Sarbanes-Oxley Act (SOX)
Use the IBM Security QRadar SOX Content Extension to closely monitor your deployment for SOX compliance.
Important: To avoid content errors in this content extension, keep the associated DSMs
up to date. DSMs are updated as a part of the automatic updates. If automatic updates are not
enabled, download the most recent version of the associated DSMs from IBM® Fix Central (https://www.ibm.com/support/fixcentral).
IBM Security QRadar SOX Content Extension V1.0.1
Saved searches were added to the correct groups, and all saved searches are now shared by default.
IBM Security QRadar SOX Content Extension V1.0.0
The following building blocks are included in IBM Security QRadar SOX Content Extension V1.0.0.
- BB:CategoryDefinition: Authentication Failures
- BB:CategoryDefinition: Authentication Success
The following table reports are included in IBM Security QRadar SOX Content Extension V1.0.0.
- Daily Top IPs for Blocked Spam
- Daily Top Targeted IPs
- Daily Top Virus Sources and Destinations
- Monthly Top IPs for Blocked SPAM
- Remote Access Activity Summary
- SOX Daily Successful Login Attempts
- SOX Daily Unsuccessful Logins Summary
- SOX Daily Unsuccessful Mail Logins
- SOX Daily Unsuccessful Mail Logins by Network Group
- Sox Daily Unsuccessful Misc. Logins by Network Group
- SOX Daily Unsuccessful Miscellaneous Logins
- SOX Daily Unsuccessful SSH Logins
- SOX Daily Unsuccessful SSH Logins by Network Group
- SOX Daily Unsuccessful Telnet Logins
- SOX Daily Unsuccessful Telnet Logins by Network Group
- SOX Daily Unsuccessful Web Services Logins
- SOX Daily Unsuccessful Web Services Logins by Network Group
- SOX Weekly Successful Login Attempts
- SOX Weekly Unsuccessful Logins Summary
- SOX Weekly Unsuccessful Mail Logins
- SOX Weekly Unsuccessful Mail Logins by Network Group
- SOX Weekly Unsuccessful Misc. Logins by Network Group
- SOX Weekly Unsuccessful Miscellaneous Logins
- SOX Weekly Unsuccessful SSH Logins
- Sox Weekly Unsuccessful SSH Logins by Network Group
- SOX Weekly Unsuccessful Telnet Logins by Network Group
- SOX Weekly Unsuccessful Web Services Logins
- SOX Weekly Unsuccessful Web Services Logins by Network Group
- Top Users by Remote Access Activity
- Weekly Top IPs for Blocked Spam
- Weekly Top Virus Sources and Destinations
The following table saved searches are included in IBM Security QRadar SOX Content Extension V1.0.0.
- Login Failures By Low Level Category
- Login Failures by User
- Mail Service Login Failures
- Mail Service Login Failures by Network
- Misc. Login Failures
- Misc. Login Failures by Network
- Remote Access Failures (VPN and Others)
- Remote Access Success (VPN and Other)
- SSH Login Failures
- SSH Login Failures by Network
- SSH Login Failures TopN Users
- Successful Logins by Network
- Telnet Login Failures
- Telnet Login Failures by Network
- Top Blocked SPAM IPs
- Top User by Mail Service Login Failure
- Top Users by failed Misc. Logins
- Top Users by Successful Logins
- Top Virus Destinations
- Top Virus Sources
- Web Services Login Failures
- Web Services Login Failures by Network