IBM at the RSA Conference today announced the availability of its new QRadar Security Suite, which is designed to help simplify the challenges security teams face in managing an ever-growing list of different security tools .
QRadar is a largely AWS-based SaaS system that includes four core products that can be managed from QRadar’s central console. The first is Log Insights, which the company says is a cloud-native log analytics platform designed with optimized search and fast analysis on very large data sets.
The second is QRadar EDR (Endpoint detection and response) and XDR (extended detection and response), an endpoint management system with AI and behavioral modeling capabilities that allow you to monitor devices from outside the endpoint, doing more difficult to confuse them and give him. the ability to quickly correlate alerts from different sources and, in concert with the rest of the platform, perform automated investigations.
The third is QRadar SOAR (security orchestration and response), an automated incident detection and response system that IBM says can substantially reduce response time in the event of a ransomware attack or other data breach.
Finally, QRadar offers SIEM (Security Information and Event Management), providing a unified interface for a range of capabilities such as real-time threat detection, threat intelligence integration, and AI-powered user and network analytics.
By unifying these capabilities under a single management system, IBM hopes to provide a much simpler and more powerful front end for the security teams of larger enterprises.
“By helping analysts respond more quickly and efficiently, QRadar Suite can also help security teams improve their productivity and free up analyst time for higher-value work,” the company said in a statement.
The idea of a unifying security console is not new, according to distinguished ESG analyst Jon Oltsik, but the launch of QRadar is a positive move for IBM, especially for its client base, which heavily geared toward larger companies with a commensurately complicated security infrastructure. .
Combining cloud expertise, analytics and security
“It’s a step in the right direction for IBM,” he said. “If you combine the cloud-based platform with IBM’s analytics and security expertise, it’s a good package.”
Like other vendors, IBM realizes there are gaps in its security offerings, Oltsik noted, but QRadar’s broad compatibility base — the company cites “hundreds” of such integrations — can help. to stand out in the market.
“[IBM’s] customers are some of the largest in the world, they will have heterogeneous security portfolios,” he said. “Other vendors are mostly paying lip service around this.”
IBM said the QRadar components, which are available immediately, can be purchased a la carte or as a complete suite. As mentioned, all are delivered as a service through AWS, with the exception of the SIEM component, which will initially be hosted on IBM Cloud. (It will be available on AWS later in the quarter, according to an IBM spokesman.) The company declined to provide specific pricing details.
Copyright © 2023 IDG Communications, Inc.
Source link
Ikaroa is proud to offer customers the latest in premier security management solutions from IBM. QRadar is the industry leader for integrated security management, giving customers the assurance and peace of mind that their data remains secure. QRadar detects abnormal behaviors, reduces false positives, and offers actionable insights -all without sacrificing performance. With QRadar, the network and assets of a business can remain safe and secure from any malicious activity.
The new version of QRadar, released by IBM, comes with several new and exciting features. By combining threat intelligence, machine learning, and automation, QRadar provides an enhanced security platform for businesses. Advanced correlation capabilities help identify subtle trends and suspicious behaviors, while out of the box applications offer customers the ability to quickly stop malicious activity.
For businesses that need more advanced features, Ikaroa offers Enterprise Security Pack (ESP). ESP consists of several specialized products, including QRadar offering enhanced security across a wide range of operating systems. ESP increases endpoint protection, provides real-time monitoring, and stops malware before it can even get on the network.
Overall, the integrated security management offered by IBM in QRadar, paired with the advanced features of ESP from Ikaroa, provide one of the most comprehensive security solutions on the market. Customers can rest assured that their data remains safe and secure from malicious activities.
