• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Q1 labs total security intelligence   dusan milidrag

Q1 labs total security intelligence dusan milidrag






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Q1 labs total security intelligence   dusan milidrag Q1 labs total security intelligence dusan milidrag Presentation Transcript

    • Total Security Intelligence The next generation of Log Management and SIEM Dusan Milidrag IBM
    • IBM Security Systems Only vendor in the market with end-to-end coverage of the security foundation $1.8B investment in innovative technologies 6K+ security engineers and consultants Award-winning X-Force® research Largest vulnerability database in the industry Intelligence Intelligence ● ● Integration Integration ● ● Expertise Expertise
    • Who are Q1Labs: • Innovative Security Intelligence software company • Leader in Gartner 2012, 2011, 201o Magic QuadrantAward winning solutions: • Family of next-generation Risk Management, Log Management, SIEM, security intelligence solutionsExecuting, growing rapidly: • +2000 customers worldwide • Five-year average revenue growth +70% • North America, EMEA and Asia Pacific
    • Some of Our European Customers…
    • Compliance & Policy Billions of logs and records a day compliance validation requires logging and reporting New regulations that have implications across many vertical markets Configuration audits, manual processes • Threats & Security Visibility – Combating fraud, targeted exploits and cyber warfare requires intelligent visibility – Telemetry for intelligence is traditionally siloed – Without broad surveillance and integration, threats will be missed – Siloed tools to address risk management lifecycle
    • QRadar: The Most Intelligent, Integrated,Automated Security Intelligence Platform inthe Industry Exceed Regulation Mandates Detect Detect Threats Insider Others Fraud Miss Predict Consolidate Risk Data Silos
    • Q1 Labs Solves Customer Problems withTotal Security Intelligence
    • Was is a „Total Security Intelligence“?Vulnerability Exploit Remediation Prediction/Prevention Phase Reaction/Remediation Phase Pre-Exploit Post-Exploit Risk Management , Compliance Management, SIEM, Network/User Anomaly Detection, Vulnerability Management, Configuration Management Log Management
    • First Gen-SIEM
    • Suspected IncidentsUser correlation and application forensics 2Bn log and event records a day reduced to enabled fraud detection prior to 25 high priority exploit completion
    • QRadar: Integration Eliminates False Choice Between Capability & Simplicity Bolted Together Solution QRadar Integrated Solution• Scale problems • Highly scalable• Disparate reporting, searching • Common reporting, searching• No local decisions • Distributed correlation• Complex High Availability • Integrated High Availability• Multi-product admin and DBA • Unified administration• Forklift upgrades • Seamless expansion• Duplicate log repositories • Logs stored once• Operational bottleneck • Total visibility Unified Administration Time spent managing security events was reduced by 80% compared to siloed systems
    • QRadar: Automation Drives Simplicity and Cost Effectiveness Auto-discovery of log sources Auto-tuning Thousands of Auto-discovery of applications Auto-detect threats predefined reports Auto-discovery of assets Thousands of pre-defined rules Asset-based prioritization Auto-grouping of assets Easy-to-use event filtering Auto-update of threats Centralized log management Advanced security analytics Auto-response Automated configuration audits Directed remediationEfficient, Immediate, Custom Automation Drives Operations Efficiency “We were pleased with QRadar being extremely“Where it would take 10 days on our oldsystem to build and test rules, it takes automated, equipped with compliance-driven report templates that were very useful out of the box, whichus just 10 minutes in QRadar.” spared us the manpower and resources of having to develop them ourselves.”
    • Fully Integrated Security Intelligence • Turnkey log management Log • SME to Enterprise Management • Upgradeable to enterprise SIEM • Integrated log, threat, risk & compliance mgmt. • Sophisticated event analytics SIEM • Asset profiling and flow analytics • Offense management and workflow • Predictive threat modeling & simulation Risk • Scalable configuration monitoring and audit Management • Advanced threat visualization and impact analysisNetwork Activity • Network analytics & Anomaly • Behavior and anomaly detection Detection • Fully integrated with SIEM Network and • Layer 7 application monitoring Application • Content capture Visibility • Physical and virtual environments
    • The QRadar Security Intelligence Solutions Deploy, Expand at Your Pace Log One Consolelog management • Turnkey Security • SME to EnterpriseManagement • Upgradeable to enterprise SIEM • Integrated log, cyber threat, risk and compliance managementSIEM/SEM • Sophisticated event analytics • Asset profiling and flow analytics • Predictive threat modeling & simulation Risk • Scalable configuration monitoring and auditManagement • Advanced threat visualization and impact analysis • Event Processors • Network Activity Processors Scale Hihg • • High Availability Stackable Expansion High Availability • Embedded, real-time database QFlow VFlow Visibility/ Collector Collector • Layer 7 application monitoring Network • Content capture Activity • Network Analysis
    • HVALA!dusan.milidrag@rs.ibm.com IBM SRBIJA