What is IBM QRadar Security Intelligence?
IBM® QRadar® Security Intelligence is a tightly integrated solution that allows you to protect your organization from threats and cybersecurity attacks. The IBM QRadar Sense Analytics™ Engine helps eliminate noise by applying advanced analytics to chain multiple incidents together and identify security offenses requiring action. You can realize even greater intelligence, speed and accuracy by extending the platform with cognitive security from IBM Watson. Read what 2 leading analysts have to say about IBM QRadar: Forrester Wave Security Analytics Platforms Q1 2017 Report and the 2016 Gartner Magic Quadrant for Security Information & Event Management (SIEM).
What do leading Security Operation Centers need?
Key use cases
Advanced Threat Protection
Insider Threat Monitoring
Risk & Vulnerability Management
IBM Security QRadar Incident Forensics: A full packet capture solution for retrieving indisputable evidence of network activity associated with a security investigation using Internet search technology. All network transfers are processed and indexed to reveal content in their original, human readable form.
IBM Security QRadar Log Manager: A basic, high-performance and scalable solution for collecting, analyzing, storing and reporting on large volumes of network and security event logs.
Features | Product support
Unlock the power of cognitive security to uncover new insights and rapidly respond to threats.
An advanced offering that consolidates log source and network flow data from thousands of assets, devices, endpoints and applications distributed throughout a network. It uses advanced IBM QRadar Sense Analytics to correlate, chain and analyze security incidents to identify high priority offenses requiring action.
Provides visibility to user behavioral anomalies and insider threats as a free app for QRadar clients.
A full packet capture solution for quick and easy investigation of security offenses using Internet-like search technology.
Produces network topology views, enables attack path simulations. Examines switch, router, firewall and Intrusion Prevention System (IPS) configurations to identify risks and protect against an attack.