QRadar Network Insights overview

IBM® QRadar® Network Insights provides in-depth visibility into network communications on a real-time basis to extend the capabilities of your IBM QRadar deployment.

Through the deep analysis of network activity and application content, QRadar Network Insights empowers QRadar Sense Analytics to detect threat activity that would otherwise go unnoticed.

QRadar Network Insights provides in-depth analysis of both network metadata and application content to detect suspicious activity that is hidden among normal traffic and extract content to provide QRadar with visibility into network threat activity. The intelligence that is provided by QRadar Network Insights integrates seamlessly with traditional data sources and threat intelligence to extend QRadar detection, analysis, and threat detection capabilities.

QRadar Network Insights provides visibility across a range of use cases, including:
  • Malware detection and analysis
  • Phishing email and campaign detection
  • Insider threats
  • Lateral movement attack detection
  • Data exfiltration protection
  • Identify compliance gaps

Benefits of QRadar Network Insights

The following list highlights some of the benefits of using QRadar Network Insights:

  • Uses in-depth packet inspection to identify advanced threats and malicious content.
  • Extends the capabilities of QRadar to detect phishing attacks, malware intrusions, lateral movement, and data exfiltration.
  • Records application activities, captures key artifacts, and identifies assets, applications, and users that participate in network communications.
  • Applies Layer 7 content analysis for advanced security insights.
  • File analytics analyzes and enables tracking of files.