Listen to an introduction to security intelligence

05 May 2014
PDF (101 KB)
Share:

What is security intelligence?

24:58

Jose Bravo

IBM Security Tiger Team

 

Security Intelligence for the Cloud

Security Intelligence for the Cloud

This white paper discusses IBM's suite of intelligence solutions to help make cloud computing practical and secure.

Download this white paper to learn about the intelligence capabilities necessary for gaining visibility and control of cloud computing services, advanced security intelligence solutions that can help manage gaps in security controls, and the integrated IBM security QRadar suite.

Download "Security intelligence is the smart way to keep the cloud safe."

In this "chalk talk" video, Jose Bravo discusses the ability of QRadar to collect context from a variety of sources to prioritize detected security vulnerabilities.

Bravo discusses the concept of "flows" in SIEM systems. He discusses the limitations that most vendors' SIEM systems have because they only collect data from layers 2, 3, and 4 of the network stack. He discusses the QRadar QFlows, which add layer 7 information to the flow analysis. This data gives QRadar the ability to analyze flows from an application perspective.

He also discusses QRadar VFlows, which tap into the hypervisor-routed traffic in virtualization platforms.

Next, he discusses the QRadar asset management databases and its ability to automatically detect IT assets in the environment. Jose discusses QRadar's ability to monitor logins to add a user dimension to its analysis as well.

He then discusses QRadar integration with Guardium, mainframe SMF, IP reputation services, spam site reporting services, identity management systems, and vulnerability scanners.

Also, he talks about QRadar Risk Manager's ability to help prioritize discovered vulnerabilities and its integration with Trusteer to help detect potentially fraudulent activities.


RELATED TOPICS:security on developerWorks communitysecurity on developerWorks newsletterQRadar product site

Add a comment

Note: HTML elements are not supported within comments.


1000 characters left

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Security
ArticleID=970458
ArticleTitle=Listen to an introduction to security intelligence
publish-date=05052014