Security intelligence and Sense Analytics for protecting assets and information from advanced threats
IBM® QRadar® SIEM consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It normalizes and correlates raw data to identify security offenses, and uses an advanced Sense Analytics engine to baseline normal behavior, detect anomalies, uncover advanced threats, and remove false positives. As an option, this software incorporates IBM X-Force® Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. IBM QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritize security incidents.
IBM QRadar SIEM:
- Provides real-time visibility to the entire IT infrastructure for threat detection and prioritization.
- Reduces and prioritizes alerts to focus security analyst investigations on an actionable list of suspected, high probability incidents.
- Enables more effective threat management while producing detailed data access and user activity reports.
- Operates across on-premises and cloud environments.
- Produces detailed data access and user activity reports to help manage compliance.
- Offers multi-tenancy and a master console to help managed service providers provide security intelligence solutions in a cost-effective manner.
For more information, visit: http://www-03.ibm.com/software/products/en/qradar
Checkout our joint solution brief here.