SlideShare a Scribd company logo

QRadar & XGS: Stopping Attacks with a Click of the Mouse

Download as PPTX, PDF
IBM Security
IBM Security

View on-demand: https://securityintelligence.com/events/qradar-xgs-stopping-attacks-click-mouse/ As the tactics and techniques behind attacks continue to advance and evolve, organizations need a faster way to identify and prevent those attacks in real time. An integrated approach to security can make this a reality, especially when integrations are designed to proactively disrupt the lifecycle of advanced attacks through shared security intelligence and enabling organizations to take immediate action based on that intelligence. In this session you will learn how IBM QRadar Security Intelligence Platform and IBM Security Network Protection (XGS), a next-generation IPS, work together to disrupt the attack chain and improve network security. Join IBM Security product expert Craig Knapik as he shares how the QRadar and XGS integration enriches overall security intelligence and improves threat detection, while enabling security professionals to block threats immediately with a simple click of the mouse.

Technology
1 of 38
© 2015 IBM Corporation How IBM QRadar and XGS Work Together to Stop Threats Craig Knapik Technical Product Manager IBM Security Stopping Attacks with a Click of the Mouse
2© 2015 IBM Corporation Abstract As the tactics and techniques behind attacks continue to advance and evolve, organizations needs a faster way to identify and prevent those attacks in real time. Learn how an integrated approach to security makes this a reality, as highlighted by the bi-directional integration between IBM Security QRadar and IBM Security Network Protection (XGS) – IBM’s next generation intrusion prevention system – that enables security operators to block threats immediately with a click of a mouse. Demonstration: https://www.youtube.com/watch?v=8ul82V50yqE
3© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
4© 2015 IBM Corporation IBM Threat Protection System Smarter Prevention Stop unknown threats with behavioral-based defenses on both the endpoint and network Security Intelligence Automatically detect weaknesses and anomalies with enterprise-wide visibility and insights Continuous Response Quickly understand incidents and use findings to strengthen real- time defenses Open Integrations Share context between domains and third party products using an open platform and ecosystem A dynamic, integrated system to disrupt the entire lifecycle of advanced attacks
5© 2015 IBM Corporation IBM Threat Protection System
6© 2015 IBM Corporation Examples of breaking the attack chain through integrated intelligence
7© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
8© 2015 IBM Corporation IBM Security Network Protection (XGS)
9© 2015 IBM Corporation QRadar SIEM correlates thousands of data sources in real time
10© 2015 IBM Corporation XGS allows QRadar to see into SSL-encrypted traffic
11© 2015 IBM Corporation XGS enterprise protection via QRadar quarantine
12© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
13© 2015 IBM Corporation Standard deployment topology
14© 2015 IBM Corporation XGS forwards network flow data to QRadar for behavioral analysis
15© 2015 IBM Corporation XGS forwards network flow data to QRadar for behavioral analysis
16© 2015 IBM Corporation XGS forwards security events and system events to QRadar
17© 2015 IBM Corporation XGS forwards security events and system events to QRadar
18© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
19© 2015 IBM Corporation Case Action Scenario Compromise Source IP is “right clicked” and sent to XGS Host infected with malware Reputation Destination IP is “right clicked” and sent to XGS Malicious server, such as malware host or command & control server Intrusion Source port “right clicked,” IP and port combination sent to XGS Client system attacking a server Exposure Destination port “right clicked,” IP and port combination sent to XGS Service has a vulnerability The Security Analyst uses the QRadar console to effect quarantine . . .
20© 2015 IBM Corporation Quarantine a compromised host
21© 2015 IBM Corporation Quarantine a compromised host
22© 2015 IBM Corporation Quarantine a compromised host
23© 2015 IBM Corporation Quarantine an exposure or vulnerable service
24© 2015 IBM Corporation Quarantine an exposure or vulnerable service
25© 2015 IBM Corporation Quarantine an exposure or vulnerable service
26© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
27© 2015 IBM Corporation QRadar Vulnerability Manager (QVM)
28© 2015 IBM Corporation Dynamic Patch Prioritization
29© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
30© 2015 IBM Corporation IBM positioned in the “Leaders” Quadrant in the 2015 Gartner Magic Quadrant for Intrusion Prevention Systems
31© 2015 IBM Corporation Resilient to Zero-Day Attacks
32© 2015 IBM Corporation X-Force Top 100 Ahead of the Threat Coverage
33© 2015 IBM Corporation Resilient to Mutated Exploits
34© 2015 IBM Corporation Resilient to Obfuscated Exploits: XGS’ Efficacy (McAfee Evader nka Semantic Gap Evasion)
35© 2015 IBM Corporation Learn more about IBM Security Network Protection (XGS) countries where IBM delivers managed security services industry analyst reports rank IBM Security as a LEADER enterprise security vendor in total revenue clients protected including… 130+ 25 No. 1 12K+ 90% of the Fortune 100 companies Visit the website IBM Security Network Protection Watch the videos IBM Security Network Protection Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity Join IBM X-Force Exchange xforce.ibmcloud.com
© 2015 IBM Corporation Questions?
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOUwww.ibm.com/security
© 2015 IBM Corporation Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third- party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. Other company, product, or service names may be trademarks or service marks of others. A current list of IBM trademarks is available at “Copyright and trademark information” www.ibm.com/legal/copytrade.shtml Copyright © 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS document is distributed "AS IS" without any warranty, either express or implied. In no event shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM’s future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law. Legal notices and disclaimers

Recommended

IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security
 
Tolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't SeeTolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't See
IBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
IBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
IBM Security
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
 

Recommended

IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security
 
Tolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't SeeTolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't See
IBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
IBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
IBM Security
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
IBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
IBM Security
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail Industry
IBM Security
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
IBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
IBM Security
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
IBM Security
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
IBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
IBM Security
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
Francisco González Jiménez
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies ahead
IBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
IBM Security
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a Hacker
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
IBM Security
 
IBM 보안사업부 서비스 및 솔루션 소개
IBM 보안사업부 서비스 및 솔루션 소개 IBM 보안사업부 서비스 및 솔루션 소개
IBM 보안사업부 서비스 및 솔루션 소개
유 김
 
Ibm 보안사업부 서비스 및 솔루션 소개 160428
Ibm 보안사업부 서비스 및 솔루션 소개 160428Ibm 보안사업부 서비스 및 솔루션 소개 160428
Ibm 보안사업부 서비스 및 솔루션 소개 160428
유 김
 

More Related Content

What's hot

Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
IBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
IBM Security
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail Industry
IBM Security
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
IBM Security
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
IBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
IBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
IBM Security
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a Hacker
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
IBM Security
 

What's hot (20)

Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
 
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
 
Security Trends in the Retail Industry
Security Trends in the Retail IndustrySecurity Trends in the Retail Industry
Security Trends in the Retail Industry
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies ahead
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
 
Uncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a HackerUncover What's Inside the Mind of a Hacker
Uncover What's Inside the Mind of a Hacker
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Level Up Your Security with Threat Intelligence
Level Up Your Security with Threat IntelligenceLevel Up Your Security with Threat Intelligence
Level Up Your Security with Threat Intelligence
 

Viewers also liked

What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
IBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
IBM Security
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
IBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
IBM Security
 

Viewers also liked (15)

IBM 보안사업부 서비스 및 솔루션 소개
IBM 보안사업부 서비스 및 솔루션 소개 IBM 보안사업부 서비스 및 솔루션 소개
IBM 보안사업부 서비스 및 솔루션 소개
 
Ibm 보안사업부 서비스 및 솔루션 소개 160428
Ibm 보안사업부 서비스 및 솔루션 소개 160428Ibm 보안사업부 서비스 및 솔루션 소개 160428
Ibm 보안사업부 서비스 및 솔루션 소개 160428
 
Kari's Law Update & Making MLTS PBX E911 Work Presentation
Kari's Law Update & Making MLTS PBX E911 Work Presentation Kari's Law Update & Making MLTS PBX E911 Work Presentation
Kari's Law Update & Making MLTS PBX E911 Work Presentation
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated Ransomware
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight
 

Similar to QRadar & XGS: Stopping Attacks with a Click of the Mouse

최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개
최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개
최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개
ArumIm
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
IBM Security
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...
AGILLY
 
Simple and secure mobile cloud access
Simple and secure mobile cloud accessSimple and secure mobile cloud access
Simple and secure mobile cloud access
AGILLY
 
8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMM8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMM
AGILLY
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?
IBM Security
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
sflynn073
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
sflynn073
 

Similar to QRadar & XGS: Stopping Attacks with a Click of the Mouse (20)

3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise3 Steps to Security Intelligence - How to Build a More Secure Enterprise
3 Steps to Security Intelligence - How to Build a More Secure Enterprise
 
최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개
최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개
최근 비즈니스에서 활용되는 보안 기술 및 성숙된 보안 관리를 위한 ibm 전략 소개
 
IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaS
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
 
Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...Améliorer la productivité des employés et se protéger contre les menaces ...
Améliorer la productivité des employés et se protéger contre les menaces ...
 
Ibm q radar_blind_references
Ibm q radar_blind_referencesIbm q radar_blind_references
Ibm q radar_blind_references
 
Follow the Money, Follow the Crime
Follow the Money, Follow the CrimeFollow the Money, Follow the Crime
Follow the Money, Follow the Crime
 
Simple and secure mobile cloud access
Simple and secure mobile cloud accessSimple and secure mobile cloud access
Simple and secure mobile cloud access
 
8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMM8 Principales Raisons de Passer du MDM à l'EMM
8 Principales Raisons de Passer du MDM à l'EMM
 
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
IBM MQ on cloud and containers
IBM MQ on cloud and containersIBM MQ on cloud and containers
IBM MQ on cloud and containers
 
2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?2015 Mobile Security Trends: Are You Ready?
2015 Mobile Security Trends: Are You Ready?
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
 
Enterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtualEnterprise grade cloud services with data power virtual
Enterprise grade cloud services with data power virtual
 
Integrate Application Security Testing into your SDLC
Integrate Application Security Testing into your SDLCIntegrate Application Security Testing into your SDLC
Integrate Application Security Testing into your SDLC
 
IBM - IAM Security and Trends
IBM - IAM Security and TrendsIBM - IAM Security and Trends
IBM - IAM Security and Trends
 
What's new in IBM MQ
What's new in IBM MQWhat's new in IBM MQ
What's new in IBM MQ
 
App infrastructure &_integration_keynote_final
App infrastructure &_integration_keynote_finalApp infrastructure &_integration_keynote_final
App infrastructure &_integration_keynote_final
 

More from IBM Security

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 

More from IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Recently uploaded (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 

QRadar & XGS: Stopping Attacks with a Click of the Mouse

  • 1. © 2015 IBM Corporation How IBM QRadar and XGS Work Together to Stop Threats Craig Knapik Technical Product Manager IBM Security Stopping Attacks with a Click of the Mouse
  • 2. 2© 2015 IBM Corporation Abstract As the tactics and techniques behind attacks continue to advance and evolve, organizations needs a faster way to identify and prevent those attacks in real time. Learn how an integrated approach to security makes this a reality, as highlighted by the bi-directional integration between IBM Security QRadar and IBM Security Network Protection (XGS) – IBM’s next generation intrusion prevention system – that enables security operators to block threats immediately with a click of a mouse. Demonstration: https://www.youtube.com/watch?v=8ul82V50yqE
  • 3. 3© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
  • 4. 4© 2015 IBM Corporation IBM Threat Protection System Smarter Prevention Stop unknown threats with behavioral-based defenses on both the endpoint and network Security Intelligence Automatically detect weaknesses and anomalies with enterprise-wide visibility and insights Continuous Response Quickly understand incidents and use findings to strengthen real- time defenses Open Integrations Share context between domains and third party products using an open platform and ecosystem A dynamic, integrated system to disrupt the entire lifecycle of advanced attacks
  • 5. 5© 2015 IBM Corporation IBM Threat Protection System
  • 6. 6© 2015 IBM Corporation Examples of breaking the attack chain through integrated intelligence
  • 7. 7© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
  • 8. 8© 2015 IBM Corporation IBM Security Network Protection (XGS)
  • 9. 9© 2015 IBM Corporation QRadar SIEM correlates thousands of data sources in real time
  • 10. 10© 2015 IBM Corporation XGS allows QRadar to see into SSL-encrypted traffic
  • 11. 11© 2015 IBM Corporation XGS enterprise protection via QRadar quarantine
  • 12. 12© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
  • 13. 13© 2015 IBM Corporation Standard deployment topology
  • 14. 14© 2015 IBM Corporation XGS forwards network flow data to QRadar for behavioral analysis
  • 15. 15© 2015 IBM Corporation XGS forwards network flow data to QRadar for behavioral analysis
  • 16. 16© 2015 IBM Corporation XGS forwards security events and system events to QRadar
  • 17. 17© 2015 IBM Corporation XGS forwards security events and system events to QRadar
  • 18. 18© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
  • 19. 19© 2015 IBM Corporation Case Action Scenario Compromise Source IP is “right clicked” and sent to XGS Host infected with malware Reputation Destination IP is “right clicked” and sent to XGS Malicious server, such as malware host or command & control server Intrusion Source port “right clicked,” IP and port combination sent to XGS Client system attacking a server Exposure Destination port “right clicked,” IP and port combination sent to XGS Service has a vulnerability The Security Analyst uses the QRadar console to effect quarantine . . .
  • 20. 20© 2015 IBM Corporation Quarantine a compromised host
  • 21. 21© 2015 IBM Corporation Quarantine a compromised host
  • 22. 22© 2015 IBM Corporation Quarantine a compromised host
  • 23. 23© 2015 IBM Corporation Quarantine an exposure or vulnerable service
  • 24. 24© 2015 IBM Corporation Quarantine an exposure or vulnerable service
  • 25. 25© 2015 IBM Corporation Quarantine an exposure or vulnerable service
  • 26. 26© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
  • 27. 27© 2015 IBM Corporation QRadar Vulnerability Manager (QVM)
  • 28. 28© 2015 IBM Corporation Dynamic Patch Prioritization
  • 29. 29© 2015 IBM Corporation  IBM Threat Protection System  IBM Security QRadar and IBM Security Network Protection Integration  IBM Security QRadar and IBM Security Network Protection Configuration  IBM Security QRadar and IBM Security Network Protection Operation  Dynamic Patch Prioritization  Why XGS?  Questions Agenda
  • 30. 30© 2015 IBM Corporation IBM positioned in the “Leaders” Quadrant in the 2015 Gartner Magic Quadrant for Intrusion Prevention Systems
  • 31. 31© 2015 IBM Corporation Resilient to Zero-Day Attacks
  • 32. 32© 2015 IBM Corporation X-Force Top 100 Ahead of the Threat Coverage
  • 33. 33© 2015 IBM Corporation Resilient to Mutated Exploits
  • 34. 34© 2015 IBM Corporation Resilient to Obfuscated Exploits: XGS’ Efficacy (McAfee Evader nka Semantic Gap Evasion)
  • 35. 35© 2015 IBM Corporation Learn more about IBM Security Network Protection (XGS) countries where IBM delivers managed security services industry analyst reports rank IBM Security as a LEADER enterprise security vendor in total revenue clients protected including… 130+ 25 No. 1 12K+ 90% of the Fortune 100 companies Visit the website IBM Security Network Protection Watch the videos IBM Security Network Protection Read new blog posts SecurityIntelligence.com Follow us on Twitter @ibmsecurity Join IBM X-Force Exchange xforce.ibmcloud.com
  • 36. © 2015 IBM Corporation Questions?
  • 37. © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOUwww.ibm.com/security
  • 38. © 2015 IBM Corporation Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third- party products to interoperate with IBM’s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. Other company, product, or service names may be trademarks or service marks of others. A current list of IBM trademarks is available at “Copyright and trademark information” www.ibm.com/legal/copytrade.shtml Copyright © 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS document is distributed "AS IS" without any warranty, either express or implied. In no event shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM’s future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer’s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer’s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law. Legal notices and disclaimers