IBM Security Intelligence
with Big Data

IBM Security Intelligence with Big Data

With major security breaches and fraud incidents making international headlines, organizations are taking steps to address the growing problems of advanced persistent threats, fraud, and insider attacks.

Press play to view video.
Staying out of the headlines using Security Intelligence
with Big Data: IOD 2013 Panel Discussion
Traditional security technologies lack the sophisticated capabilities and visibility required to detect and protect against such attacks. At best, they solve a single facet of the problem. Smart cyber criminals can skirt those defenses and blend into the background noise of an organization’s operations. They’re skilled and patient enough to perform stealthy reconnaissance of an organization’s network over months or years, eventually seizing the right opportunity to steal sensitive information assets – intellectual property, credit card numbers, customer databases – commit fraud, or otherwise damage the enterprise.

The IBM solution

IBM Security Intelligence with Big Data provides exceptional threat and risk detection, combining deep security expertise with analytical insights on a massive scale. For forward-leaning organizations seeking advanced insight into security risks, the IBM solution – including IBM QRadar Security Intelligence Platform and IBM Big Data Platform – provides a comprehensive, integrated approach that combines real-time correlation for continuous insight, custom analytics across massive structured and unstructured data, and forensic capabilities for irrefutable evidence. The combination can help you address advanced persistent threats, fraud and insider threats.

The IBM solution is designed to answer questions you could never ask before, by widening the scope and scale of investigation. You can now analyze a greater variety of data – such as DNS transactions, emails, documents, social media data, full packet capture data and business process data – over years of activity. By analyzing structured, enriched security data alongside unstructured data from across the enterprise, the IBM solution helps find malicious activity hidden deep in the masses of an organization’s data.

IBM Big Data Security Analytics graphic.

Solution Overview

IBM Security Intelligence with Big Data combines the real-time security visibility of the IBM QRadar Security Intelligence Platform with the custom analytics of the IBM Big Data Platform. QRadar performs real-time correlation, anomaly detection and reporting for immediate threat detection, and also sends enriched security data to IBM big data products, such as IBM InfoSphere BigInsights.

IBM big data products analyze enriched security information from QRadar along with vast amounts of data from unstructured and semi-structured sources, accommodating both the variety and volume of data needed for advanced security and risk use cases. Information is subsequently fed back to QRadar, providing a facility for closed-loop, continuous learning.

The result is an integrated, intelligent solution that collects, monitors, analyzes, explores and reports on security and enterprise data in ways previously not possible. And the solution is designed so you can start with any product in the IBM solution and add complementary capabilities as your needs evolve.

Key capabilities include:

Contact IBM

Considering a purchase?

IBM Security QRadar named a leader in Gartner's SIEM Magic Quadrant