SlideShare a Scribd company logo

Extend Your Market Reach with IBM Security QRadar for MSPs

Download as PPT, PDF
IBM Security
IBM Security

View on-demand recording: http://securityintelligence.com/events/ibm-security-qradar-for-msps/ As the number of security events grow in complexity and frequency, your clients are likely looking for ways to deploy leading security capabilities to gain more comprehensive security visibility across their operations. With the next release of IBM Security QRadar, you have an enhanced opportunity to deliver a best-in-class security intelligence solution to your broad base of customers. Join us for a webcast presented by Vijay Dheap, IBM Security Global Solutions Manager, to learn about the new features of IBM Security QRadar designed especially for Managed Service Providers. He will cover: - Centralized views and incident management with extensive APIs - Flexible MSP pricing options - Horizontal, snap-on scalability that is cloud ready

1 of 30
© 2015 IBM Corporation IBM Security 1© 2015 IBM Corporation IBM SECURITY QRADAR FOR SERVICE PROVIDERS Extending Market Reach Through Multi- Tenancy & SaaS Vijay Dheap Global Product Manager QRadar
© 2015 IBM Corporation IBM Security 2 Agenda  Motivations  QRadar Multi-Tenancy  QRadar Master Console  Security Intelligence on Cloud  Partnering with IBM
3 © 2014 IBM Corporation Motivations Making Security Intelligence Accessible
© 2015 IBM Corporation IBM Security 4 It’s A Not So Friendly Cyber World…and Many are Ill-Equipped Risks abound and cost continues to grow Limitations in even grasping an organization’s security posture constraints the ability to adapt it…
© 2015 IBM Corporation IBM Security 5 Organizations of All Sizes Plan on Raising their Basic Security IQ Growing Demand needs to be served by the the Best in Class solution – QRadar and Service Providers provide not just the reach but also the expertise to onboard and support these organizations on their security intelligence journey
© 2015 IBM Corporation IBM Security 6 Service Provider Requirements to Serve this Market Demand  Offer range of security intelligence capabilities from basic to advanced to meet diverse spectrum of client needs • Log Management • SIEM • Risk and vulnerability management • Network, app, and service usage visibility  Adaptive deployment options depending on client size and scale • Dedicated environments for large institutions • Shared infrastructure for small/mid-size organizations  Deliver rapid time-to-value • Quick deployment • Built-in intelligence • Out-of-the-box integrations  Minimize operational infrastructure costs and improve staff productivity • Multi-tenancy • Cloud delivery options • Centralized dashboard
© 2015 IBM Corporation IBM Security 7 Helping Service Providers Broaden Reach of Security Intelligence Service Providers can extend Tier 1 security intelligence capabilities to small & mid-size organizations leveraging multi-tenancy Customer A Customer B Customer C Customer D Master Console Service Providers can gain centralized visibility to multiple, diverse QRadar deployments – multi- tenant, or dedicated Customer E Service Providers can either deploy QRadar in the cloud or resell IBM Security Intelligence on Cloud Offering to minimize capital expenditures and offer an operating expense model for security intelligence for their customers NewNew NewNew NewNew
8 © 2014 IBM Corporation QRadar Multi-Tenancy
© 2015 IBM Corporation IBM Security 9 MULTI-TENANT enables secure, rapid and cost effective delivery of security intelligence services Multi-Tenant QRadar for Managed Security Service Providers Scalable appliance architecture Shared modular infrastructure  New centralized views and incident management  Mixed single- and multi-tenanted deployment options  True horizontal, snap-on scalability capabilities  Extensive APIs for enterprise integration  System configuration template support  Cloud ready with support for 400+ out-of-the-box devices Significant new capabilities to help Service Providers bring security to customers IBM Security QRadar is: AUTOMATED drives simplicity and accelerates time-to- value for service providers SCALABLE scales from smallest to largest customers with centralized management of single- and multi- tenanted systems INTELLIGENT AUTOMATED INTEGRATED
© 2015 IBM Corporation IBM Security 10 Introducing the Domain Concept Domains are building blocks for multi-tenant QRadar Allows for segregating overlapping IPs Enables categorizing sources of security data (ex. events, flows) into different sets Facilitates monitoring and analysis of one or more subsets to attain granular visibility Domains can be defined at three levels: Domain ADomain A Domain BDomain B Collector-level Collectors (events or flows) are used to distinguish among domains Source-level Domain ADomain A Source 1Source 1 Source 2Source 2 Domain BDomain B Source 3Source 3 Properties-level Log Source 4Log Source 4 Domain ADomain A Property iProperty i Domain BDomain B Property iiProperty ii Property iiiProperty iii Sources (log or flow) possibly aggregated by the same collector can be specified as belonging to different domains Specific events within a log source can be associated to various domains Increasing Priority
© 2015 IBM Corporation IBM Security 11 Automatic Detection & The Default Domain When no dedicated event collectors are assigned, new log sources are automatically detected and assigned to the default domain allowing Service Provider admin or global admin to make the domain assignment (if desired) Prevents data leakage and enforces data separation across domains When dedicated event collectors are assigned to a unique domain, new log sources are automatically detected and assigned to that domain Domain ADomain A Domain BDomain B Collector-level Source-level Domain ADomain A Source 1Source 1 Source 2Source 2 Domain BDomain B Source 3Source 3 Properties-level Log Source 4Log Source 4 Domain ADomain A Property iProperty i Domain BDomain B Property iiProperty ii Property iiiProperty iii
© 2015 IBM Corporation IBM Security 12 Domain Data Available in QRadar
© 2015 IBM Corporation IBM Security 13 Domain Support in Rules  Custom rules engine is now domain-aware, automatically isolating correlations from different domains  New domain test allows for cross domain correlations if desired or necessary
© 2015 IBM Corporation IBM Security 14 Domain Support in Offenses  Domain information carried all the way through offense
© 2015 IBM Corporation IBM Security 15 Domain Support Within Asset Model  Each asset is assigned to a domain  Assets can have overlapping IP addresses
© 2015 IBM Corporation IBM Security 16 Domain Support for Security Profiles  Security Profile can be restricted to one or more domains  Security Profile will restrict access to flows, events, assets, and offenses based on domain
© 2015 IBM Corporation IBM Security 17 Controlled Access to Domains New User Security Profiles can be instantiated to control access to domain data: Enables defining user access rights to one or more domains Allows for delegation of responsibilities across domains Facilitates defining domain specific visibility Domain ADomain A Domain BDomain B Once domains are defined, the next step is to control user privileges to those domains Process in the QRadar Admin Console: 1.Define Security Profiles for the Domains 2.Associate users from those domains to the appropriate security profiles
© 2015 IBM Corporation IBM Security 18 Vulnerability Management on a Domain Level QRadar Vulnerability Manager allows asset profiles to be denoted with domain categorizations for exported scan results Domain is defined per scanner for dynamic scanning Domain is a selectable criteria when filtering results Credentials controlled through the user’s security profile relating to the domain specified Saved searches for scan results will return assets that also match domain visibility of the user Note a key value proposition of QRadar Vulnerability Manager is that scanners can be enabled on the deployed QRadar infrastructure without incurring additional infrastructure overhead.
© 2015 IBM Corporation IBM Security 19 Summarizing QRadar Multi-Tenancy Capabilities for Service Providers  Supports multiple customers within single QRadar instance  Guarantees separate correlation processing for each client’s security data  Restricts client visibility to only their security data – logs, flows, offenses etc.  Permits vulnerability scan data sharing across all clients associated within common domain  Facilitates simplified system administration of all client domains
20 © 2014 IBM Corporation QRadar Master Console
© 2015 IBM Corporation IBM Security 21 Master Console: A Single View Across Multiple QRadar Deployments Centralized health view and system monitoring Additional planned capabilities: • Centralized offense view and management • Content Management o Log Source Management o Rules o Reports o Saved Searches o Dashboards • User Accounts • Federated Search • Seat Management Network A Network B Network C Network D Network E Multi-tenant QRadar deployment IBM Security Intelligence on Cloud
© 2015 IBM Corporation IBM Security 22 Facilitating Access to Underlying QRadar Deployments Pass-through APIs Customer A Customer B Analyst Service Provider analyst can employ Master Console Pass- through APIs to programmatically invoke QRadar APIs and build custom applications Click-through Log-in Customer A Customer B Service Provider analyst can log-in to specific QRadar deployment (managed from the Master Console) to get additional details needed for an investigative process
© 2015 IBM Corporation IBM Security 23 Deploying Master Console  Master Console software package included in QRadar ISO at no additional cost – updates provided via fix central  Installs on Service Provider’s own hardware, VM or cloud instance using 8500 activation key - recommended specifications equivalent to QRadar 3105 hardware appliance
24 © 2014 IBM Corporation IBM Security Intelligence on Cloud
© 2015 IBM Corporation25 IBM Security Systems IBM Security Intelligence on Cloud Service Highlights • Security Intelligence as a Service • X-Force Exchange integration • Physically segregated client data • Real time & historical correlation of assets, events, and vulnerabilities • Advanced threat detection • Configurable SOC and management dashboards • Supports integrations of 450+ security & IT solutions • Seamless integration with IBM Global SOC for additional Security Services Secure robust channel Software Gateways Professionally deployed and managed solution enabling organizations and Service Providers to focus on monitoring security intelligence operations Professionally deployed and managed solution enabling organizations and Service Providers to focus on monitoring security intelligence operations Security Intelligence
26 © 2014 IBM Corporation Partnering with IBM
© 2015 IBM Corporation IBM Security 27 Go-To-Market Options Application Specific Licensing (ASL) Appliances or software (including virtual appliances) Support either perpetual license or monthly payments • Zero upfront costs – pay only for EPS or Flows consumed by customers every month or quarterly • Earn discounts – as business pipeline scales earn discounted pricing or specify commitments to get discounted price up front Removes restriction on how EPS and Flows are allocated across two or more customers Current, standard processes remain in place to establish an ASL agreement Resell Appliances, software (including virtual appliances), or SaaS (IBM Security Intelligence on Cloud) Collaborate with IBM to design and develop your marketing material Realize built-in margin and complement with value added services Current, standard processes remain in place to establish a Reseller agreement
© 2015 IBM Corporation IBM Security 28 IBM Value Proposition for Service Providers  Best-in-Class Security Intelligence solution with flexibility to meet your needs • Full spectrum of Security Intelligence capabilities • On-premise or Cloud delivery • Dedicated environment or multi-tenant • Horizontally scalable  Choice of Go-to-Market options to suit various business models • Minimize up-front costs • Maximize margins • Maintain customer relationships  Rapid Time-to-Value • Simplified deployment options • Out-of-the-box security content and integrations  Platform for adding high-value services in cost-effective and streamlined fashion • Tailored security building blocks • Single Pane of Glass for security monitoring and management
© 2015 IBM Corporation IBM Security 29 Contact your Local IBM Representative Middle East & Africa Jean-Luc Labbe jean-luc.labbe@it.ibm.com North America Chad Kinter ckinter@us.ibm.com Europe Serge Richard serge.richard@fr.ibm.com Asia Pacific John SK Chai chaiskj@sg.ibm.com Worldwide Sales Bill Wallace bwallac@us.ibm.com
© 2015 IBM Corporation IBM Security 30 www.ibm.com/security © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY

Recommended

Threat Hunting Playbook.pdf
Threat Hunting Playbook.pdfThreat Hunting Playbook.pdf
Threat Hunting Playbook.pdf
laibaarsyila
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
Hybrid IT Europe
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
The Current ICS Threat Landscape
The Current ICS Threat LandscapeThe Current ICS Threat Landscape
The Current ICS Threat Landscape
Dragos, Inc.
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
Mark Arena
 
Threat intelligence notes
Threat intelligence notesThreat intelligence notes
Threat intelligence notes
Amgad Magdy
 
Zero Trust : How to Get Started
Zero Trust : How to Get StartedZero Trust : How to Get Started
Zero Trust : How to Get Started
EyesOpen Association
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 

Recommended

Threat Hunting Playbook.pdf
Threat Hunting Playbook.pdfThreat Hunting Playbook.pdf
Threat Hunting Playbook.pdf
laibaarsyila
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
Hybrid IT Europe
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
The Current ICS Threat Landscape
The Current ICS Threat LandscapeThe Current ICS Threat Landscape
The Current ICS Threat Landscape
Dragos, Inc.
 
Cyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metricsCyber threat intelligence: maturity and metrics
Cyber threat intelligence: maturity and metrics
Mark Arena
 
Threat intelligence notes
Threat intelligence notesThreat intelligence notes
Threat intelligence notes
Amgad Magdy
 
Zero Trust : How to Get Started
Zero Trust : How to Get StartedZero Trust : How to Get Started
Zero Trust : How to Get Started
EyesOpen Association
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
Sameer Paradia
 
Qradar - Reports.pdf
Qradar - Reports.pdfQradar - Reports.pdf
Qradar - Reports.pdf
PencilData
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Threat-Based Adversary Emulation with MITRE ATT&CK
Threat-Based Adversary Emulation with MITRE ATT&CKThreat-Based Adversary Emulation with MITRE ATT&CK
Threat-Based Adversary Emulation with MITRE ATT&CK
Katie Nickels
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
JustinBrown267905
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
Denise Bailey
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
Ben Boyd
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Sounil Yu
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE - ATT&CKcon
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
Splunk
 
Malware Analysis
Malware AnalysisMalware Analysis
Malware Analysis
Ramin Farajpour Cami
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
hardik soni
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 
Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTX
NatashaVerma29
 

More Related Content

What's hot

Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
Sameer Paradia
 
Qradar - Reports.pdf
Qradar - Reports.pdfQradar - Reports.pdf
Qradar - Reports.pdf
PencilData
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.
 
Threat-Based Adversary Emulation with MITRE ATT&CK
Threat-Based Adversary Emulation with MITRE ATT&CKThreat-Based Adversary Emulation with MITRE ATT&CK
Threat-Based Adversary Emulation with MITRE ATT&CK
Katie Nickels
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
JustinBrown267905
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
Denise Bailey
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
Ben Boyd
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Sounil Yu
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
mohamed nasri
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
Muhammad Sahputra
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
Sqrrl
 
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE - ATT&CKcon
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
Splunk
 
Malware Analysis
Malware AnalysisMalware Analysis
Malware Analysis
Ramin Farajpour Cami
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
hardik soni
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
Moshe Ferber
 

What's hot (20)

Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
 
Qradar - Reports.pdf
Qradar - Reports.pdfQradar - Reports.pdf
Qradar - Reports.pdf
 
Global Cyber Threat Intelligence
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
 
Threat-Based Adversary Emulation with MITRE ATT&CK
Threat-Based Adversary Emulation with MITRE ATT&CKThreat-Based Adversary Emulation with MITRE ATT&CK
Threat-Based Adversary Emulation with MITRE ATT&CK
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture[Round table] zeroing in on zero trust architecture
[Round table] zeroing in on zero trust architecture
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Threat hunting - Every day is hunting season
Threat hunting - Every day is hunting seasonThreat hunting - Every day is hunting season
Threat hunting - Every day is hunting season
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
 
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecurityDistributed Immutable Ephemeral - New Paradigms for the Next Era of Security
Distributed Immutable Ephemeral - New Paradigms for the Next Era of Security
 
Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligence
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation center
 
Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)Building a Next-Generation Security Operations Center (SOC)
Building a Next-Generation Security Operations Center (SOC)
 
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
MITRE ATT&CKcon 2018: Hunters ATT&CKing with the Data, Roberto Rodriguez, Spe...
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
 
Malware Analysis
Malware AnalysisMalware Analysis
Malware Analysis
 
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM)
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
 
Cloud Security Architecture.pptx
Cloud Security Architecture.pptxCloud Security Architecture.pptx
Cloud Security Architecture.pptx
 

Similar to Extend Your Market Reach with IBM Security QRadar for MSPs

Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
IBM Security
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTX
NatashaVerma29
 
IBM Softlayer ile bulutta 3. Boyut Bora Taşer IBM
IBM Softlayer ile bulutta 3. Boyut Bora Taşer IBMIBM Softlayer ile bulutta 3. Boyut Bora Taşer IBM
IBM Softlayer ile bulutta 3. Boyut Bora Taşer IBM
Webrazzi
 
Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...
Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...
Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...
hasimatwork
 
Check Point and Accenture Webinar
Check Point and Accenture Webinar Check Point and Accenture Webinar
Check Point and Accenture Webinar
Check Point Software Technologies
 
Interoute Intelligent Monitoring
Interoute Intelligent MonitoringInteroute Intelligent Monitoring
Interoute Intelligent Monitoring
Onomi
 
IBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix MarketplaceIBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix Marketplace
Simon Baker
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Stefaan Van daele
 
Cloudy with SaaS-Shine 18march2015
Cloudy with SaaS-Shine 18march2015Cloudy with SaaS-Shine 18march2015
Cloudy with SaaS-Shine 18march2015
Simon Baker
 
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Amazon Web Services
 
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize Suite Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Jürgen Ambrosi
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
IBM Security
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob Rowlingson
Digital Catapult
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
VMware Tanzu
 
Deploying Cloud Use Cases
Deploying Cloud Use CasesDeploying Cloud Use Cases
Deploying Cloud Use Cases
Jason Singh
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Ping Identity
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
Amazon Web Services
 
L105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902aL105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902a
Tony Pearson
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
CA Technologies
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the Cloud
ControlCase
 

Similar to Extend Your Market Reach with IBM Security QRadar for MSPs (20)

Cloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud SecurityCloud Security: What you need to know about IBM SmartCloud Security
Cloud Security: What you need to know about IBM SmartCloud Security
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTX
 
IBM Softlayer ile bulutta 3. Boyut Bora Taşer IBM
IBM Softlayer ile bulutta 3. Boyut Bora Taşer IBMIBM Softlayer ile bulutta 3. Boyut Bora Taşer IBM
IBM Softlayer ile bulutta 3. Boyut Bora Taşer IBM
 
Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...
Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...
Section 3 - Technical Sales Foundations for IBM QRadar for Cloud (QRoC)V1 P10...
 
Check Point and Accenture Webinar
Check Point and Accenture Webinar Check Point and Accenture Webinar
Check Point and Accenture Webinar
 
Interoute Intelligent Monitoring
Interoute Intelligent MonitoringInteroute Intelligent Monitoring
Interoute Intelligent Monitoring
 
IBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix MarketplaceIBM Softlayer Bluemix Marketplace
IBM Softlayer Bluemix Marketplace
 
Security Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference ArchitectureSecurity Building Blocks of the IBM Cloud Computing Reference Architecture
Security Building Blocks of the IBM Cloud Computing Reference Architecture
 
Cloudy with SaaS-Shine 18march2015
Cloudy with SaaS-Shine 18march2015Cloudy with SaaS-Shine 18march2015
Cloudy with SaaS-Shine 18march2015
 
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
 
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize Suite Webinar Fondazione CRUI e VMware: VMware vRealize Suite
Webinar Fondazione CRUI e VMware: VMware vRealize Suite
 
Securing Your Cloud Applications
Securing Your Cloud ApplicationsSecuring Your Cloud Applications
Securing Your Cloud Applications
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob Rowlingson
 
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
Achieving DevSecOps Outcomes with Tanzu Advanced- May 25, 2021
 
Deploying Cloud Use Cases
Deploying Cloud Use CasesDeploying Cloud Use Cases
Deploying Cloud Use Cases
 
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
Hybrid IAM: Fuelling Agility in the Cloud Transformation Journey | Gartner IA...
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
L105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902aL105704 ibm-cloud-private-z-cairo-v1902a
L105704 ibm-cloud-private-z-cairo-v1902a
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 
PCI DSS Compliance in the Cloud
PCI DSS Compliance in the CloudPCI DSS Compliance in the Cloud
PCI DSS Compliance in the Cloud
 

More from IBM Security

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
IBM Security
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
IBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 

More from IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 

Recently uploaded

Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 

Recently uploaded (20)

Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 

Extend Your Market Reach with IBM Security QRadar for MSPs

  • 1. © 2015 IBM Corporation IBM Security 1© 2015 IBM Corporation IBM SECURITY QRADAR FOR SERVICE PROVIDERS Extending Market Reach Through Multi- Tenancy & SaaS Vijay Dheap Global Product Manager QRadar
  • 2. © 2015 IBM Corporation IBM Security 2 Agenda  Motivations  QRadar Multi-Tenancy  QRadar Master Console  Security Intelligence on Cloud  Partnering with IBM
  • 3. 3 © 2014 IBM Corporation Motivations Making Security Intelligence Accessible
  • 4. © 2015 IBM Corporation IBM Security 4 It’s A Not So Friendly Cyber World…and Many are Ill-Equipped Risks abound and cost continues to grow Limitations in even grasping an organization’s security posture constraints the ability to adapt it…
  • 5. © 2015 IBM Corporation IBM Security 5 Organizations of All Sizes Plan on Raising their Basic Security IQ Growing Demand needs to be served by the the Best in Class solution – QRadar and Service Providers provide not just the reach but also the expertise to onboard and support these organizations on their security intelligence journey
  • 6. © 2015 IBM Corporation IBM Security 6 Service Provider Requirements to Serve this Market Demand  Offer range of security intelligence capabilities from basic to advanced to meet diverse spectrum of client needs • Log Management • SIEM • Risk and vulnerability management • Network, app, and service usage visibility  Adaptive deployment options depending on client size and scale • Dedicated environments for large institutions • Shared infrastructure for small/mid-size organizations  Deliver rapid time-to-value • Quick deployment • Built-in intelligence • Out-of-the-box integrations  Minimize operational infrastructure costs and improve staff productivity • Multi-tenancy • Cloud delivery options • Centralized dashboard
  • 7. © 2015 IBM Corporation IBM Security 7 Helping Service Providers Broaden Reach of Security Intelligence Service Providers can extend Tier 1 security intelligence capabilities to small & mid-size organizations leveraging multi-tenancy Customer A Customer B Customer C Customer D Master Console Service Providers can gain centralized visibility to multiple, diverse QRadar deployments – multi- tenant, or dedicated Customer E Service Providers can either deploy QRadar in the cloud or resell IBM Security Intelligence on Cloud Offering to minimize capital expenditures and offer an operating expense model for security intelligence for their customers NewNew NewNew NewNew
  • 8. 8 © 2014 IBM Corporation QRadar Multi-Tenancy
  • 9. © 2015 IBM Corporation IBM Security 9 MULTI-TENANT enables secure, rapid and cost effective delivery of security intelligence services Multi-Tenant QRadar for Managed Security Service Providers Scalable appliance architecture Shared modular infrastructure  New centralized views and incident management  Mixed single- and multi-tenanted deployment options  True horizontal, snap-on scalability capabilities  Extensive APIs for enterprise integration  System configuration template support  Cloud ready with support for 400+ out-of-the-box devices Significant new capabilities to help Service Providers bring security to customers IBM Security QRadar is: AUTOMATED drives simplicity and accelerates time-to- value for service providers SCALABLE scales from smallest to largest customers with centralized management of single- and multi- tenanted systems INTELLIGENT AUTOMATED INTEGRATED
  • 10. © 2015 IBM Corporation IBM Security 10 Introducing the Domain Concept Domains are building blocks for multi-tenant QRadar Allows for segregating overlapping IPs Enables categorizing sources of security data (ex. events, flows) into different sets Facilitates monitoring and analysis of one or more subsets to attain granular visibility Domains can be defined at three levels: Domain ADomain A Domain BDomain B Collector-level Collectors (events or flows) are used to distinguish among domains Source-level Domain ADomain A Source 1Source 1 Source 2Source 2 Domain BDomain B Source 3Source 3 Properties-level Log Source 4Log Source 4 Domain ADomain A Property iProperty i Domain BDomain B Property iiProperty ii Property iiiProperty iii Sources (log or flow) possibly aggregated by the same collector can be specified as belonging to different domains Specific events within a log source can be associated to various domains Increasing Priority
  • 11. © 2015 IBM Corporation IBM Security 11 Automatic Detection & The Default Domain When no dedicated event collectors are assigned, new log sources are automatically detected and assigned to the default domain allowing Service Provider admin or global admin to make the domain assignment (if desired) Prevents data leakage and enforces data separation across domains When dedicated event collectors are assigned to a unique domain, new log sources are automatically detected and assigned to that domain Domain ADomain A Domain BDomain B Collector-level Source-level Domain ADomain A Source 1Source 1 Source 2Source 2 Domain BDomain B Source 3Source 3 Properties-level Log Source 4Log Source 4 Domain ADomain A Property iProperty i Domain BDomain B Property iiProperty ii Property iiiProperty iii
  • 12. © 2015 IBM Corporation IBM Security 12 Domain Data Available in QRadar
  • 13. © 2015 IBM Corporation IBM Security 13 Domain Support in Rules  Custom rules engine is now domain-aware, automatically isolating correlations from different domains  New domain test allows for cross domain correlations if desired or necessary
  • 14. © 2015 IBM Corporation IBM Security 14 Domain Support in Offenses  Domain information carried all the way through offense
  • 15. © 2015 IBM Corporation IBM Security 15 Domain Support Within Asset Model  Each asset is assigned to a domain  Assets can have overlapping IP addresses
  • 16. © 2015 IBM Corporation IBM Security 16 Domain Support for Security Profiles  Security Profile can be restricted to one or more domains  Security Profile will restrict access to flows, events, assets, and offenses based on domain
  • 17. © 2015 IBM Corporation IBM Security 17 Controlled Access to Domains New User Security Profiles can be instantiated to control access to domain data: Enables defining user access rights to one or more domains Allows for delegation of responsibilities across domains Facilitates defining domain specific visibility Domain ADomain A Domain BDomain B Once domains are defined, the next step is to control user privileges to those domains Process in the QRadar Admin Console: 1.Define Security Profiles for the Domains 2.Associate users from those domains to the appropriate security profiles
  • 18. © 2015 IBM Corporation IBM Security 18 Vulnerability Management on a Domain Level QRadar Vulnerability Manager allows asset profiles to be denoted with domain categorizations for exported scan results Domain is defined per scanner for dynamic scanning Domain is a selectable criteria when filtering results Credentials controlled through the user’s security profile relating to the domain specified Saved searches for scan results will return assets that also match domain visibility of the user Note a key value proposition of QRadar Vulnerability Manager is that scanners can be enabled on the deployed QRadar infrastructure without incurring additional infrastructure overhead.
  • 19. © 2015 IBM Corporation IBM Security 19 Summarizing QRadar Multi-Tenancy Capabilities for Service Providers  Supports multiple customers within single QRadar instance  Guarantees separate correlation processing for each client’s security data  Restricts client visibility to only their security data – logs, flows, offenses etc.  Permits vulnerability scan data sharing across all clients associated within common domain  Facilitates simplified system administration of all client domains
  • 20. 20 © 2014 IBM Corporation QRadar Master Console
  • 21. © 2015 IBM Corporation IBM Security 21 Master Console: A Single View Across Multiple QRadar Deployments Centralized health view and system monitoring Additional planned capabilities: • Centralized offense view and management • Content Management o Log Source Management o Rules o Reports o Saved Searches o Dashboards • User Accounts • Federated Search • Seat Management Network A Network B Network C Network D Network E Multi-tenant QRadar deployment IBM Security Intelligence on Cloud
  • 22. © 2015 IBM Corporation IBM Security 22 Facilitating Access to Underlying QRadar Deployments Pass-through APIs Customer A Customer B Analyst Service Provider analyst can employ Master Console Pass- through APIs to programmatically invoke QRadar APIs and build custom applications Click-through Log-in Customer A Customer B Service Provider analyst can log-in to specific QRadar deployment (managed from the Master Console) to get additional details needed for an investigative process
  • 23. © 2015 IBM Corporation IBM Security 23 Deploying Master Console  Master Console software package included in QRadar ISO at no additional cost – updates provided via fix central  Installs on Service Provider’s own hardware, VM or cloud instance using 8500 activation key - recommended specifications equivalent to QRadar 3105 hardware appliance
  • 24. 24 © 2014 IBM Corporation IBM Security Intelligence on Cloud
  • 25. © 2015 IBM Corporation25 IBM Security Systems IBM Security Intelligence on Cloud Service Highlights • Security Intelligence as a Service • X-Force Exchange integration • Physically segregated client data • Real time & historical correlation of assets, events, and vulnerabilities • Advanced threat detection • Configurable SOC and management dashboards • Supports integrations of 450+ security & IT solutions • Seamless integration with IBM Global SOC for additional Security Services Secure robust channel Software Gateways Professionally deployed and managed solution enabling organizations and Service Providers to focus on monitoring security intelligence operations Professionally deployed and managed solution enabling organizations and Service Providers to focus on monitoring security intelligence operations Security Intelligence
  • 26. 26 © 2014 IBM Corporation Partnering with IBM
  • 27. © 2015 IBM Corporation IBM Security 27 Go-To-Market Options Application Specific Licensing (ASL) Appliances or software (including virtual appliances) Support either perpetual license or monthly payments • Zero upfront costs – pay only for EPS or Flows consumed by customers every month or quarterly • Earn discounts – as business pipeline scales earn discounted pricing or specify commitments to get discounted price up front Removes restriction on how EPS and Flows are allocated across two or more customers Current, standard processes remain in place to establish an ASL agreement Resell Appliances, software (including virtual appliances), or SaaS (IBM Security Intelligence on Cloud) Collaborate with IBM to design and develop your marketing material Realize built-in margin and complement with value added services Current, standard processes remain in place to establish a Reseller agreement
  • 28. © 2015 IBM Corporation IBM Security 28 IBM Value Proposition for Service Providers  Best-in-Class Security Intelligence solution with flexibility to meet your needs • Full spectrum of Security Intelligence capabilities • On-premise or Cloud delivery • Dedicated environment or multi-tenant • Horizontally scalable  Choice of Go-to-Market options to suit various business models • Minimize up-front costs • Maximize margins • Maintain customer relationships  Rapid Time-to-Value • Simplified deployment options • Out-of-the-box security content and integrations  Platform for adding high-value services in cost-effective and streamlined fashion • Tailored security building blocks • Single Pane of Glass for security monitoring and management
  • 29. © 2015 IBM Corporation IBM Security 29 Contact your Local IBM Representative Middle East & Africa Jean-Luc Labbe jean-luc.labbe@it.ibm.com North America Chad Kinter ckinter@us.ibm.com Europe Serge Richard serge.richard@fr.ibm.com Asia Pacific John SK Chai chaiskj@sg.ibm.com Worldwide Sales Bill Wallace bwallac@us.ibm.com
  • 30. © 2015 IBM Corporation IBM Security 30 www.ibm.com/security © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY

Editor's Notes

  1. Large vs small customers
  2. Dedicated eC EP auto domain detection …any shared…goes to default
  3. Pass through apis – Click through – log in
  4. Mandatory Thank You Slide (available in English only). URL is hyperlinked to website.