided. The viewer is expected to follow best judgement and to make his/her/their best decisions while working with production or non-production software, systems and hardware.
#QRadar #SIEM #SOC #cybersecurity #socanalyst #blueteam #proxmox #pfsense
[ad_2]
source
