Frequently asked questions

Get answers to the most commonly asked questions about this product.

Results can be viewed with the local manager for the XGS appliance, or via the IBM X-Force Exchange platform by logging onto X-Force Exchange. Select the hamburger menu in the upper left-hand corner, then select malware analysis, then select view uploads.

The results may include information such as; a threat score indicating the confidence, the name of the malware variants associated with the file, and any URLs or IP addresses of command and control servers that may be associated with the file.

File analysis can take anywhere between 30 seconds and 15 minutes depending on the size and complexity of the file and system load.

The files that you submit for analysis are destroyed after the analysis is completed.

It is not difficult at all. After purchasing the service, you receive your API keys from a post-purchase email. You simply paste those credentials into the XGS configuration page to activate the service.

The XGS offering is a tiered pricing model based on the capacity of the appliance. For example, the XGS3100 is the smallest appliance so it will cost the least, and the XGS7100 is the highest-end appliance, and so it will cost more.

The IBM QRadar Network Security XGS models that can use the offering are: the XGS3100, XGS4100, XGS5100, XGS5200, and XGS7100.

Your files are protected by encryption when they traverse the network and also when they are at rest on the system doing the analysis. When analysis is complete your file is destroyed.

The Workbench offering allows clients to manually submit files for malware analysis in IBM X-Force Exchange. The XGS offering allows clients to configure their IBM QRadar Network Security XGS appliance to automatically collect files on their network and send them for malware analysis.

The existing system reports on hashes that can find known malware, and return a basic report. The new Malware offering can find known and unknown malware; it executes your file in an environment that emulates a target operating system, and looks at the behavior to determine if it's malicious or not.