8 The Insider Threat – Detection and Mitigation

From this chapter onward, we will look in detail at the practical application of what we learned in the last seven chapters. QRadar provides a provision wherein Docker-like applications can be installed, called QRadar apps. These apps vary in nature depending on what type of data they consume and how they use this data to provide value to customers. One such app that we will discuss in detail is User Behavior Analytics, also known as UBA.

When thinking about securing an organization, we usually think of the threat actors that come into play. Mostly, we think of securing our organization from outside threats by using firewalls, intrusion prevention systems, honeypots, and so on. If we look at the ...

Get Building a Next-Gen SOC with IBM QRadar now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building a Next-Gen SOC with IBM QRadar by Ashish M Kothekar, Sandeep Patil

8

The Insider Threat – Detection and Mitigation

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly