SlideShare a Scribd company logo
© 2015 IBM Corporation
Mitigate attacks with IBM BigFix and QRadar
Rich Caponigro
IBM BigFix Security Product Manager
cappy@us.ibm.com
Don’t drown in a sea of cyber-threats
2© 2015 IBM Corporation
Please Note:
!  IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without
notice at IBM’s sole discretion.
!  Information regarding potential future products is intended to outline our general product direction and it
should not be relied on in making a purchasing decision.
!  The information mentioned regarding potential future products is not a commitment, promise, or legal
obligation to deliver any material, code or functionality. Information about potential future products may
not be incorporated into any contract.
!  The development, release, and timing of any future features or functionality described for our products
remains at our sole discretion.
Performance is based on measurements and projections using standard IBM benchmarks in a controlled
environment. The actual throughput or performance that any user will experience will vary depending
upon many factors, including considerations such as the amount of multiprogramming in the user’s job
stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no
assurance can be given that an individual user will achieve results similar to those stated here.
3© 2015 IBM Corporation
Agenda
!  Cyber security today
!  BigFix and QRadar SIEM tighten endpoint security
!  New! - BigFix plus QRadar close the risk management loop
!  Q & A
4© 2015 IBM Corporation
Complexity Architecture Resources
!  Heavy, resource-intensive
agent(s)
!  Multiple point tools &
agents
!  Inability to maintain and
prove compliance with
complex and evolving
regulations
What Organizations face
!  Limited IT budget and
staff
!  Shortage of qualified
personnel
!  Unable to scale over
widely dispersed
locations
!  High costs and risks
associated with
sophisticated threats
!  Inability to remediate and
report on compliance
issues and vulnerabilities
across the environment
5© 2015 IBM Corporation
Vulnerabilities Will Be Exploited!
Source: Verizon Data Breach Investigation Report 2015
Hackers are capitalizing on first few week’s of CVE availability, knowing orgs
can’t patch effectively
Needed – quick identification, prioritization, and remediation!
Almost half of new CVE’s are
exploited in the first 4 weeks
6© 2015 IBM Corporation
IBM is uniquely positioned to offer integrated threat protection
A dynamic, integrated system to disrupt the lifecycle of advanced attacks and prevent loss
Open Integrations Global Threat Intelligence
Ready for IBM Security
Intelligence Ecosystem
•  Share security context
across multiple products
•  100+ vendors, 400+ products
IBM Security Network Protection XGS
Prevent remote network exploits
and limit the use of risky web applications
Smarter Prevention Security Intelligence
IBM Emergency Response Services
Assess impact and plan strategically
and leverage experts to analyze data
and contain threats
Continuous Response
IBM X-Force
Threat Intelligence
Leverage threat intelligence
from multiple expert sources
IBM Trusteer Apex Endpoint
Malware Protection
Prevent malware installation
and disrupt malware communications
IBM Security QRadar Security
Intelligence
Discover and prioritize vulnerabilities
Correlate enterprise-wide threats and detect
suspicious behavior
IBM Security QRadar
Incident Forensics
Retrace full attack activity, search for breach
indicators and guide defense hardening
IBM Guardium Data Activity Monitoring
Prevent power user abuse and misuse
of sensitive data
IBM BigFix
Automate and enforce continuous
compliance of security and regulatory
policies
7© 2015 IBM Corporation
QRadar SIEM
Embedded intelligence enabling automated offense identification
Suspected
IncidentsServers and mainframes
Data activity
Network and virtual activity
Application activity
Configuration information
Security devices
Users and identities
Vulnerabilities and threats
Global threat intelligence
Automated
Offense
Identification
•  Unlimited data collection,
storage and analysis
•  Built in data classification
•  Automatic asset, service and
user discovery and profiling
•  Real-time correlation
and threat intelligence
•  Activity baselining
and anomaly detection
•  Detects incidents
of the box
Embedded
Intelligence
Prioritized Incidents
8© 2015 IBM Corporation
IBM BigFix
Bridging the Gap between Security and IT Ops
ENDPOINT
SECURITY
Discovery
and Patching
Lifecycle
Management
Software Compliance
and Usage
Continuous
Monitoring
Threat
Protection
Incident
Response
ENDPOINT
MANAGEMENT
IBM BigFix®
FIND IT. FIX IT. SECURE IT.
…FAST
Shared visibility and control
between IT Operations
and Security
IT OPERATIONS SECURITY
Reduce operational costs while improving your security posture
9© 2015 IBM Corporation
Extensive Data Sources Deep Intelligence
Exceptionally Accurate and
Actionable Insight+	
   =	
  
"  Near real-time patch feed from BigFix to QRadar Increases vulnerability database accuracy improving
offense and risk analytics to limit potential offenses
"  Establishes baseline for endpoint states and improves alerting on variations to detect threats
"  Represents AV/DLP alerts within consolidated enterprise security view helping correlate advanced
threat activities
"  Improves compliance reporting with deep endpoint state data
BigFix and QRadar tighten endpoint security
BigFix	
  endpoint	
  
deep	
  intelligence	
  	
  	
  
•  Physical	
  /	
  Virtual	
  
•  On/off	
  network	
  
•  Servers	
  
•  Clients	
  
•  POS,	
  ATM,	
  Kiosks	
  
	
  
	
  
10© 2015 IBM Corporation
BigFix Fixlet status visualized in QRadar
10
Patches Critical Fix Configuration
Change
Record of who
made change
11© 2015 IBM Corporation
BigFix vulnerability data stored in QRadar asset database
11
12© 2015 IBM Corporation
Complementary capabilities by use case
QRadar target use case BigFix complementary capabilities
 Advanced threat
detection
  Full visibility of endpoint activity and state marrying anti-virus,
vulnerability information, and configuration data in real-time
  Quickly obtain answers to unique queries to understand security
incidents
  Rapid incident response, such as disabling DLLs being exploited
 Malicious activity
identification
  Guards against full range of malware and scans POP3 email and
Microsoft Outlook folders for threats
  Cross-reference threats real-time with a large, cloud-based database
 User activity
monitoring
  Enforces security baselines, passcode policies, security configurations,
anti-virus policies, patch management, and more
 Compliance reporting
and monitoring
  Provides company-wide reports instantly without polling systems to
assess the organization’s security compliance posture
  Continuous policy enforcement to help maintain compliance
 Fraud detection and
data loss prevention
  Automatically determines safety of dynamically-rated websites protecting
endpoints against web-based malware, data theft, lost productivity and
reputation damage
  Block or allow data being copied to or sent to a variety of delivery
channels
13© 2015 IBM Corporation
Coming soon – Closed-loop risk management
BigFix Compliance with QRadar Vulnerability Manager and Risk Manager deliver
real-time endpoint intelligence for closed-loop risk management
IBM QRadarIBM BigFix
Real-time endpoint
intelligence
Network anomaly
detection
Provides current
endpoint status
Correlates events
and generates alerts
Prompts IT staff
to fix vulnerabilities
•  Improves asset database accuracy
•  Strengthens risk assessments
•  Enhances compliance reporting
•  Accelerates risk prioritization
of threats and vulnerabilities
•  Increases reach of vulnerability
assessment to off-network endpoints
Integrated,
closed-loop
risk
management
14© 2015 IBM Corporation
IBM BigFix Compliance
Using BigFix Compliance, clients get value from:
"  Con$nuous	
  real-­‐$me	
  enforcement	
  of	
  security	
  policies,	
  regardless	
  of	
  network	
  connec$on	
  
status	
  significantly	
  reduces	
  overall	
  security	
  risk	
  
"  Supports	
  industry	
  and	
  regulatory	
  compliance	
  benchmarks	
  for	
  best	
  prac$ce	
  protec$on	
  
"  Discovery	
  of	
  unmanaged	
  endpoints	
  and	
  Automa$c	
  patch	
  and	
  remedia$on	
  of	
  non-­‐
compliant	
  systems	
  reduces	
  risk	
  and	
  labor	
  costs	
  
"  Deploy,	
  update,	
  and	
  health	
  check	
  3rd-­‐party	
  Endpoint	
  Protec$on	
  solu$ons	
  
"  Policy	
  based	
  quaran$ne	
  of	
  non-­‐compliant	
  systems	
  
Lifecycle Inventory Patch Compliance Protection
BigFix Platform
More than 10,000 heterogeneous platform compliance checks
based on best practice regulatory benchmarks from CIS, PCI DSS, DISA STIG, USGCB
15© 2015 IBM Corporation
98% patch and update compliance rate on 4,000+ workstations
with 50% reduced labor costs
Infirmary Health System
Continuous security configuration compliance
Accurate, real-time visibility and continuous security configuration enforcement
Continuous compliance “set and forget”
•  No high-risk periods
•  Lower total cost
•  Continued improvement
•  Identify and report on any configuration drift
•  Library of 10,000+ compliance checks
(e.g., CIS, PCI, USGCB, DISA STIG)
Traditional compliance “out of synch”
•  High-risk and cost periods
•  Manual approach causes endpoints
to fall out of compliance again
Traditional versus Continuous
Time
Compliance
ContinuousTraditional
RISK
SCAP
16© 2015 IBM Corporation
QRadar Risk and Vulnerability Management
Discovery
and
Verification
Intelligent
Context
Driven
Prioritization
Automatic
Delegation
and
Assignments
•  Uncovers the weaknesses
•  Daily vulnerability and patch updates
•  Proven, certified scanning
•  Endpoints, assets, device configuration
•  Passive and active discovery
•  What assets are important ?
•  Where are the threats ?
•  Who is talking to who ?
•  What is blocked and patched already ?
•  What is out of compliance ?
•  Who needs to action
•  What needs to be done
•  Missing patches
•  Signatures
•  Configuration changes
Reporting
and
Alerting
•  What needs escalation
•  What is in and out of compliance
•  Dashboards and reports
•  APIs
Feedback
And
Compliance
Discovery and verification
Intelligent
Context driven
Prioritization
Delegate and assign
Updated
Posture
17© 2015 IBM Corporation
BigFix Compliance plus QRadar
Capability
BigFix
Compliance
QRadar
Vuln Mgr
QRadar
Risk Mgr
BigFix +
QRadar
Continuous
policy monitoring
ü
Endpoint
ü
Network
üü
Endpoint
quarantine /
remediation
ü ü
Vulnerability
discovery
ü
Real-time Windows
ü
Heterogeneous scan
üü
Real-time updates
Asset discovery ü ü üü
Risk analysis /
reporting
ü
CVSS
ü
Correlated threat
üü
Real-time updates
Closed loop
action
delegation /
assignment
üü
Vulnerabilities Will Be Exploited!
Quick identification, prioritization,
and remediation!
BigFix plus QRadar address the highest security risks first!
High priority risks sent to BigFix for action
•  Deeper, timely endpoint data
•  Faster remediation of critical risks
18© 2015 IBM Corporation
STEP ONE
Provide Continuous Insight
across all endpoints.
INCLUDING off-network
laptops
STEP FOUR
Expedite remediation of
ranked vulnerabilities,
configuration drift and
irregular behavior
STEP TWO
Enforce Policy Compliance
of Security, Regulatory &
Operational Mandates.
STEP THREE
Prioritize vulnerabilities and
remediation activities by
risk
•  QRadar correlates assets &
vulnerabilities with real-time
security data
•  It then sends the prioritized
list to BigFix administrators
•  Machine Name, OS, IP Address, Malware
incidents etc.
•  Provides details on physical and virtual servers,
PCs, Macs, POS devices, ATMs, kiosks, etc.
•  All known CVEs exposed on an endpoint
•  Quarantine endpoints until
they can be remediated
•  Patch or reconfigure endpoints
IBM BigFixIBM BigFix
IBM BigFix
•  BigFix sends vulnerability and patch data to
QRadar, automatically ensuring that QRadar's
asset database is updated with current data
Extending QRadar’s reach and simplifying incident response with BigFix
Legend
•  Avail Today
•  Coming Soon
19© 2015 IBM Corporation
BF Compliance endpoint view of QRadar prioritized vulnerabilities
Endpoint info QRadar Risk Score CVEs
Relevant fixlets
Subject to change
20© 2015 IBM Corporation
BigFix CVE Action Status
Subject to change
Action Status
21© 2015 IBM Corporation
Prioritized CVE view
Subject to change
Endpoints affectedCVE ID and risk score
22© 2015 IBM Corporation
BigFix / QRadar Integration Use Cases
1. BigFix fixlet and vulnerability status messages passed to QRadar
–  Customer value: Actions that occur and vulnerabilities that exists on endpoints can be passed to QRadar for
correlation with other security events. BigFix patch status is relayed to QRadar in a very timely fashion and is
stored in the asset database.
2. QRadar can generate a list of assets that do not have BigFix installed, showing
how many vulnerabilities could be remediated on each asset if BigFix were
installed
–  Customer value: Rapid identification of rogue or unmanaged assets and improved detection and reaction time.
Provides strong case for managing assets with BigFix.
3. QRadar (QVM) assigns high-risk vulnerabilities (i.e. those determined via QRM
policies) to BigFix for remediation or quarantine; also allows tracking should an
exploit occur
–  Customer value: Typical BigFix customers don’t have a way to figure out which patches should be assigned
high priority. With this integration, high-risk vulnerabilities could be easily assigned to operations personnel as
needed. BigFix administrators gain a way to know which patches should be considered for high priority “out of
band” patching, and can initiate remediation immediately. This reduces risk of initial exploit, exploit propagation,
and improves productivity.
Typical QRadar customers don’t have a way to isolate vulnerable or compromised devices to limit potential
exposures. With this integration, high-risk vulnerabilities could be easily isolated form the network allowing only
BigFix communications. QRadar administrators gain a way to immediately react to possible exposures and
have BigFix Administrators remediate the vulnerability. This reduces risk of initial exploit, exploit propagation,
and improves productivity
AvailableTodayComingSoon
*The	
  Informa$on	
  regarding	
  poten$al	
  future	
  products	
  is	
  intended	
  to	
  outline	
  our	
  general	
  product	
  direc$on	
  and	
  it	
  should	
  not	
  be	
  relied	
  on	
  in	
  making	
  a	
  purchasing	
  decision.	
  The	
  informa$on	
  men$oned	
  regarding	
  
poten$al	
  future	
  products	
  is	
  not	
  a	
  commitment,	
  promise,	
  or	
  legal	
  obliga$on	
  to	
  deliver	
  any	
  material,	
  code	
  or	
  func$onality.	
  Informa$on	
  about	
  poten$al	
  future	
  products	
  may	
  not	
  be	
  incorporated	
  into	
  any	
  contract.	
  The	
  
development,	
  release,	
  and	
  $ming	
  of	
  any	
  future	
  features	
  or	
  func$onality	
  described	
  for	
  our	
  products	
  remains	
  at	
  our	
  sole	
  discre$on.	
  
Subject	
  to	
  IBM	
  NDA	
  
23© 2015 IBM Corporation
Endpoint & Threat Focal Points
Sales Leaders:
•  Anthony Aurigemma, WW Director of E&M Sales aaurigem@us.ibm.com
•  Mark Phinick, WW Sales Leader mphinick@us.ibm.com
•  Josh Stegall, WW Channel Sales Leader jstegall@us.ibm.com
•  Jim Gottardi, NA Sales Leader Jim.Gottardi@us.ibm.com
•  Teng Sherng Lim (T.S.), AP Sales Leader limtsh@sg.ibm.com
•  John Seyerle, EU Sales Leader JSEY@ch.ibm.com
Technical Leaders & Product Management:
•  Jim Brennan, Dir, Product Mgt & Strategy jim.brennan@us.ibm.com
•  Murtuza Choilawala, Pgm Director, PM & Strategy murtuza@us.ibm.com
•  Rich Caponigro, BigFix Compliance PM cappy@us.ibm.com
•  Lee Wei, WW Technical Sales Leader leewei@us.ibm.com
•  Alex Donatelli, CTO for Endpoint Security alex.donatelli@it.ibm.com
–  George Mina, Product Marketing geemin11@us.ibm.com
–  Rohan Ramesh, Product Marketing rohanr@ca.ibm.com
–  Mark Taggart, WW Sales Empowerment mttaggar@us.ibm.com
Key Contacts
24© 2015 IBM Corporation
Website: www.bigfix.com
Twitter: @IBMBigFix
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any
kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor
shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use
of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or
capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product
or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or
both. Other company, product, or service names may be trademarks or service marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on
others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM
systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other
systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE
IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.
THANK YOU
www.ibm.com/security

More Related Content

What's hot

Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
Samuel Kamuli
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune System
Juan Pablo Coelho
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
Precisely
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
Camilo Fandiño Gómez
 
IBM Qradar-Advisor
IBM Qradar-AdvisorIBM Qradar-Advisor
IBM Qradar-Advisor
Luigi Perrone
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
Camilo Fandiño Gómez
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
Rasmi Swain
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
Coenraad Smith
 
Ivanti New Pricing Model
Ivanti New Pricing ModelIvanti New Pricing Model
Ivanti New Pricing Model
Ivanti
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
DATA SECURITY SOLUTIONS
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affair
George Delikouras
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
Avishek Priyadarshi
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
Camilo Fandiño Gómez
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management  a technical perspec...A business driven approach to security policy management  a technical perspec...
A business driven approach to security policy management a technical perspec...
AlgoSec
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
Sameer Paradia
 
MOP Technical Presentation.Ppt
MOP Technical Presentation.PptMOP Technical Presentation.Ppt
MOP Technical Presentation.Ppt
tswong
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM Implementation
Michael Nickle
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security Services
Jad Bejjani
 

What's hot (20)

Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune System
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
The New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and SecurityThe New Assure Security: Complete IBM i Compliance and Security
The New Assure Security: Complete IBM i Compliance and Security
 
IBM Security QFlow & Vflow
IBM Security QFlow & VflowIBM Security QFlow & Vflow
IBM Security QFlow & Vflow
 
IBM Qradar-Advisor
IBM Qradar-AdvisorIBM Qradar-Advisor
IBM Qradar-Advisor
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
 
IBM Qradar
IBM QradarIBM Qradar
IBM Qradar
 
Ivanti New Pricing Model
Ivanti New Pricing ModelIvanti New Pricing Model
Ivanti New Pricing Model
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
 
Is it an internal affair
Is it an internal affairIs it an internal affair
Is it an internal affair
 
IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.IBM-QRadar-Corporate-Online-Training.
IBM-QRadar-Corporate-Online-Training.
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management  a technical perspec...A business driven approach to security policy management  a technical perspec...
A business driven approach to security policy management a technical perspec...
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
 
MOP Technical Presentation.Ppt
MOP Technical Presentation.PptMOP Technical Presentation.Ppt
MOP Technical Presentation.Ppt
 
MISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM ImplementationMISTI Infosec 2010- SIEM Implementation
MISTI Infosec 2010- SIEM Implementation
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security Services
 

Viewers also liked

What is different about the ibm mainframe
What is different about the ibm mainframeWhat is different about the ibm mainframe
What is different about the ibm mainframe
Jim Porell
 
Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...
Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...
Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...
IBM Security
 
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and SecurityIBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM Security
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
IBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
IBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
IBM Security
 
z/OS Communications Server Overview
z/OS Communications Server Overviewz/OS Communications Server Overview
z/OS Communications Server Overview
zOSCommserver
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
IBM Security
 
New IBM Mainframe 2016 - Z13
New IBM Mainframe 2016 - Z13 New IBM Mainframe 2016 - Z13
New IBM Mainframe 2016 - Z13
Francisco González Jiménez
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 

Viewers also liked (13)

What is different about the ibm mainframe
What is different about the ibm mainframeWhat is different about the ibm mainframe
What is different about the ibm mainframe
 
Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...
Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...
Don't Risk Your Reputation or Your Mainframe: Best Practices for Demonstratin...
 
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and SecurityIBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
z/OS Communications Server Overview
z/OS Communications Server Overviewz/OS Communications Server Overview
z/OS Communications Server Overview
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
New IBM Mainframe 2016 - Z13
New IBM Mainframe 2016 - Z13 New IBM Mainframe 2016 - Z13
New IBM Mainframe 2016 - Z13
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 

Similar to Mitigate attacks with IBM BigFix and Q-Radar

What’s the State of Your Endpoint Security?
What’s the State of Your    Endpoint Security?What’s the State of Your    Endpoint Security?
What’s the State of Your Endpoint Security?
IBM Security
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
Jyothi Satyanathan
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
IBM
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
HCLSoftware
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
IBM Security
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
SPI Conference
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control Costs
IBM Security
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliTecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentali
Jürgen Ambrosi
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
Casey Lucas
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
Camilo Fandiño Gómez
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating Malware
Sarah Freemantle
 
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
xband
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
FMA Summits
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
dawnrk
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
dawnrk
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
IBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
Francisco González Jiménez
 

Similar to Mitigate attacks with IBM BigFix and Q-Radar (20)

What’s the State of Your Endpoint Security?
What’s the State of Your    Endpoint Security?What’s the State of Your    Endpoint Security?
What’s the State of Your Endpoint Security?
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
 
Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control Costs
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliTecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentali
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating Malware
 
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 

More from Francisco González Jiménez

LinkedIn Executive Playbook
LinkedIn Executive PlaybookLinkedIn Executive Playbook
LinkedIn Executive Playbook
Francisco González Jiménez
 
IBM - 2016 - guide to consumer products
IBM - 2016 - guide to consumer productsIBM - 2016 - guide to consumer products
IBM - 2016 - guide to consumer products
Francisco González Jiménez
 
IBM - 2016 - Retail Industry Solutions Guide
IBM - 2016 - Retail Industry Solutions GuideIBM - 2016 - Retail Industry Solutions Guide
IBM - 2016 - Retail Industry Solutions Guide
Francisco González Jiménez
 
IBM - 2016 - Guide to Consumer Products
IBM - 2016 - Guide to Consumer ProductsIBM - 2016 - Guide to Consumer Products
IBM - 2016 - Guide to Consumer Products
Francisco González Jiménez
 
Cognitive analytics: What's coming in 2016?
Cognitive analytics: What's coming in 2016?Cognitive analytics: What's coming in 2016?
Cognitive analytics: What's coming in 2016?
Francisco González Jiménez
 
IBM - Warranty service upgrade
IBM - Warranty service upgradeIBM - Warranty service upgrade
IBM - Warranty service upgrade
Francisco González Jiménez
 
IBM 2016 - Six reasons to upgrade your database
IBM 2016 - Six reasons to upgrade your databaseIBM 2016 - Six reasons to upgrade your database
IBM 2016 - Six reasons to upgrade your database
Francisco González Jiménez
 
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
Francisco González Jiménez
 
IBM Spectrum - La clave para liberar todo el poder de sus datos
IBM Spectrum - La clave para liberar todo el poder de sus datosIBM Spectrum - La clave para liberar todo el poder de sus datos
IBM Spectrum - La clave para liberar todo el poder de sus datos
Francisco González Jiménez
 
Ovum Decision Matrix
Ovum Decision MatrixOvum Decision Matrix
Ovum Decision Matrix
Francisco González Jiménez
 
IBM - Cognitive Computing in Insurance
IBM - Cognitive Computing in InsuranceIBM - Cognitive Computing in Insurance
IBM - Cognitive Computing in Insurance
Francisco González Jiménez
 
IBM - Tiempo es dinero
IBM - Tiempo es dineroIBM - Tiempo es dinero
IBM - Tiempo es dinero
Francisco González Jiménez
 
IBM - Introduction to Cloudant
IBM - Introduction to CloudantIBM - Introduction to Cloudant
IBM - Introduction to Cloudant
Francisco González Jiménez
 
Bluemix - Overview & Benefits
Bluemix - Overview & BenefitsBluemix - Overview & Benefits
Bluemix - Overview & Benefits
Francisco González Jiménez
 
IBM Watson
IBM Watson IBM Watson
IBM Sametime 9 Complete - Basic Features Installation
IBM Sametime 9 Complete - Basic Features InstallationIBM Sametime 9 Complete - Basic Features Installation
IBM Sametime 9 Complete - Basic Features Installation
Francisco González Jiménez
 
IBM Subscription and Support - English
IBM Subscription and Support - EnglishIBM Subscription and Support - English
IBM Subscription and Support - English
Francisco González Jiménez
 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
Francisco González Jiménez
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
Francisco González Jiménez
 
IBM - Subscription and Support - Spanish
IBM - Subscription and Support - SpanishIBM - Subscription and Support - Spanish
IBM - Subscription and Support - Spanish
Francisco González Jiménez
 

More from Francisco González Jiménez (20)

LinkedIn Executive Playbook
LinkedIn Executive PlaybookLinkedIn Executive Playbook
LinkedIn Executive Playbook
 
IBM - 2016 - guide to consumer products
IBM - 2016 - guide to consumer productsIBM - 2016 - guide to consumer products
IBM - 2016 - guide to consumer products
 
IBM - 2016 - Retail Industry Solutions Guide
IBM - 2016 - Retail Industry Solutions GuideIBM - 2016 - Retail Industry Solutions Guide
IBM - 2016 - Retail Industry Solutions Guide
 
IBM - 2016 - Guide to Consumer Products
IBM - 2016 - Guide to Consumer ProductsIBM - 2016 - Guide to Consumer Products
IBM - 2016 - Guide to Consumer Products
 
Cognitive analytics: What's coming in 2016?
Cognitive analytics: What's coming in 2016?Cognitive analytics: What's coming in 2016?
Cognitive analytics: What's coming in 2016?
 
IBM - Warranty service upgrade
IBM - Warranty service upgradeIBM - Warranty service upgrade
IBM - Warranty service upgrade
 
IBM 2016 - Six reasons to upgrade your database
IBM 2016 - Six reasons to upgrade your databaseIBM 2016 - Six reasons to upgrade your database
IBM 2016 - Six reasons to upgrade your database
 
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
IBM - FlashSystem - Su cliente lo quiere ya, ¿puedes entregarlo?
 
IBM Spectrum - La clave para liberar todo el poder de sus datos
IBM Spectrum - La clave para liberar todo el poder de sus datosIBM Spectrum - La clave para liberar todo el poder de sus datos
IBM Spectrum - La clave para liberar todo el poder de sus datos
 
Ovum Decision Matrix
Ovum Decision MatrixOvum Decision Matrix
Ovum Decision Matrix
 
IBM - Cognitive Computing in Insurance
IBM - Cognitive Computing in InsuranceIBM - Cognitive Computing in Insurance
IBM - Cognitive Computing in Insurance
 
IBM - Tiempo es dinero
IBM - Tiempo es dineroIBM - Tiempo es dinero
IBM - Tiempo es dinero
 
IBM - Introduction to Cloudant
IBM - Introduction to CloudantIBM - Introduction to Cloudant
IBM - Introduction to Cloudant
 
Bluemix - Overview & Benefits
Bluemix - Overview & BenefitsBluemix - Overview & Benefits
Bluemix - Overview & Benefits
 
IBM Watson
IBM Watson IBM Watson
IBM Watson
 
IBM Sametime 9 Complete - Basic Features Installation
IBM Sametime 9 Complete - Basic Features InstallationIBM Sametime 9 Complete - Basic Features Installation
IBM Sametime 9 Complete - Basic Features Installation
 
IBM Subscription and Support - English
IBM Subscription and Support - EnglishIBM Subscription and Support - English
IBM Subscription and Support - English
 
IBM Cloud Security Enforcer
IBM Cloud Security EnforcerIBM Cloud Security Enforcer
IBM Cloud Security Enforcer
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
 
IBM - Subscription and Support - Spanish
IBM - Subscription and Support - SpanishIBM - Subscription and Support - Spanish
IBM - Subscription and Support - Spanish
 

Recently uploaded

GT degree offer diploma Transcript
GT degree offer diploma TranscriptGT degree offer diploma Transcript
GT degree offer diploma Transcript
attueb
 
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
kiara pandey
 
A Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdf
A Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdfA Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdf
A Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdf
kalichargn70th171
 
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
norina2645
 
Empowering Businesses with Intelligent Software Solutions - Grawlix
Empowering Businesses with Intelligent Software Solutions - GrawlixEmpowering Businesses with Intelligent Software Solutions - Grawlix
Empowering Businesses with Intelligent Software Solutions - Grawlix
Aarisha Shaikh
 
03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching
quanhoangd129
 
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Deliverybangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
sunilverma7884
 
07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching
quanhoangd129
 
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
shanihomely
 
當測試開始左移
當測試開始左移當測試開始左移
當測試開始左移
Jersey (CHE-PING) Su
 
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
902basic
 
TEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with YouTEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with You
marcofolio
 
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
3610stuck
 
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
singhlata50dh
 
01. Ruby Introduction - Ruby Core Teaching
01. Ruby Introduction - Ruby Core Teaching01. Ruby Introduction - Ruby Core Teaching
01. Ruby Introduction - Ruby Core Teaching
quanhoangd129
 
ERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in CoimbatoreERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in Coimbatore
Nextskill Technologies
 
Hotel Management Software Development Company
Hotel Management Software Development CompanyHotel Management Software Development Company
Hotel Management Software Development Company
XongoLab Technologies LLP
 
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
rachitkumar09887
 
Applitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdfApplitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdf
Applitools
 
06. Ruby Array & Hash - Ruby Core Teaching
06. Ruby Array & Hash - Ruby Core Teaching06. Ruby Array & Hash - Ruby Core Teaching
06. Ruby Array & Hash - Ruby Core Teaching
quanhoangd129
 

Recently uploaded (20)

GT degree offer diploma Transcript
GT degree offer diploma TranscriptGT degree offer diploma Transcript
GT degree offer diploma Transcript
 
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
Celebrity Girls Call Mumbai 9930687706 Unlimited Short Providing Girls Servic...
 
A Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdf
A Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdfA Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdf
A Step-by-Step Guide to Selecting the Right Automated Software Testing Tools.pdf
 
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
Celebrity Girls Call Mumbai 🛵🚡9910780858 💃 Choose Best And Top Girl Service A...
 
Empowering Businesses with Intelligent Software Solutions - Grawlix
Empowering Businesses with Intelligent Software Solutions - GrawlixEmpowering Businesses with Intelligent Software Solutions - Grawlix
Empowering Businesses with Intelligent Software Solutions - Grawlix
 
03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching03. Ruby Variables & Regex - Ruby Core Teaching
03. Ruby Variables & Regex - Ruby Core Teaching
 
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Deliverybangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
 
07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching07. Ruby String Slides - Ruby Core Teaching
07. Ruby String Slides - Ruby Core Teaching
 
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
Russian Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service ...
 
當測試開始左移
當測試開始左移當測試開始左移
當測試開始左移
 
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
Private Girls Call Navi Mumbai 🛵🚡9820252231 💃 Choose Best And Top Girl Servic...
 
TEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with YouTEQnation 2024: Sustainable Software: May the Green Code Be with You
TEQnation 2024: Sustainable Software: May the Green Code Be with You
 
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
Mumbai Girls Call Mumbai 🎈🔥9930687706 🔥💋🎈 Provide Best And Top Girl Service A...
 
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
High Girls Call Chennai 000XX00000 Provide Best And Top Girl Service And No1 ...
 
01. Ruby Introduction - Ruby Core Teaching
01. Ruby Introduction - Ruby Core Teaching01. Ruby Introduction - Ruby Core Teaching
01. Ruby Introduction - Ruby Core Teaching
 
ERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in CoimbatoreERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in Coimbatore
 
Hotel Management Software Development Company
Hotel Management Software Development CompanyHotel Management Software Development Company
Hotel Management Software Development Company
 
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
 
Applitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdfApplitools Autonomous 2.0 Sneak Peek.pdf
Applitools Autonomous 2.0 Sneak Peek.pdf
 
06. Ruby Array & Hash - Ruby Core Teaching
06. Ruby Array & Hash - Ruby Core Teaching06. Ruby Array & Hash - Ruby Core Teaching
06. Ruby Array & Hash - Ruby Core Teaching
 

Mitigate attacks with IBM BigFix and Q-Radar

  • 1. © 2015 IBM Corporation Mitigate attacks with IBM BigFix and QRadar Rich Caponigro IBM BigFix Security Product Manager cappy@us.ibm.com Don’t drown in a sea of cyber-threats
  • 2. 2© 2015 IBM Corporation Please Note: !  IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. !  Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. !  The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. !  The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
  • 3. 3© 2015 IBM Corporation Agenda !  Cyber security today !  BigFix and QRadar SIEM tighten endpoint security !  New! - BigFix plus QRadar close the risk management loop !  Q & A
  • 4. 4© 2015 IBM Corporation Complexity Architecture Resources !  Heavy, resource-intensive agent(s) !  Multiple point tools & agents !  Inability to maintain and prove compliance with complex and evolving regulations What Organizations face !  Limited IT budget and staff !  Shortage of qualified personnel !  Unable to scale over widely dispersed locations !  High costs and risks associated with sophisticated threats !  Inability to remediate and report on compliance issues and vulnerabilities across the environment
  • 5. 5© 2015 IBM Corporation Vulnerabilities Will Be Exploited! Source: Verizon Data Breach Investigation Report 2015 Hackers are capitalizing on first few week’s of CVE availability, knowing orgs can’t patch effectively Needed – quick identification, prioritization, and remediation! Almost half of new CVE’s are exploited in the first 4 weeks
  • 6. 6© 2015 IBM Corporation IBM is uniquely positioned to offer integrated threat protection A dynamic, integrated system to disrupt the lifecycle of advanced attacks and prevent loss Open Integrations Global Threat Intelligence Ready for IBM Security Intelligence Ecosystem •  Share security context across multiple products •  100+ vendors, 400+ products IBM Security Network Protection XGS Prevent remote network exploits and limit the use of risky web applications Smarter Prevention Security Intelligence IBM Emergency Response Services Assess impact and plan strategically and leverage experts to analyze data and contain threats Continuous Response IBM X-Force Threat Intelligence Leverage threat intelligence from multiple expert sources IBM Trusteer Apex Endpoint Malware Protection Prevent malware installation and disrupt malware communications IBM Security QRadar Security Intelligence Discover and prioritize vulnerabilities Correlate enterprise-wide threats and detect suspicious behavior IBM Security QRadar Incident Forensics Retrace full attack activity, search for breach indicators and guide defense hardening IBM Guardium Data Activity Monitoring Prevent power user abuse and misuse of sensitive data IBM BigFix Automate and enforce continuous compliance of security and regulatory policies
  • 7. 7© 2015 IBM Corporation QRadar SIEM Embedded intelligence enabling automated offense identification Suspected IncidentsServers and mainframes Data activity Network and virtual activity Application activity Configuration information Security devices Users and identities Vulnerabilities and threats Global threat intelligence Automated Offense Identification •  Unlimited data collection, storage and analysis •  Built in data classification •  Automatic asset, service and user discovery and profiling •  Real-time correlation and threat intelligence •  Activity baselining and anomaly detection •  Detects incidents of the box Embedded Intelligence Prioritized Incidents
  • 8. 8© 2015 IBM Corporation IBM BigFix Bridging the Gap between Security and IT Ops ENDPOINT SECURITY Discovery and Patching Lifecycle Management Software Compliance and Usage Continuous Monitoring Threat Protection Incident Response ENDPOINT MANAGEMENT IBM BigFix® FIND IT. FIX IT. SECURE IT. …FAST Shared visibility and control between IT Operations and Security IT OPERATIONS SECURITY Reduce operational costs while improving your security posture
  • 9. 9© 2015 IBM Corporation Extensive Data Sources Deep Intelligence Exceptionally Accurate and Actionable Insight+   =   "  Near real-time patch feed from BigFix to QRadar Increases vulnerability database accuracy improving offense and risk analytics to limit potential offenses "  Establishes baseline for endpoint states and improves alerting on variations to detect threats "  Represents AV/DLP alerts within consolidated enterprise security view helping correlate advanced threat activities "  Improves compliance reporting with deep endpoint state data BigFix and QRadar tighten endpoint security BigFix  endpoint   deep  intelligence       •  Physical  /  Virtual   •  On/off  network   •  Servers   •  Clients   •  POS,  ATM,  Kiosks      
  • 10. 10© 2015 IBM Corporation BigFix Fixlet status visualized in QRadar 10 Patches Critical Fix Configuration Change Record of who made change
  • 11. 11© 2015 IBM Corporation BigFix vulnerability data stored in QRadar asset database 11
  • 12. 12© 2015 IBM Corporation Complementary capabilities by use case QRadar target use case BigFix complementary capabilities  Advanced threat detection   Full visibility of endpoint activity and state marrying anti-virus, vulnerability information, and configuration data in real-time   Quickly obtain answers to unique queries to understand security incidents   Rapid incident response, such as disabling DLLs being exploited  Malicious activity identification   Guards against full range of malware and scans POP3 email and Microsoft Outlook folders for threats   Cross-reference threats real-time with a large, cloud-based database  User activity monitoring   Enforces security baselines, passcode policies, security configurations, anti-virus policies, patch management, and more  Compliance reporting and monitoring   Provides company-wide reports instantly without polling systems to assess the organization’s security compliance posture   Continuous policy enforcement to help maintain compliance  Fraud detection and data loss prevention   Automatically determines safety of dynamically-rated websites protecting endpoints against web-based malware, data theft, lost productivity and reputation damage   Block or allow data being copied to or sent to a variety of delivery channels
  • 13. 13© 2015 IBM Corporation Coming soon – Closed-loop risk management BigFix Compliance with QRadar Vulnerability Manager and Risk Manager deliver real-time endpoint intelligence for closed-loop risk management IBM QRadarIBM BigFix Real-time endpoint intelligence Network anomaly detection Provides current endpoint status Correlates events and generates alerts Prompts IT staff to fix vulnerabilities •  Improves asset database accuracy •  Strengthens risk assessments •  Enhances compliance reporting •  Accelerates risk prioritization of threats and vulnerabilities •  Increases reach of vulnerability assessment to off-network endpoints Integrated, closed-loop risk management
  • 14. 14© 2015 IBM Corporation IBM BigFix Compliance Using BigFix Compliance, clients get value from: "  Con$nuous  real-­‐$me  enforcement  of  security  policies,  regardless  of  network  connec$on   status  significantly  reduces  overall  security  risk   "  Supports  industry  and  regulatory  compliance  benchmarks  for  best  prac$ce  protec$on   "  Discovery  of  unmanaged  endpoints  and  Automa$c  patch  and  remedia$on  of  non-­‐ compliant  systems  reduces  risk  and  labor  costs   "  Deploy,  update,  and  health  check  3rd-­‐party  Endpoint  Protec$on  solu$ons   "  Policy  based  quaran$ne  of  non-­‐compliant  systems   Lifecycle Inventory Patch Compliance Protection BigFix Platform More than 10,000 heterogeneous platform compliance checks based on best practice regulatory benchmarks from CIS, PCI DSS, DISA STIG, USGCB
  • 15. 15© 2015 IBM Corporation 98% patch and update compliance rate on 4,000+ workstations with 50% reduced labor costs Infirmary Health System Continuous security configuration compliance Accurate, real-time visibility and continuous security configuration enforcement Continuous compliance “set and forget” •  No high-risk periods •  Lower total cost •  Continued improvement •  Identify and report on any configuration drift •  Library of 10,000+ compliance checks (e.g., CIS, PCI, USGCB, DISA STIG) Traditional compliance “out of synch” •  High-risk and cost periods •  Manual approach causes endpoints to fall out of compliance again Traditional versus Continuous Time Compliance ContinuousTraditional RISK SCAP
  • 16. 16© 2015 IBM Corporation QRadar Risk and Vulnerability Management Discovery and Verification Intelligent Context Driven Prioritization Automatic Delegation and Assignments •  Uncovers the weaknesses •  Daily vulnerability and patch updates •  Proven, certified scanning •  Endpoints, assets, device configuration •  Passive and active discovery •  What assets are important ? •  Where are the threats ? •  Who is talking to who ? •  What is blocked and patched already ? •  What is out of compliance ? •  Who needs to action •  What needs to be done •  Missing patches •  Signatures •  Configuration changes Reporting and Alerting •  What needs escalation •  What is in and out of compliance •  Dashboards and reports •  APIs Feedback And Compliance Discovery and verification Intelligent Context driven Prioritization Delegate and assign Updated Posture
  • 17. 17© 2015 IBM Corporation BigFix Compliance plus QRadar Capability BigFix Compliance QRadar Vuln Mgr QRadar Risk Mgr BigFix + QRadar Continuous policy monitoring ü Endpoint ü Network üü Endpoint quarantine / remediation ü ü Vulnerability discovery ü Real-time Windows ü Heterogeneous scan üü Real-time updates Asset discovery ü ü üü Risk analysis / reporting ü CVSS ü Correlated threat üü Real-time updates Closed loop action delegation / assignment üü Vulnerabilities Will Be Exploited! Quick identification, prioritization, and remediation! BigFix plus QRadar address the highest security risks first! High priority risks sent to BigFix for action •  Deeper, timely endpoint data •  Faster remediation of critical risks
  • 18. 18© 2015 IBM Corporation STEP ONE Provide Continuous Insight across all endpoints. INCLUDING off-network laptops STEP FOUR Expedite remediation of ranked vulnerabilities, configuration drift and irregular behavior STEP TWO Enforce Policy Compliance of Security, Regulatory & Operational Mandates. STEP THREE Prioritize vulnerabilities and remediation activities by risk •  QRadar correlates assets & vulnerabilities with real-time security data •  It then sends the prioritized list to BigFix administrators •  Machine Name, OS, IP Address, Malware incidents etc. •  Provides details on physical and virtual servers, PCs, Macs, POS devices, ATMs, kiosks, etc. •  All known CVEs exposed on an endpoint •  Quarantine endpoints until they can be remediated •  Patch or reconfigure endpoints IBM BigFixIBM BigFix IBM BigFix •  BigFix sends vulnerability and patch data to QRadar, automatically ensuring that QRadar's asset database is updated with current data Extending QRadar’s reach and simplifying incident response with BigFix Legend •  Avail Today •  Coming Soon
  • 19. 19© 2015 IBM Corporation BF Compliance endpoint view of QRadar prioritized vulnerabilities Endpoint info QRadar Risk Score CVEs Relevant fixlets Subject to change
  • 20. 20© 2015 IBM Corporation BigFix CVE Action Status Subject to change Action Status
  • 21. 21© 2015 IBM Corporation Prioritized CVE view Subject to change Endpoints affectedCVE ID and risk score
  • 22. 22© 2015 IBM Corporation BigFix / QRadar Integration Use Cases 1. BigFix fixlet and vulnerability status messages passed to QRadar –  Customer value: Actions that occur and vulnerabilities that exists on endpoints can be passed to QRadar for correlation with other security events. BigFix patch status is relayed to QRadar in a very timely fashion and is stored in the asset database. 2. QRadar can generate a list of assets that do not have BigFix installed, showing how many vulnerabilities could be remediated on each asset if BigFix were installed –  Customer value: Rapid identification of rogue or unmanaged assets and improved detection and reaction time. Provides strong case for managing assets with BigFix. 3. QRadar (QVM) assigns high-risk vulnerabilities (i.e. those determined via QRM policies) to BigFix for remediation or quarantine; also allows tracking should an exploit occur –  Customer value: Typical BigFix customers don’t have a way to figure out which patches should be assigned high priority. With this integration, high-risk vulnerabilities could be easily assigned to operations personnel as needed. BigFix administrators gain a way to know which patches should be considered for high priority “out of band” patching, and can initiate remediation immediately. This reduces risk of initial exploit, exploit propagation, and improves productivity. Typical QRadar customers don’t have a way to isolate vulnerable or compromised devices to limit potential exposures. With this integration, high-risk vulnerabilities could be easily isolated form the network allowing only BigFix communications. QRadar administrators gain a way to immediately react to possible exposures and have BigFix Administrators remediate the vulnerability. This reduces risk of initial exploit, exploit propagation, and improves productivity AvailableTodayComingSoon *The  Informa$on  regarding  poten$al  future  products  is  intended  to  outline  our  general  product  direc$on  and  it  should  not  be  relied  on  in  making  a  purchasing  decision.  The  informa$on  men$oned  regarding   poten$al  future  products  is  not  a  commitment,  promise,  or  legal  obliga$on  to  deliver  any  material,  code  or  func$onality.  Informa$on  about  poten$al  future  products  may  not  be  incorporated  into  any  contract.  The   development,  release,  and  $ming  of  any  future  features  or  func$onality  described  for  our  products  remains  at  our  sole  discre$on.   Subject  to  IBM  NDA  
  • 23. 23© 2015 IBM Corporation Endpoint & Threat Focal Points Sales Leaders: •  Anthony Aurigemma, WW Director of E&M Sales aaurigem@us.ibm.com •  Mark Phinick, WW Sales Leader mphinick@us.ibm.com •  Josh Stegall, WW Channel Sales Leader jstegall@us.ibm.com •  Jim Gottardi, NA Sales Leader Jim.Gottardi@us.ibm.com •  Teng Sherng Lim (T.S.), AP Sales Leader limtsh@sg.ibm.com •  John Seyerle, EU Sales Leader JSEY@ch.ibm.com Technical Leaders & Product Management: •  Jim Brennan, Dir, Product Mgt & Strategy jim.brennan@us.ibm.com •  Murtuza Choilawala, Pgm Director, PM & Strategy murtuza@us.ibm.com •  Rich Caponigro, BigFix Compliance PM cappy@us.ibm.com •  Lee Wei, WW Technical Sales Leader leewei@us.ibm.com •  Alex Donatelli, CTO for Endpoint Security alex.donatelli@it.ibm.com –  George Mina, Product Marketing geemin11@us.ibm.com –  Rohan Ramesh, Product Marketing rohanr@ca.ibm.com –  Mark Taggart, WW Sales Empowerment mttaggar@us.ibm.com Key Contacts
  • 24. 24© 2015 IBM Corporation Website: www.bigfix.com Twitter: @IBMBigFix
  • 25. © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security