WORKSHOP – EMPIRE MEDIA PARTNERS
Power-Up QRadar with
Red Hat Ansible Security Automation Platform
Learn how Ansible enables security teams to automate
key IBM QRadar operational tasks for an orchestrated
and effective cyber defense.
November 18, 1 PM CST
ABOUT EMPIRE MEDIA PARTNERS
We are IT Professionals who have spent our entire careers working with Industry Leaders and Influencers. We bring experience, acumen and foresight to your IT Operation. Our services include IT Infrastructure, Cloud, Data and AI, and Security.
Virtual Workshop Details:
Date: November 18, 2021
Time: 1:00 – 5:00 p.m. CST
About the Workshop
Ansible is a simple, yet powerful, IT automation engine for application deployment, configuration management, and orchestration that you and your team can quickly implement. Ansible Security Automation is Red Hat’s expansion deeper into business-ready security solutions. Our goal is to provide a more efficient, streamlined way for security teams to automate their security processes in response to threats across the organization.
In this workshop, you will learn how you can use Ansible to orchestrate security investigation and response activities involving multiple security tools: enterprise firewalls, intrusion detection systems, and SIEMs such as IBM QRadar. More specifically, your security teams will be able to know how to automate key QRadar operational tasks through Ansible workflows that support incident response, forensics, and regulatory compliance.
Who can Benefit?
DevOps engineers, operations engineers, systems engineers, release engineers, system administrators, developers, operations staff, network engineers, security professionals and anyone interested in IT automation.
- Introduction to Ansible Security Automation.
- How Ansible works for Security Automation.
- Understanding Modules, Tasks and Playbooks.
- Using Ansible with Various security tools such as, SIEM:QRadar/Splunk, IDS:Snort, Firewall: Check Point NGFW
- Demos and Lab Exercises: Ansible Tower and Qradar specific use cases: Add DNS attacks, CheckPoint configuration, Adding new attack rules in QRadar, Executing playbooks to blacklist attacks.
Please contact Thomas Lynch at email@example.com