IBM Advances Threat Detection and Response with QRadar Suite
IBM has brought to market a new security suite designed to improve the analyst experience across the full incident lifecycle, the company announced in a prepared statement.
The IBM Security QRadar Suite “represents a major evolution and expansion of the QRadar brand,” the company said. Accordingly, QRadar encompasses “all core threat detection, investigation and response technologies.”
Commenting on QRadar’s cybersecurity advancements, Mary O’Brien, general manager of IBM Security, said:
“In the face of a growing attack surface and shrinking attack timelines, speed and efficiency are fundamental to the success of resource-constrained security teams. IBM has engineered the new QRadar Suite around a singular, modernized user experience, embedded with sophisticated AI and automation to maximize security analysts’ productivity and accelerate their response across each step of the attack chain.”
Cybersecurity at Speed and Scale
QRadar Suite offers these core design elements:
- Unified Analyst Experience. Refined in collaboration with hundreds of real-world users, QRadar features a common, modernized user interface across all products. It designed to dramatically increase analyst speed and efficiency across the entire attack chain.
- Cloud Delivery, Speed & Scale. Delivered as a service on Amazon Web Services (AWS), QRadar products provide simplified deployment, visibility and integration across cloud environments and data sources. It also includes a new, cloud-native log management capability for highly efficient data ingestion, rapid search and analytics at scale.
- Open Foundation, Pre-Built Integrations. QRadar brings together the core technologies needed across threat detection, investigation and response. It is built around an open foundation, an extensive partner ecosystem, and more than 900 pre-built integrations that provide strong interoperability between IBM and third-party toolsets.
AI Powers QRadar
IBM notes that the QRadar Suite is the culmination of years of investment, acquisitions and innovations in threat detection and response. It features dozens of mature AI and automation capabilities that have been refined over time with real-world users and data, including IBM Managed Security Service engagements with more than 400 clients. It also includes innovations developed in collaboration with IBM Research and the open source security community.
QRadar automatically contextualizes and prioritizes alerts, displays data in visual format for rapid consumption, and provides shared insights and automated workflows between products. This approach can drastically reduce the number of steps and screens required to investigate and respond to threats.
- AI-Powered Alert Triage automatically prioritizes or closes alerts based on AI-driven risk analysis.
- Automated Threat Investigation identifies high-priority incidents that may warrant investigation, and automatically initiates investigation.
- Accelerated Threat Hunting uses open source threat hunting language and federated search capabilities to help threat hunters discover stealthy attacks and indicators of compromise across their environments.
By helping analysts respond faster and more efficiently, QRadar technologies can also help security teams improve their productivity and free up analysts’ time for higher value work, IBM stated.