Feature spotlights

Connect siloed data sources

Connect siloed data sources (QRadar, Splunk, etc.) and run federated search across all data to improve visibility across your security infrastructure. Improve your visibility and extract more value from your existing investments.

Universal Data Service (connectors)

Make API calls out to where ever your data is to do search and bring data to the IBM Security Connect (in STIX format). Seamlessly share insights across products and apps.

Query data on-prem or in the cloud

Regardless of where your data resides, query data on-prem or in the cloud and pull it all to the cloud. Gain total insights from all of your data.

Filtering and grouping

Prioritize and analyze threat and IT operations data in a single solution by filtering and grouping data across all your data sources.

How customers use it

  • Break down data silos

    Break down data silos

    Problem

    Data is increasingly siloed, making data visibility across all your data sources a challenge.

    Solution

    IBM Data Explorer uses IBM Security Connect's Universal Data Service to access all of your data no matter where it resides.

  • Make threat hunting / incident investigations more efficient

    Make threat hunting / incident investigations more efficient

    Problem

    SOC analysts have to search multiple tools when hunting down a threat or investigating a security incident.

    Solution

    As Data Explorer is connected to all of your data, regardless of where the data resides, it only takes one query from one interface to get the information that you need to act fast.

  • Access to all of the raw data, not just alerts

    Access to all of the raw data, not just alerts

    Problem

    Security tools commonly do not export all of their events to another platform, giving the false impression that all of your data is in one place.

    Solution

    By leveraging existing investments and native APIs, IBM Data Explorer can easily query and analyze all of your security data, and not just the exported alerts.

Technical details

Software requirements

Works best on the latest versions of Firefox, Chrome, Internet Explorer, and Safari.

    Hardware requirements

    No hardware requirements.

      Technical specifications

      Data Explorer is a SaaS app hosted on IBM Security Connect that works on the latest versions of Firefox, Chrome, Internet Explorer, and Safari.

      In order to connect an on-premise Data Source to the IBM Security Connect environment it will be necessary to install and run a light-weight secure gateway Edge device within the customer network.

      • Firefox, Chrome, Internet Explorer, and Safari
      • Security gateway Edge device to connect to on-prem data sources (optional)
      See a complete list of technical specifications

      You may also be interested in

      IBM QRadar on Cloud

      Provides a SaaS version of QRadar SIEM, hosted in the IBM Cloud.

      Learn more

      IBM Threat Intelligence Insights

      Identify your most impactful threats with relevant threat intelligence

      Learn more

      IBM Orchestrated Response

      Case management and dynamic playbooks to orchestrate incident response

      Learn more

      See how it works

      Try it now