Join Ellen Knickle, QRadar Sr. Product Manager and Brad Sutton, STEALTHbits Technical Product Manager to hear more about QRadar and how STEALTHbits adds another layer of security by monitoring Windows events, identifying potential insider or outsider threats to AD, file systems, NAS and Exchange environments.
STEALTHbits Technologies
QRadar Event Monitoring of Windows Environments |
Turn-off Event Logging
1V3R_Charlie_Palella
Tags:
qradar
event_logs
active_directory
exchange
file_systems
monitoring
1,914 Views
The latest release of StealthINTERCEPT for QRadar has been validated as Ready for IBM Security Intelligence. Now you can monitor activity of Active Directory, File Systems and Exchange in real-time, and receive alerts of suspicious activity in your QRadar console ... all without the need for native logging. Monitor insider activities and improve the security profile by correlating with network activity already being watched ... adding a whole new context to security intelligence. Watch this 2 minute video to see 3 example scenarios: |
April 16, 2013 2:08 PM Excerpt from the Gartner IAG Magic QuadrantBelow is an excerpt from the recent Gartner Magic Quadrant report on Identity and Access Governance. Gartner MQ for IAG STEALTHbits Technologies: StealthAUDIT Management Platform Founded in 2001, this New Jersey-based firm has provided products focused on Microsoft platforms for addressing many data access governance concerns in file systems, Microsoft Active Directory and other collaboration applications. Additional tools in its portfolio address issues such as Active Directory auditing and cleanup, and additional capabilities are offered for audit and compliance in data and Microsoft application environments. STEALTHbits is included here because of its work in data access governance and its growing role in general IAG products.
To learn more check out Report ID: G00235195 |
Unstructured Data Management with IBM Security SolutionsSTEALTHbits' Strategy & Research Officer, Jonathan Sander, speaks about the IBM relationship and the value STEALTHbits brings to IBM Security Solutions, such as QRadar and ISIM in this brief 2:30 video. |
On Demand Webinar: Managing Unstructured Data with IBM Security Identity Manager (ISIM) and STEALTHbits StealthAUDIT technology
Description:
Abstract: The Ready for IBM Security Intelligence Program fosters a vibrant ecosystem that nurtures and supports Technology Partners’ integrations with specific IBM solutions. Join the Webinar to learn how the newly validated solution, Data Governance for ISIM, from STEALTHbits Technologies enables IBM Security Identity Manager to provision and de-provision access to unstructured data (SharePoint, File Systems, SQL, etc). Data Governance for ISIM delivers the same automated access control of this unstructured data to ISIM, that you have come to know for application provisioning. Join IBM and STEALTHbits for an interactive webinar to learn about how organizations can achieve unmatched visibility and governance of unstructured data.
View this webinar on demand at: https://www1.gotomeeting.com/register/690067032 Originally recorded on Thursday, June 20, 2013
|
Understanding the Sony BreachDuring this recorded webinar, hear our Chief Strategy & Research Officer, Jonathan Sander, break down this unprecedented attack. Jonathan will walk you through everything we know today about the breach and help you dispel the myths. You walk away with everything you need to understand the security risks and explain the breach to others in your organization. More importantly, he will walk you through the preventative measures that would have thwarted the breach and mitigated its effectiveness at various stages of the attack. Webinar Link: |
STEALTHbits Published as a Cool Vendor by GartnerCool Vendors in Security: Identity and Access Management, 2013 Gartner Article Number: ID:G00247950 Earl Perkins, Gartner Analyst said, "STEALTHbits brings unstructured data access governance to IAM for Windows infrastructure. While IAG solutions focus on governing access to applications, STEALTHbits has features that create an environment for collecting, analyzing and reporting on unstructured data environments." |
Pulse 2014 App Throwdown FinalistSTEALTHbits entered the App Throwdown during the 2014 Pulse Conference and was chosen as a top 5 finalist out of 27 submissions. Watch the video on Youtube: https://www.youtube.com/watch?v=j6GBdZv2yIc&feature=youtu.be |
Local Administrator Auditing & ReportingFinding Who Has Admin Rights on Desktops and Servers Local Administrator groups are created on every desktop and server when they are initially built, providing complete access at the system level to perform various administrative tasks. In most organizations, it’s not uncommon to find that there are no facilities or processes in place to centrally maintain or monitor who belongs to these groups, who’s being added and removed, and what members are actually doing with these access privileges. http://www.youtube.com/watch?v=8KcWpMY5Z-s&feature=c4-overview&list=UUOZ20ddw47c1dMSl3zY-Q4g |
IBM Certifies StealthAUDIT As Engine to Feed ISIM Unstructured Data IntelligencePress Release: IBM Certifies StealthAUDIT As Engine To Feed ISIM Unstructured Data Intelligence |
Beacon Award for Outstanding Security SolutionSTEALTHbits Technologies was named a winner of a 2015 IBM Beacon Award for Outstanding Security Solution. Each year, this honor is awarded to a select number of IBM Business Partners who have delivered exceptional solutions to drive business value and transform the way their clients and industries do business in the future. The 2015 awards recognize achievements across a wide-range of solution areas, including, cloud, analytics, mobile, security and social business. It’s effectively impossible to generate the level of security intelligence needed from the Microsoft infrastructure using native logging alone. When advanced threats like malware make it over the fence, StealthINTERCEPT is there to detect it quickly, before substantial damage can be done. And our seamless integration with QRadar makes it a no-brainer for IBM’s clients. Watch the IBM interview with Kevin Foisy, Co-Founder and CTO: |
New: Windows Event Monitor for QRadar
Extending the value of your QRadar investment with monitoring of AD and file system activity By utilizing StealthINTERCEPT®, the Windows Event Monitor for QRadar provides the ability to feed concise detail regarding file system access and Active Directory modifications to QRadar in real time. By distilling change and access activities into individual, complete, self-contained access events, this integration efficiently collects and delivers critical activity information for easy consumption and correlation by QRadar. These events are often impractical to collect and make sense of using standard Windows EventLog technology, as they can be extremely disjointed and in some cases incomplete. Additionally, high volume EventLog traffic historically introduces unacceptable overhead to servers that are configured to collect everything. The StealthINTERCEPT (SI) event collection approach brings to bear deep introspection that has been specifically geared for completeness and efficiency for the specific event types that it collects. Benefits By extending monitoring visibility for applications and data for access configuration changes, and file system contents and permissions access, the StealthINTERCEPT® integration provides real savings in terms of identifying and mitigating unauthorized or potentially risky activities in the environment. These savings are realized through expediting awareness (early detection and detailed reporting) of potentially costly issues of inadvertent or malicious changes in access rights (based on groups), global configuration (in the form of GPOs) or access to sensitive data. By identifying and alerting on these situations, appropriate remediation steps can be taken as soon as possible to prevent or mitigate resultant security fallout or interruption of service to critical applications. This information can also be correlated with network access activity data from QRADAR to further pinpoint the source of malicious activities for a more definitive picture of exposures and remediation options. In addition, this integration facilitates the visualization of Active Directory and file system usage patterns, enabling the formulation of steps to minimize costs that could be incurred when these repositories are moved, migrated, or otherwise caused to become unavailable to critical applications or individuals that rely on them.
|
Protecting Mainframes, Databases and Active DirectoryListen to Jose Bravo, IBM's North American Security Architect discuss ways to secure and protect key systems and assets. |
New Video "Integrating and Controling Unstructured Data with IAM"Please view our 2 minute video that depicts how and why you need STEALTHbits to gain visibility into unstructured data (SharePoint and File Shares) and improve the value of your ISIM identity and access management solution. |
Security Talk: Giving ISIM the Competitive Advantage: Compete against and defeat the other IAM vendors- 5/20/14
Call Title: Giving ISIM the Competitive Advantage: Compete against and defeat the other IAM vendors Identity and Access Management (IAM) vendors predominantly manage access and governance to critical applications, databases, and directory services. This access governance does not extend into the massive amounts of data contained in File Shares or SharePoint sites, making it blind to the entitlements being granted to unstructured data resources. Join this webinar to discover how leveraging StealthAUDIT for ISIM can: · Eliminate unstructured data blind spots · Automate access governance over unstructured data · Increase the value of your ISIM deployment, extending its coverage to Microsoft-based file assets · Allow you to gain the competitive edge to win more deals against other IAM vendors
|
