IBM Brings Security Intelligence to the Cloud

IBM announces it is taking its QRadar-based security intelligence solution for cyber-threat analytics to the cloud in a SaaS model.

Cloud security

IBM announced it is bringing its cyber-threat analytics technology to the cloud.

Big Blue is moving its IBM QRadar security intelligence technology to the cloud to help enterprises quickly prioritize threats. The new services are available to customers through a cloud-based software-as-a-service (SaaS) model, with optional IBM Security Managed Services to provide deeper expertise and flexibility for security professionals.

"Organizations are facing a security data tsunami that can overwhelm even the most sophisticated enterprise's security program," said Jason Corbin, vice president of product management and strategy for IBM Security, in a statement. "Security leaders are telling us they want increased visibility through the cloud and control throughout their hybrid IT environments. The option of doing predictive analytics via the cloud gives security teams the flexibility to bring in skills, innovation and information on demand across all of their security environments."

According to the 2014 IBM Cyber Index, organizations globally deal with an average of 91 million potential security events every year, creating vast volumes of data that need to be stored and analyzed. Cloud-based threat monitoring and analytics provides the simplicity of a hosted deployment, combined with advanced analytics capabilities and the proven expertise from a security services provider.

The two new cloud-based services are IBM Security Intelligence on Cloud and Intelligent Log Management on Cloud. IBM Security Intelligence on Cloud helps enterprises determine if security-related events are simple anomalies or potential threats. Built as a cloud service using IBM QRadar, enterprises can quickly correlate security event data with threat information from over 500 supported data sources for devices, systems and applications.

This is complemented by more than 1,500 predefined reports for use cases such as compliance, vulnerability management and security incident response. Also, the integration of QRadar with IBM's recently announced cloud-based X-Force Exchange gives security teams volumes of historical and real-time threat intelligence, the company said.

Meanwhile, IBM's new Intelligent Log Management on Cloud is designed to simplify security and compliance data collection and reporting. Powered by IBM QRadar, Intelligent Log Management uses analytics and a hosted, multitenant technology to deliver compliance with real-time correlation and anomaly detection capabilities. Through support for more than 400 platforms, security managers can also capture logs from nearly any device in their security operation.

The new offerings are delivered through IBM's platform of managed security services, which handles more than 15 billion security events per day for over 4,000 clients around the world. Moreover, IBM Security experts located in 10 global security operations centers (SOCs) are available on demand around the clock. These IBM analysts and engineers help clients detect and protect themselves from security risks often before software fixes are released to the market.

IBM also recently announced it is making its library of security intelligence data available via the IBM X-Force Exchange, a new cyber-threat intelligence sharing platform powered by IBM Cloud. This platform provides access to volumes of IBM and third-party threat data from across the globe, including real-time indicators of live attacks, which can be used to defend against cybercrimes.

Built by IBM Security, the IBM X-Force Exchange is a new, cloud-based platform that allows organizations to easily collaborate on security incidents, as well as benefit from the ongoing contributions of IBM experts and community members. Since the beta launch of the X-Force Exchange, numerous early adopters have joined the community.

The X-Force Exchange builds on IBM's expertise in security intelligence, integrating its portfolio of deep threat research data and technologies like QRadar, thousands of global clients, and acumen of a worldwide network of security analysts and experts from IBM Managed Security Services. Leveraging the open and powerful infrastructure of the cloud, users can collaborate and tap into multiple data sources.

These data sources include one of the largest catalogs of vulnerabilities in the world; malware threat intelligence from a network of 270 million endpoints; threat information based on over 25 billion Web pages and images; intelligence on more than 8 million spam and phishing attacks; and reputation data on nearly 1 million malicious IP addresses.

IBM's X-Force Exchange features over 700 terabytes of raw aggregated data supplied by IBM. This will continue to grow, be updated and shared as the platform can add up to a thousand malicious indicators every hour. This data includes real-time information, which is critical to the battle against cybercrime.

"The IBM X-Force Exchange platform will foster collaboration on a scale necessary to counter the rapidly rising and sophisticated threats that companies are facing from cybercriminals," said Brendan Hannigan, general manager of IBM Security. "We're taking the lead by opening up our own deep and global network of cyber threat research, customers, technologies and experts. By inviting the industry to join our efforts and share their own intelligence, we're aiming to accelerate the formation of the networks and relationships we need to fight hackers."

Organizations can directly interact with IBM's security analysts and researchers, as well as their industry peers, via the platform to validate findings and share them with other companies fighting cybercrime.