Submit Search
Upload
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
•
Download as PPTX, PDF
•
3 likes
•
2,323 views
Francisco González Jiménez
Follow
1 - Today's challenges. 2- IBM Security Intelligent strategy 3- IBM Security Q-Radar
Read less
Read more
Technology
Report
Share
Report
Share
1 of 40
Download now
Recommended
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
IBM Security
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat
IBM Security
IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
Qradar Business Case
Qradar Business Case
Enterprise Technology Management (ETM)
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
Arrow ECS UK
IBM Security Immune System
IBM Security Immune System
Juan Pablo Coelho
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
Recommended
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
IBM Security
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat
IBM Security
IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
Qradar Business Case
Qradar Business Case
Enterprise Technology Management (ETM)
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
Arrow ECS UK
IBM Security Immune System
IBM Security Immune System
Juan Pablo Coelho
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
IBM Qradar
IBM Qradar
Coenraad Smith
IBM Security QFlow & Vflow
IBM Security QFlow & Vflow
Camilo Fandiño Gómez
IBM Qradar-Advisor
IBM Qradar-Advisor
Luigi Perrone
IBM Security Intelligence
IBM Security Intelligence
Anna Landolfi
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
IBM QRadar UBA
IBM QRadar UBA
IBM Security
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
Camilo Fandiño Gómez
Smart security solutions for SMBs
Smart security solutions for SMBs
Jyothi Satyanathan
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Andris Soroka
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
IBM Security
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
Thierry Matusiak
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
IBM Security Strategy
IBM Security Strategy
Camilo Fandiño Gómez
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
Ibm security products portfolio
Ibm security products portfolio
Patrick Bouillaud
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
Francisco González Jiménez
IBM Security Software Solutions
IBM Security Software Solutions
Thierry Matusiak
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
Avishek Priyadarshi
Cyber threats
Cyber threats
Sonia Baratas Alves
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
FMA Summits
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
More Related Content
What's hot
IBM Qradar
IBM Qradar
Coenraad Smith
IBM Security QFlow & Vflow
IBM Security QFlow & Vflow
Camilo Fandiño Gómez
IBM Qradar-Advisor
IBM Qradar-Advisor
Luigi Perrone
IBM Security Intelligence
IBM Security Intelligence
Anna Landolfi
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
IBM QRadar UBA
IBM QRadar UBA
IBM Security
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
Camilo Fandiño Gómez
Smart security solutions for SMBs
Smart security solutions for SMBs
Jyothi Satyanathan
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Andris Soroka
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
IBM Security
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
Thierry Matusiak
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
IBM Security Strategy
IBM Security Strategy
Camilo Fandiño Gómez
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
Ibm security products portfolio
Ibm security products portfolio
Patrick Bouillaud
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
Francisco González Jiménez
IBM Security Software Solutions
IBM Security Software Solutions
Thierry Matusiak
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
Avishek Priyadarshi
Cyber threats
Cyber threats
Sonia Baratas Alves
What's hot
(20)
IBM Qradar
IBM Qradar
IBM Security QFlow & Vflow
IBM Security QFlow & Vflow
IBM Qradar-Advisor
IBM Qradar-Advisor
IBM Security Intelligence
IBM Security Intelligence
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
IBM QRadar UBA
IBM QRadar UBA
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
Smart security solutions for SMBs
Smart security solutions for SMBs
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
IBM Security Strategy
IBM Security Strategy
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Ibm security products portfolio
Ibm security products portfolio
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
IBM Security Software Solutions
IBM Security Software Solutions
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
Cyber threats
Cyber threats
Similar to 5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
FMA Summits
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
IBM Security Strategy Overview
IBM Security Strategy Overview
xband
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
SPI Conference
IBM Qradar & resilient
IBM Qradar & resilient
Prime Infoserv
Information Risk and Protection
Information Risk and Protection
xband
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
sucesuminas
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
Shwetank Jayaswal
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
Introduction to QRadar
Introduction to QRadar
PencilData
Enterprise under attack dealing with security threats and compliance
Enterprise under attack dealing with security threats and compliance
SPAN Infotech (India) Pvt Ltd
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
Francisco González Jiménez
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security
Force 3 Software Practice Overview
Force 3 Software Practice Overview
Force 3
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
IBM Security
IBM - IAM Security and Trends
IBM - IAM Security and Trends
IBM Sverige
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
Santiago Cavanna
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
Fernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMES
Fernando M. Imperiale
IBM - Security Intelligence para PYMES
IBM - Security Intelligence para PYMES
Fernando M. Imperiale
Similar to 5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
(20)
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
IBM Security Strategy Overview
IBM Security Strategy Overview
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
IBM Qradar & resilient
IBM Qradar & resilient
Information Risk and Protection
Information Risk and Protection
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Introduction to QRadar
Introduction to QRadar
Enterprise under attack dealing with security threats and compliance
Enterprise under attack dealing with security threats and compliance
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Force 3 Software Practice Overview
Force 3 Software Practice Overview
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
IBM - IAM Security and Trends
IBM - IAM Security and Trends
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Fernando Imperiale - Security Intelligence para PYMES
Fernando Imperiale - Security Intelligence para PYMES
IBM - Security Intelligence para PYMES
IBM - Security Intelligence para PYMES
More from Francisco González Jiménez
LinkedIn Executive Playbook
LinkedIn Executive Playbook
Francisco González Jiménez
New IBM Mainframe 2016 - Z13
New IBM Mainframe 2016 - Z13
Francisco González Jiménez
IBM - 2016 - guide to consumer products
IBM - 2016 - guide to consumer products
Francisco González Jiménez
IBM - 2016 - Retail Industry Solutions Guide
IBM - 2016 - Retail Industry Solutions Guide
Francisco González Jiménez
IBM - 2016 - Guide to Consumer Products
IBM - 2016 - Guide to Consumer Products
Francisco González Jiménez
Cognitive analytics: What's coming in 2016?
Cognitive analytics: What's coming in 2016?
Francisco González Jiménez
IBM - Warranty service upgrade
IBM - Warranty service upgrade
Francisco González Jiménez
IBM 2016 - Six reasons to upgrade your database
IBM 2016 - Six reasons to upgrade your database
Francisco González Jiménez
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
Francisco González Jiménez
IBM Spectrum - La clave para liberar todo el poder de sus datos
IBM Spectrum - La clave para liberar todo el poder de sus datos
Francisco González Jiménez
Ovum Decision Matrix
Ovum Decision Matrix
Francisco González Jiménez
IBM - Cognitive Computing in Insurance
IBM - Cognitive Computing in Insurance
Francisco González Jiménez
IBM - Tiempo es dinero
IBM - Tiempo es dinero
Francisco González Jiménez
IBM - Introduction to Cloudant
IBM - Introduction to Cloudant
Francisco González Jiménez
Bluemix - Overview & Benefits
Bluemix - Overview & Benefits
Francisco González Jiménez
IBM Watson
IBM Watson
Francisco González Jiménez
IBM Sametime 9 Complete - Basic Features Installation
IBM Sametime 9 Complete - Basic Features Installation
Francisco González Jiménez
IBM Subscription and Support - English
IBM Subscription and Support - English
Francisco González Jiménez
IBM Cloud Security Enforcer
IBM Cloud Security Enforcer
Francisco González Jiménez
IBM - Subscription and Support - Spanish
IBM - Subscription and Support - Spanish
Francisco González Jiménez
More from Francisco González Jiménez
(20)
LinkedIn Executive Playbook
LinkedIn Executive Playbook
New IBM Mainframe 2016 - Z13
New IBM Mainframe 2016 - Z13
IBM - 2016 - guide to consumer products
IBM - 2016 - guide to consumer products
IBM - 2016 - Retail Industry Solutions Guide
IBM - 2016 - Retail Industry Solutions Guide
IBM - 2016 - Guide to Consumer Products
IBM - 2016 - Guide to Consumer Products
Cognitive analytics: What's coming in 2016?
Cognitive analytics: What's coming in 2016?
IBM - Warranty service upgrade
IBM - Warranty service upgrade
IBM 2016 - Six reasons to upgrade your database
IBM 2016 - Six reasons to upgrade your database
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
IBM Spectrum - La clave para liberar todo el poder de sus datos
IBM Spectrum - La clave para liberar todo el poder de sus datos
Ovum Decision Matrix
Ovum Decision Matrix
IBM - Cognitive Computing in Insurance
IBM - Cognitive Computing in Insurance
IBM - Tiempo es dinero
IBM - Tiempo es dinero
IBM - Introduction to Cloudant
IBM - Introduction to Cloudant
Bluemix - Overview & Benefits
Bluemix - Overview & Benefits
IBM Watson
IBM Watson
IBM Sametime 9 Complete - Basic Features Installation
IBM Sametime 9 Complete - Basic Features Installation
IBM Subscription and Support - English
IBM Subscription and Support - English
IBM Cloud Security Enforcer
IBM Cloud Security Enforcer
IBM - Subscription and Support - Spanish
IBM - Subscription and Support - Spanish
Recently uploaded
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Neo4j
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Anna Loughnan Colquhoun
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
Recently uploaded
(20)
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
1.
© 2015 IBM
Corporation Mark Ehr IBM Security 5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
2.
2© 2015 IBM
Corporation About Mark Ehr Mark Ehr (pronounced ‘air’); Colorado native, based in Denver 33 years industry experience, 15 years in security; United 1M+ mile flyer; visited 27 countries and 48 States Joined IBM via BigFix in 2010; moved to QRadar shortly after Q1 Labs acquisition in 2011 3 years as QRadar Product Manager; today I lead sales enablement for Security Intelligence (QRadar) During my tenure as a QRadar PM, managed QRadar Vulnerability Manager and QRadar Risk Manager, plus BigFix integration
3.
3© 2015 IBM
Corporation Agenda Today’s challenges, aka what keeps us up at night! IBM Internal 1 IBM Security Intelligence strategy 2 IBM Security QRadar 7.2.6, aka the 5 10+ ways… 3 4 Q&A
4.
© 2015 IBM
Corporation What keeps us up at night? Plenty.
5.
5© 2015 IBM
Corporation Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015 Attack types 2012 40% increase 2013 800,000,000+ records 2014 Unprecedented impact XSS SQLiMisconfig. Watering Hole Brute Force Physical Access Heartbleed Phishing DDoS Malware Undisclosed Attackers break through conventional safeguards every day V2015-07-30 $6.5Maverage cost of a U.S. data breachaverage time to detect APTs 256 days Source: 2015 Cost of Data Breach Study, Ponemon Institute
6.
6© 2015 IBM
Corporation New technologies introduce new risks… V2015-04-24 of security leaders expect a major cloud provider to suffer a significant security breach in the future 44% 33% of organizations don’t test their mobile apps of enterprises have difficulty finding the security skills they need Source: Enterprise Information Security in Transition, 2012 ESG Technology Brief 85 security tools from 45 vendors Source: IBM Client Example … and traditional security practices are unsustainable 83% Source: November 2014, “Security for the Cloud and on the Cloud”, Security Intelligence.com
7.
7© 2015 IBM
Corporation Today’s challenges Escalating Attacks Increasing Complexity Resource Constraints • Increasingly sophisticated attack methods • Disappearing perimeters • Accelerating security breaches • Constantly changing infrastructure • Too many products from multiple vendors; costly to configure and manage • Inadequate and ineffective tools • Struggling security teams • Too much data with limited manpower and skills to manage it all • Managing and monitoring increasing compliance demands Spear Phishing Persistence Backdoors Designer Malware
8.
8© 2015 IBM
Corporation Security Intelligence across the threat lifecycle is key What was the impact to the organization? What security incidents are happening right now? Are we configured to protect against advanced threats? What are the major risks and vulnerabilities? Security Intelligence The actionable information derived from the analysis of security-relevant data available to an organization • Gain visibility over the organization’s security posture and identity security gaps • Detect deviations from the norm that indicate early warnings of APTs • Prioritize vulnerabilities to optimize remediation processes and close critical exposures before exploit • Automatically detect threats with prioritized workflow to quickly analyze impact • Gather full situational awareness through advanced security analytics • Perform forensic investigation reducing time to find root-cause; use results to drive faster remediation Exploit Remediation REACTION / REMEDIATION PHASE Post-ExploitVulnerability Pre-Exploit PREDICTION / PREVENTION PHASE
9.
9© 2015 IBM
Corporation Security Intelligence on Cloud Flexible solution that can deploy as either a true SaaS offering or combine with hybrid cloud environments to improve visibility into cloud-based applications Network Forensics Incident forensics and packet captures Vulnerability and Risk Management Real-time vulnerability scanning and prioritizations, combined with configuration analysis, policy monitoring, and risk assessment Log Management Identity management, complete log management, and compliance reporting SIEM SIM and VA integration ClientNeeds Flow Visualization and NBAD Anomaly detection and threat resolution Platformevolutionbasedonclientneeds IBM Security App Exchange and X-Force Exchange An on-line repository for sharing QRadar software enhancements and an aggregated threat intelligence and collaboration platform integrated with QRadar Continued investment based on client needs 2002 – 2005 2006 – 2007 2008 – 2009 2010 – 2013 2014 2015 2015
10.
© 2015 IBM
Corporation IBM Security Intelligence strategy
11.
11© 2015 IBM
Corporation Establish security as a system Key integrated capabilities Threat Research Endpoint Advanced Fraud Data MobileNetwork Applications Identity and Access Endpoint patching and management Malware protection Fraud protection Criminal detection Data access control Data monitoring Device management Content security Network visibility Application security management Access management Identity management Entitlements and roles Application scanning Virtual patching Transaction protection Log, flow and big data analysis Anomaly detection Vulnerability assessment Incident and threat management Ecosystem Partners Sandboxing Firewalls Anti- virus Consulting Services Managed Services Security Intelligence
12.
12© 2015 IBM
Corporation IBM QRadar is the centerpiece of IBM Security integrations IBM X-Force Research Trusteer Apex Endpoint zSecure BigFix Advanced Fraud Trusteer Pinpoint Trusteer Rapport Data Key Lifecycle Manager Guardium Suite Mobile MobileFirst Protect (MaaS360) MobileFirst Platform (Worklight) Network Network Protection XGS SiteProtector Applications Identity and Access QRadar Incident Forensics QRadar Risk Manager Ecosystem Partners Trusteer Mobile Network Protection GX QRadar SIEM QRadar Log Manager QRadar Vulnerability Manager Big Data i2 Analytics Privileged Identity Manager Access Manager Identity Manager Federated Identity Manager AppScan Suite DataPower Web Security Gateway Consulting Services Managed Services Security Intelligence
13.
13© 2015 IBM
Corporation Identity and Access ISAM ISIM PIM Key integrations for Security Intelligence Endpoint Trusteer Apex BigFix IBM X-Force Security Intelligence Mobile MaaS360 Applications AppScan Data Guardium Network Network XGS QRadar Provide increased visibility into network Network security flows Correlate status and severity monitoring Vulnerability and patch data Gain input on malware attacks Endpoint malware events Provide identity context aware security intelligence Identity attributes, logs and flows Provide in-depth data activity monitoring and vulnerability assessment Security events and vulnerabilities Place activity in external context and determine offense severity Global real-time threat and vulnerability data Understand mobile security landscape Compliance alerts Security events and vulnerabilities Understand application security landscape and improve threat detection accuracy 1 2 3 4 5 6 7 8
14.
14© 2015 IBM
Corporation A dynamic, integrated system to help stop advanced threats The IBM Threat Protection System Break-in1 Latch-on2 Expand3 Gather4 Exfiltrate5 Attack Chain
15.
15© 2015 IBM
Corporation Applications AppScan Data Guardium Network Network XGS Identity and Access ISIM ISAM FIM PIM Endpoint BigFix Focus on critical points in the attack chain Integrated Capabilities 1. Secure network traffic Network security flows Gain visibility into your assets Create a secure perimeter around identities Assess threats and create security offenses 1 2 3 1. Validate endpoint patch status Endpoint patch data 1. Lock down database usage Database vulnerabilities Security Intelligence QRadar 1. Prevent web application vulnerabilities Application vulnerabilities 2. Provide user activity and anomaly detection Identity event logs Detect RespondPrevent Threat Intelligence Network Address the most critical risks first 3. Find and prioritize vulnerabilities
16.
16© 2015 IBM
Corporation Network Network XGS Identity and Access PIM ISAM Endpoint Trusteer Apex Detect and block malicious activity Integrated Capabilities 2. Block exploits as they traverse the network Network security flows Monitor user activity Block threats and exploits Produce actionable intelligence 1 2 3 2. Dynamically detect and block endpoint malware Endpoint malware events 1. Send privileged user details to correlate with user’s activity Identity and access data, user credentials Security Intelligence QRadar Detect RespondPrevent Threat Intelligence Network Data Guardium 1. Authorize database activities Audit data Intelligent correlation of events, flows, topologies, vulnerabilities and threats 3. Detect anomalous activity
17.
17© 2015 IBM
Corporation Find out what happened, when 3. Correlate events Security Intelligence QRadar Data Guardium Network Network XGS Endpoint BigFix Investigate breaches and learn from findings Integrated Capabilities Perform real-time incident response Perform post-attack incident forensics Prepare for and withstand security breaches 1 2 3 Detect RespondPrevent Threat Intelligence Network Identity and Access ISIM ISAM 2. Validate user permissions Identity and access data 1. Check patch status of compromised machines Patch data 1. Search activity across IP addresses Network security flows 2. Provide visibility into the database Database events IBM Emergency Response Services
18.
18© 2015 IBM
Corporation Security Intelligence QRadar Network Network XGS Endpoint Trusteer Apex Leverage global threat research and intelligence sharing Integrated Capabilities Provide real-time threat data Catalog vulnerabilities Share threat intelligence 1 2 3 Respond Threat Intelligence Network Detect Prevent 1. Address the latest threats and provide intelligent blocking Threat data, IP and URL reputation 1. Provides millions of malware samples collected daily Malware threat intelligence 2. Place activity in external context and determine offense severity Global real-time threat and vulnerability data IBM X-Force Provide zero day threat alerts and exploit triage 3. Share real-time threat intelligence data based on dynamic data
19.
© 2015 IBM
Corporation How get even more from your QRadar investment in 2016 QRadar V7.2.6, December 2015
20.
20© 2015 IBM
Corporation A quick preview of the 5 10+ ways 1. IBM Security AppExchange = QRadar apps and market! 2. Automated threat response 3. Data obfuscation 4. Real time and historical analytics 5. Enhanced BigFix integration 6. Enhanced investigation workflow 7. Optimized indexing 8. Security Intelligence on Cloud 9. New Incident Forensics analysis capabilities 10. Improved QVM performance and security roles 11. Enhanced QRM topology visualization, performance, and device support
21.
21© 2015 IBM
Corporation Criminals create and share easy-to-use, sophisticated, powerful weapons Criminals are organized and collaborate on a global scale Increasing Complexity Unpatched Vulnerabilities User Negligence Resource Constraints
22.
22© 2015 IBM
Corporation Integrated security solutions Intelligence sharing Capability sharing Break down silos with integrated security controls Share real-time threat intelligence Share security intelligence workflows, use cases and analytics IBM Security continues its investments in fostering collaborative defense IBM X-Force Exchange IBM Threat Protection System April 16, 2015May 5, 2014 December 8, 2015 IBM Security App Exchange
23.
23© 2015 IBM
Corporation Introducing a new platform for security collaboration Enables rapid innovation to deliver new apps and content for IBM Security solutions NEW IBM Security App Exchange Single platform for collaboration Access to partner innovations Validated security apps Fast extensions to security functionality
24.
24© 2015 IBM
Corporation Contributions from IBM Tracking the threat Understand the attack chain Quickly identify the severity and overall impact of a threat Enable faster response by understanding flow of data Forensic investigation to discover the DNA of the attack Relationships between IPs involved in this offense Context from other security operations solutions IBM Security | Incident Visualization IBM Security App Exchange: New apps Early momentum
25.
25© 2015 IBM
Corporation IBM Security App Exchange: New apps Partners already on-board and enthusiastic Contributions from Ready for Security Intelligence Partner Ecosystems One console for SIEM and user entity behavior analytics (UEBA) UEBA annotations in SIEM offenses Exabeam | User Entity Behavior Analytics SIEM offenses link to UEBA timeline UEBA timeline links back to SIEM logs Suspicious behaviors open new offenses
26.
26© 2015 IBM
Corporation • Automated response ability enabling QRadar to automatically block IPs, shun users, black list domains, connect emails using multiple templates, and many more actions… • Real time and historical analytics helps discover previously hidden IOCs, threats and incidents using new threat intelligence • Tenant definition and capabilities providing richer multi-tenant capabilities for MSPs • Enhanced BigFix integration enabling users to build a context driven, prioritized action list helping organizations reduce risk • Enhanced investigation workflow enabling users to quickly navigate through related incident data speeding up investigations • Optimized indexing speeding up historical searches by x10 ! QRadar 7.2.6 December, 2015 NEW Vulnerability Manager Risk Manager SIEM Incident Forensics
27.
27© 2015 IBM
Corporation Better, Stronger, Faster Automated and centralized decision making either as workflow initiation for enterprise SOC or as more real world responses such as: – Blacklist IPs on the enterprise boundary – User credential lock out due to a security incident – Transmission of recent threat context to partner organizations. Real time and historical analytics allows users to replay data through QRadar’s powerful correlation engine targeting three main use cases: – Discover previously hidden threats and incidents – Review security events independent of collection time, unwinding bulk loaded data sets – Tune new threat detection and security policies against historical data Tenants and domains help enterprises support larger environments and MSPs support multiple clients: – Allows for segregating overlapping Ips – Controlled administration of all tenants, their respective domains and users – Enables data categorization (ex. events, flows) into different sets – Guarantees one customer’s security data is not correlated with any others Pushing the envelope with additional QRadar platform investments A B C
28.
28© 2015 IBM
Corporation Automated Threat Response Increasingly, organizations are interested in automated and centralized decision making and are requesting QRadar, with it’s comprehensive insights into the security posture of an organization, play a pivotal role in that decision making process. These decisions, or responses, can come in the form of simply initiating a workflow for the enterprise NOC and SOC to work but can also extend into the realm of real world responses such as: – Blacklist IPs on the enterprise boundary – User credential lock out due to a security incident – Transmission of recent threat context to partner organizations.
29.
29© 2015 IBM
Corporation Data Obfuscation Data obfuscation offers QRadar administrators the ability to strategically “hide” and restrict visibility to data within their deployment. Obfuscation occurs within the data records themselves to ensure that the content is never compromised. Data is only reverted to original form for presentation in the UI if the keys are provided by the user The most common use of data obfuscation is to hide sensitive information such as PII or PHI (social insurance numbers, usernames, credit card numbers, etc)
30.
30© 2015 IBM
Corporation STEP ONE Provide Continuous Insight across all endpoints. INCLUDING off-network laptops STEP FOUR Expedite remediation of ranked vulnerabilities, configuration drift and irregular behavior STEP TWO Enforce Policy Compliance of Security, Regulatory & Operational Mandates. STEP THREE Prioritize vulnerabilities and remediation activities by risk • QRadar correlates assets & vulnerabilities with real-time security data • It then sends the prioritized list to BigFix administrators • Machine Name, OS, IP Address, Malware incidents etc. • Provides details on physical and virtual servers, PCs, Macs, POS devices, ATMs, kiosks, etc. • All known CVEs exposed on an endpoint • Quarantine endpoints until they can be remediated • Patch or reconfigure endpoints IBM BigFixIBM BigFix IBM BigFix • BigFix sends vulnerability and patch data to QRadar, automatically ensuring that QRadar's asset database is updated with current data Extending QRadar’s reach and simplifying incident response with BigFix Legend • Avail Today • Coming Soon
31.
31© 2015 IBM
Corporation QRadar V7.2.6 closed-loop risk management BigFix Compliance with QRadar Vulnerability Manager and Risk Manager deliver real-time endpoint intelligence for closed-loop risk management IBM QRadarIBM BigFix Real-time endpoint intelligence Network anomaly detection Provides current endpoint status Correlates events and generates alerts Prompts IT staff to fix vulnerabilities • Improves asset database accuracy • Strengthens risk assessments • Enhances compliance reporting • Accelerates risk prioritization of threats and vulnerabilities • Increases reach of vulnerability assessment to off-network endpoints Integrated, closed-loop risk management
32.
32© 2015 IBM
Corporation • Increased EPS limit to 40K EPS per SIOC • Data node support increases maximum storage to 48TB • New Canadian Data Center supports international customers • Now available Worldwide SecIntel on Cloud 7.2.6 December, 2015 Vulnerability Manager Risk Manager SIEM Incident Forensics
33.
33© 2015 IBM
Corporation • File Analysis extends suspect content to include in-depth file analysis • Image Analysis quickly scans through images based on relevance and frequency • Link Analysis visualizes common links in communications patterns to find the actors and evidence QRadar Incident Forensics 7.2.6 December, 2015 Vulnerability Manager Risk Manager SIEM Incident Forensics
34.
34© 2015 IBM
Corporation • QVM • Improved performance results in faster scans, improved scalability • BigFix integration phase 2 described earlier • License verification notifies users if they are over license limits • Improved security for administrator roles • QRM • Enhanced topology visualization declutters views for large customers • Performance enhancements • New device support QRadar Vulnerability Manager and Risk Manager 7.2.6 December, 2015 Vulnerability Manager Risk Manager SIEM Incident Forensics
35.
35© 2015 IBM
Corporation Netting it out: Why you should move to QRadar V7.2.6! 1. QRadar V7.2.6 supports QRadar Apps via the IBM Security App Exchange 2. Awesome new automated response capabilities 3. New data obfuscation features 4. BigFix integration V2 5. Enhanced investigation workflow engine speeds investigation time 6. 10X+ improvements in search speed and more powerful search capabilities 7. Improved SaaS version, including higher EPS limits, global availability, and extended storage 8. Extended Incident Forensics content analysis 9. Better QRM and QVM performance, security, and usability 10. Sets the stage for even cooler stuff coming in V7.3 next year….
36.
36© 2015 IBM
Corporation Intelligence is the new defense It helps prevent threats faster and make more informed decisions Integration is the new foundation It puts security in context and automates protection Expertise is the new focus It is essential to leverage global knowledge and experience to stay ahead A new way to think about security
37.
© 2015 IBM
Corporation Q&A
38.
38© 2015 IBM
Corporation Learn more about IBM Security Intelligence and Analytics V2015-11-23 countries where IBM delivers managed security services industry analyst reports rank IBM Security as a LEADER enterprise security vendor in total revenue clients protected including… 130+ 25 No. 1 12K+ 90% of the Fortune 100 companies Join IBM X-Force Exchange xforce.ibmcloud.com Visit our website ibm.com/security Watch our videos on YouTube IBM Security Channel Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity
39.
© Copyright IBM
Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security
40.
Information concerning non-IBM
products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third-party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. Other company, product, or service names may be trademarks or service marks of others. A current list of IBM trademarks is available at “Copyright and trademark information” www.ibm.com/legal/copytrade.shtml Copyright © 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS document is distributed "AS IS" without any warranty, either express or implied. In no event shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM’s future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law. Legal notices and disclaimers
Download now