Qradar101

Qradar101 is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: QRadar, Execution, Persistence, Privilege Escalation, Defense Evasion, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration.

Learning Objectives

Analyze diverse log sources in QRadar SIEM to identify compromised systems, detect malicious tools, and reconstruct the sequence of attack events.

Categories: Threat Hunting.

MITRE ATT&CK Tactics: Execution, Persistence, Privilege Escalation, Defense Evasion, Discovery, Lateral Movement, Collection, Command and Control, Exfiltration.

Tools: QRadar.

Difficulty: medium.