infoTECH Feature

April 24, 2015

IBM's QRadar Offers Better Detection of Cyberattacks

With so much of our lives online these days, the ability to protect against cyberattack is as important now as a night watchman was in the days before the Internet. Protecting assets and protecting property against vandalism or destruction were all important tasks, and such tasks now have Internet equivalents. Enter IBM (News - Alert), whose QRadar system now powers analogues to the real-world watchdog, using analytics technology to find potential cyberattacks and prompt reaction.

Available as a cloud-based software-as-a-service (SaaS (News - Alert)) system, the new tools allow companies to prioritize incoming threats and free up the necessary resources to address these threats as they emerge. When coupled with the IBM Security Managed Services system, security professionals get a new level of flexibility as well as expertise on hand to address problems.

IBM QRadar  is now driving the IBM Security Intelligence on Cloud system and the Intelligent Log Management on Cloud system. The Security Intelligence on Cloud system allows the user to draw information from over 500 separate data sources and over 1,500 pre-defined reports to help explain just what's happening to a system and how to address it. Additionally, QRadar is reportedly part of the X-Force Exchange system that allows for a whole new source of information on threats. The Intelligent Log Management on Cloud system, meanwhile, offers the ability to capture logs from any device that's currently in the scope of a security operation. It uses both analytics and what's called a hosted multi-tenant technology in a bid to better spot unusual behavior in the system before it can become a larger problem.

IBM Security's vice president of product management and strategy, Jason Corbin, offered some comment regarding the new tools, saying “Organizations are facing a security data tsunami that can overwhelm even the most sophisticated enterprise's security program. Security leaders are telling us they want increased visibility through the cloud and control throughout their hybrid IT environments. The option of doing predictive analytics via the cloud gives security teams the flexibility to bring in skills, innovation and information on demand across all of their security environments.”

Indeed, Corbin has a real point here; that “data tsunami” is everywhere, and it's not just limited to security data. It's certainly there for security data, however, so keeping an eye on the matter is likely to prove a smart idea. With IBM's managed security services handling over 4,000 clients worldwide, and the 2014 IBM Cyber Index report suggesting that companies are taking on around 91 million potential security events every year, there's a lot going on in this field. Keeping it all straight will only be more difficult without help from things like QRadar.

Only time will tell just how far IBM's new systems can go, but with so much going on and so much at stake, it's clear that security should be a top priority for some time to come. QRadar, meanwhile, may well prove the basis of some of the best tools in the field.  




Edited by Dominick Sorrentino
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers