SlideShare a Scribd company logo

Top 5 Things to Look for in an IPS Solution

Download as PPTX, PDF
IBM Security
IBM Security

The document discusses top 5 things to look for in an intrusion prevention system (IPS) solution and how IBM's next-generation IPS addresses these areas. It recommends looking for 1) behavioral threat detection methods, 2) granular application and user controls, 3) fast encrypted traffic inspection, 4) flexible performance options like Field Programmable Gate Arrays (FPGAs) and modular network interfaces, and 5) integration capabilities with security investments like IBM QRadar. The document claims IBM's next-gen IPS (XGS) provides all of these areas to protect against modern attacks beyond just signature-based methods.

Technology
1 of 29
Top 5 Things to Look for in an IPS Solution Eric P. York November 10, 2016 Sr. Product Offering Manager, Infrastructure Security IBM Security
2 IBM Security Traditional intrusion prevention systems (IPS) are missing key components to protect against today’s threats • Build multiple perimeters • Protect all systems • Use signature-based methods • Periodically scan for known threats • Shut down systems Tactical Approach Compliance-driven, reactionary Today’s Attacks • Assume constant compromise • Prioritize high-risk assets • Use behavioral-based methods • Continuously monitor activity • Gather, preserve, retrace evidence Strategic Approach Intelligent, orchestrated, automated Indiscriminate malware, spam and DDoS activity Advanced, persistent, organized, politically or financially motivated It takes power and precision to stop adversaries and unknown threats Yesterday’s Attacks
3 IBM Security Top 5 Things to Look for in an IPS Solution Next-generation intrusion prevention systems have many advantages over traditional IPS 1. Threat Detection Method 2. Application & User Controls 3. Encrypted Traffic Inspection 4. Flexible Performance Options 5. Integration with Existing Security Investments
4 IBM Security 1. Threat Detection Method Pattern Matching Behavior Analysis vs. If it looks like a duck, swims like a duck, and quacks like a duck… • Reactive • Known threats • Numerous signatures • Proactive • Better against unknown threats • Fewer signatures required
5 IBM Security 2. Application & User Controls • Gain greater network visibility and control over application and user • Control access to applications or limit actions taken within applications by user or user group IPS Firewall Internet
6 IBM Security Sandvine, 2016 … 70% of global Internet traffic will be encrypted in 2016, with many network exceeding 80%. ENCRYPTED INTERNET TRAFFIC REPORT 3. Encrypted Traffic Inspection
7 IBM Security 4. Flexible Deployment Options Balance acquisition costs with anticipated future needs Network Traffic to be inspected (bandwidth) Network topology changes
8 IBM Security 5. Integration with Existing Security Investments Better protection along the entire attack lifecycle IPS Security Analytics Incident Response Platform Prevent Disrupt malware & exploits at the point of attack. Detect Send network data to security analytics to enrich threat intelligence and identify threats across the environment. Respond Orchestrate and automate incident response, enabling rapid network policy updates to prevent or mitigate impact of attack.
9 IBM Security Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101
10 IBM Security No.ofTypes Attack Progression Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101 Destinations (C&C traffic detection) Endless Unpatched and zero-day vulnerabilities (patching) Many Weaponized content (IPS, sandbox) Endless Malicious files (antivirus, whitelisting) Endless Many Malicious behavior activities (HIPs) Java execution Ways to infect: deliver  persist Ways to communicate out
11 IBM Security No.ofTypes Attack Progression Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101 Strategic Chokepoint Strategic Chokepoint Strategic Chokepoint Destinations (C&C traffic detection) Endless Unpatched and zero-day vulnerabilities (patching) Many Weaponized content (IPS, sandbox) Endless Malicious files (antivirus, whitelisting) Endless Many Malicious behavior activities (HIPs) Java execution Ways to infect: deliver  persist Ways to communicate out
12 IBM Security No.ofTypes Attack Progression Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101 Strategic Chokepoint Strategic Chokepoint Strategic Chokepoint File inspection Vulnerability assessment & reporting Credential protection Destinations (C&C traffic detection) Endless Unpatched and zero-day vulnerabilities (patching) Many Weaponized content (IPS, sandbox) Endless Malicious files (antivirus, whitelisting) Endless Many Malicious behavior activities (HIPs) Java execution Ways to infect: deliver  persist Ways to communicate out
13 IBM Security Evolving beyond intrusion prevention to provide greater value 1997+ 2002+ 2005+ 2008+ 2012+ 2013+ 2014+ Future Threat Management.NEXT New protection and integration capabilities to stay ahead of the threat Advanced Malware Defense Blocks malware infections on the network SSL/TLS Inspection Protects against attacks hidden inside encrypted traffic URL/App Control Protects users from visiting risky sites on the web Web App Protection Heuristically protects against common app-based attacks Behavioral Defense Protects against attacks based on behavior, not specific vulnerabilities Intrusion Prevention Protects against attacks on vulnerabilities, not exploits Intrusion Detection Evolutionbasedonclientneeds
14 IBM Security IBM Security Network Protection (XGS) Next-generation intrusion prevention protects against the latest attacks IBM Security Network Protection PROTECTION Disrupt known and unknown exploits and malware attacks VISIBILITY Gain insight into network traffic patterns to detect anomalies CONTROL Limit the use of risky applications to reduce your attack surface  
15 IBM Security Exploit-matching engines can be useless against even simple mutations A simple change to a variable name allows the attack to succeed, while rendering the protection of a signature matching engines useless A simple change to the HTML code in a compromised web page makes the attack invisible to signature protection Simply adding a comment to a web page results in an attack successfully bypassing signature IPS Original Variable Names Mutated Variable Names Shellcode somecode Block brick heapLib badLib Original Class Reference Mutated Class Reference <html><head></head> <body><applet archive="jmBXTMuv.jar" code="msf.x.Exploit.class" width="1" height="1"><param name="data" value=""/><param name="jar"> <html><head></head> <body><applet archive="eXRZLr.jar" code="msf.x.badguy.class" width="1" height="1"><param name="data" value=""/><param name="jar"> Original Code Mutated Code var t = unescape; var t = unescape <!— Comment -->; Source: Tolly Group
16 IBM Security IBM goes beyond pattern matching with a broad spectrum of vulnerability and exploit coverage Exploit Signatures Attack-specific pattern matching Web Injection Logic Patented protection against web attacks, e.g., SQL injection and cross-site scripting Vulnerability Decodes Focused algorithms for mutating threats Application Layer Heuristics Proprietary algorithms to block malicious use Protocol Anomaly Detection Protection against misuse, unknown vulnerabilities, and tunneling across 230+ protocols Shellcode Heuristics Behavioral protection to block exploit payloads Content Analysis File and document inspection and anomaly detection Other IPS solutions stop at pattern matching
17 IBM Security IBM Security Network Protection IBM XGS protects against a full spectrum of attack techniques… Web App System and Service Traffic-based User Risky Applications Protocol Tunneling RFC Non- Compliance Unpatched / Unpatchable Vulnerabilities Code Injection Buffer Overflows Cross-site Scripting SQL Injection Cross-site Request Forgery Cross-path Injection Spear Phishing Drive-by Downloads Malicious Attachments Malware Links Obfuscation Techniques Protocol Anomalies Traffic on Non- Standard Ports DoS / DDoS Information Leakage Social Media File Sharing Remote Access Audio / Video Transmission
18 IBM Security Network Traffic and Flows … delivering visibility and control over your network traffic Identity and Application Awareness Associates users and groups with their network activity, application usage and actions Deep Packet Inspection Classifies network traffic, regardless of port or protocol SSL Visibility Identifies encrypted threats, without a separate appliance 500+ Protocols and file formats analyzed 2,000+ Applications and actions identified 25+ Billion URLs classified in 70 categories Inbound Traffic Outbound Traffic Application A Application B Employee A Employee B Employee C Prohibited Application Attack Traffic Botnet Traffic Good Application Clean Traffic
19 IBM Security IBM X-Force® Research and Development Expert analysis and data sharing on the global threat landscape Vulnerability Protection IP Reputation Anti-Spam Malware Analysis Web Application Control URL / Web Filtering Zero-day Research The IBM X-Force Mission  Monitor and evaluate the rapidly changing threat landscape  Research new attack techniques and develop protection for tomorrow’s security challenges  Educate our customers and the general public  Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter
20 IBM Security The benefits of behavioral detection, Part 1 Stopping mutated threats  Delivers superior protection from evolving threats with high levels of performance  Stops 99% of tested, publicly available attacks  Is nearly twice as effective as Snort at stopping “mutated” attacks INLINE IPS SYSTEM EFFICACY (2012) IBM IPS GX7800 versus Snort IPS SOURCE: IBM SECURITY NETWORK INTRUSION PREVENTION SYSTEM GX7800 EVALUATION, TOLLY GROUP, 2012
21 IBM Security The benefits of behavioral detection, Part 2 Stopping encrypted threats and evasion techniques  Stopped 100% of tested, publically disclosed attacks, both encrypted & unencrypted  Stopped 100% of McAfee Evader test suite attacks  Delivered 17 Gbps of Multi-protocol throughput with SSL/TLS inspection enabled; 26 Gbps without SSL/TLS inspection enabled INLINE IPS SYSTEM EFFICACY (2016) IBM next-gen IPS XGS7100 SOURCE: IBM SECURITY NETWORK PROTECTION XGS7100 EVALUATION, TOLLY GROUP, 2016
22 IBM Security Modular network interfaces help future-proof your investment Eight different network interface modules (NIM) meet current and future connectivity needs 4-port Fixed fiber (LX) with built-in bypass 8-port RJ-45 copper with built-in bypass 4-port Fixed fiber (SX) with built-in bypass 2-port 10GbE (SR) with built-in bypass 2-port 10GbE (LR) with built-in bypass 4-port SFP (requires transceivers) 2-port 10GbE SFP+ (requires transceivers) XGS 7100 supports 4 NIMs; XGS 5100 supports 2 NIMs (+ 4 built-in RJ-45 ports); XGS 4100 supports 1 NIM (+ 4 built-in RJ-45 ports) 2-port 40GbE QSFP+ (requires transceivers) XGS 7100 only
23 IBM Security Flexible Performance Licensing (FPL) Enables performance upgrades without changing hardware FPL Level 2 FPL Level 2 800 Mb/s Inspected Throughput FPL Level 1 (base) 400 Mb/s Inspected Throughput 750 Mb/s Inspected Throughput 1.5 Gb/s Inspected Throughput XGS 3100 XGS 4100 XGS 5100 FPL Level 1 (base) FPL Level 1 (base) FPL Level 2 FPL Level 3 FPL Level 4 5.0 Gb/s Inspected Throughput 10.0 Gb/s Inspected Throughput 15.0 Gb/s Inspected Throughput XGS 7100 FPL Level 1 (base) FPL Level 2 20.0 Gb/s Inspected Throughput FPL Level 3 25.0 Gb/s Inspected Throughput FPL Level 5 FPL Level 2 1.0 Gb/s Inspected Throughput 600 Mb/s Inspected Throughput XGS Virtual FPL Level 4 FPL Level 1 (base) 2.5 Gb/s Inspected Throughput 4.0 Gb/s Inspected Throughput 7.0 Gb/s Inspected Throughput 5.5 Gb/s Inspected Throughput
24 IBM Security IBM XGS protects both your network and investment Forrester determined XGS has the following three-year risk-adjusted financial impact: RETURN ON INVESTMENT 340% NET PRESENT VALUE $1,075,592 PAYBACK PERIOD 1.9 months SOURCE: THE TOTAL ECONOMIC IMPACT OF IBM SECURITY NETWORK SECURITY (XGS), FORRESTER RESEARCH, 2016 IBM Security Network Protection
25 IBM Security IBM QRadar and XGS integration improves intelligence and security Send data flows to QRadar and send quarantine commands to XGS directly from QRadar Layer 7 Flow Data to QRadar Offense-blocking from QRadar • Detect abnormal activity through network flow data generated through XGS • Identify application misuse via user and application information • Save money by reducing the need for a separate flow generation appliance • Make QRadar Intelligence actionable by leveraging XGS to block in-progress attacks • Reduce response time by initiating blocking within the QRadar console to stop threats quickly
26 IBM Security IBM positioned in the “Leaders” Quadrant in the 2015 Gartner Magic Quadrant for Intrusion Prevention Systems Magic Quadrant for Intrusion Prevention Systems “The capabilities of leading IPS products have adapted to changing threats, and next-generation IPSs (NGIPSs) have evolved incrementally in response to advanced targeted threats that can evade first-generation IPSs.” Craig Lawson, Adam Hils, and Claudio Neiva Gartner, November 16, 2015 This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The link to the Gartner report is available upon request from IBM. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
27 IBM Security Top 5 Things to Look for in an IPS Solution 1. Threat Detection Method Behavior analysis 2. Application & User Controls Granular controls 3. Encrypted Traffic Inspection Fast on-board inspection 4. Flexible Performance Options FPL and NIM’s 5. Integration with Security Investments IBM QRadar & more IBM XGS     
Q & A
ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions © Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party. FOLLOW US ON: THANK YOU

Recommended

Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!IBM Security
 
Malware in a JAR: How Rogue Java Applications Compromise your Endpoints
Malware in a JAR: How Rogue Java Applications Compromise your EndpointsMalware in a JAR: How Rogue Java Applications Compromise your Endpoints
Malware in a JAR: How Rogue Java Applications Compromise your EndpointsIBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 

Recommended

Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!Compete To Win: Don’t Just Be Compliant – Be Secure!
Compete To Win: Don’t Just Be Compliant – Be Secure!IBM Security
 
Malware in a JAR: How Rogue Java Applications Compromise your Endpoints
Malware in a JAR: How Rogue Java Applications Compromise your EndpointsMalware in a JAR: How Rogue Java Applications Compromise your Endpoints
Malware in a JAR: How Rogue Java Applications Compromise your EndpointsIBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016IBM Security
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadarVirginia Fernandez
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareIBM Security
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...IBM Security
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 
7 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 20157 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 2015IBM Security
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 

More Related Content

What's hot

See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersIBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itIBM Security
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...IBM Security
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareIBM Security
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackIBM Security
 

What's hot (20)

See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated Ransomware
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 

Similar to Top 5 Things to Look for in an IPS Solution

7 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 20157 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 2015IBM Security
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityDistil Networks
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...IBM Security
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...Luigi Delgrosso
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Shakeel Ali
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...ShivamSharma909
 
Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +infosec train
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowIBM Security
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?S&T Consulting Hungary
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the ThreatIBM Security
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Securityxsy
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Vaibhav Gupta
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 

Similar to Top 5 Things to Look for in an IPS Solution (20)

7 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 20157 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 2015
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Keeping up with the Revolution in IT Security
Keeping up with the Revolution in IT SecurityKeeping up with the Revolution in IT Security
Keeping up with the Revolution in IT Security
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
IBM ridefinisce la strategia e l'approccio verso gli Avanced Persistent Threa...
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
 
Security and-visibility
Security and-visibilitySecurity and-visibility
Security and-visibility
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
 
Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +
 
CompTIA Security+
CompTIA Security+CompTIA Security+
CompTIA Security+
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?Miben nyújt többet a Cisco ASA + FirePOWER Services?
Miben nyújt többet a Cisco ASA + FirePOWER Services?
 
Information Security
Information SecurityInformation Security
Information Security
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
 
7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat7 Ways to Stay 7 Years Ahead of the Threat
7 Ways to Stay 7 Years Ahead of the Threat
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
 
Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
 
Cyber security
Cyber securityCyber security
Cyber security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 

More from IBM Security

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsIBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...IBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationIBM Security
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020IBM Security
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityIBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident ResponseIBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...IBM Security
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 

More from IBM Security (11)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies ahead
 

Recently uploaded

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 

Recently uploaded (20)

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 

Top 5 Things to Look for in an IPS Solution

  • 1. Top 5 Things to Look for in an IPS Solution Eric P. York November 10, 2016 Sr. Product Offering Manager, Infrastructure Security IBM Security
  • 2. 2 IBM Security Traditional intrusion prevention systems (IPS) are missing key components to protect against today’s threats • Build multiple perimeters • Protect all systems • Use signature-based methods • Periodically scan for known threats • Shut down systems Tactical Approach Compliance-driven, reactionary Today’s Attacks • Assume constant compromise • Prioritize high-risk assets • Use behavioral-based methods • Continuously monitor activity • Gather, preserve, retrace evidence Strategic Approach Intelligent, orchestrated, automated Indiscriminate malware, spam and DDoS activity Advanced, persistent, organized, politically or financially motivated It takes power and precision to stop adversaries and unknown threats Yesterday’s Attacks
  • 3. 3 IBM Security Top 5 Things to Look for in an IPS Solution Next-generation intrusion prevention systems have many advantages over traditional IPS 1. Threat Detection Method 2. Application & User Controls 3. Encrypted Traffic Inspection 4. Flexible Performance Options 5. Integration with Existing Security Investments
  • 4. 4 IBM Security 1. Threat Detection Method Pattern Matching Behavior Analysis vs. If it looks like a duck, swims like a duck, and quacks like a duck… • Reactive • Known threats • Numerous signatures • Proactive • Better against unknown threats • Fewer signatures required
  • 5. 5 IBM Security 2. Application & User Controls • Gain greater network visibility and control over application and user • Control access to applications or limit actions taken within applications by user or user group IPS Firewall Internet
  • 6. 6 IBM Security Sandvine, 2016 … 70% of global Internet traffic will be encrypted in 2016, with many network exceeding 80%. ENCRYPTED INTERNET TRAFFIC REPORT 3. Encrypted Traffic Inspection
  • 7. 7 IBM Security 4. Flexible Deployment Options Balance acquisition costs with anticipated future needs Network Traffic to be inspected (bandwidth) Network topology changes
  • 8. 8 IBM Security 5. Integration with Existing Security Investments Better protection along the entire attack lifecycle IPS Security Analytics Incident Response Platform Prevent Disrupt malware & exploits at the point of attack. Detect Send network data to security analytics to enrich threat intelligence and identify threats across the environment. Respond Orchestrate and automate incident response, enabling rapid network policy updates to prevent or mitigate impact of attack.
  • 9. 9 IBM Security Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101
  • 10. 10 IBM Security No.ofTypes Attack Progression Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101 Destinations (C&C traffic detection) Endless Unpatched and zero-day vulnerabilities (patching) Many Weaponized content (IPS, sandbox) Endless Malicious files (antivirus, whitelisting) Endless Many Malicious behavior activities (HIPs) Java execution Ways to infect: deliver  persist Ways to communicate out
  • 11. 11 IBM Security No.ofTypes Attack Progression Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101 Strategic Chokepoint Strategic Chokepoint Strategic Chokepoint Destinations (C&C traffic detection) Endless Unpatched and zero-day vulnerabilities (patching) Many Weaponized content (IPS, sandbox) Endless Malicious files (antivirus, whitelisting) Endless Many Malicious behavior activities (HIPs) Java execution Ways to infect: deliver  persist Ways to communicate out
  • 12. 12 IBM Security No.ofTypes Attack Progression Data exfiltrationExploit Delivery of weaponized content Exploitation of app vulnerability Malware delivery Malware persistency Execution and malicious access to content Establish communication channels Data exfiltration Complexity of the exploit-chain Pre-exploit 0011100101 1101000010 1111000110 0011001101 Strategic Chokepoint Strategic Chokepoint Strategic Chokepoint File inspection Vulnerability assessment & reporting Credential protection Destinations (C&C traffic detection) Endless Unpatched and zero-day vulnerabilities (patching) Many Weaponized content (IPS, sandbox) Endless Malicious files (antivirus, whitelisting) Endless Many Malicious behavior activities (HIPs) Java execution Ways to infect: deliver  persist Ways to communicate out
  • 13. 13 IBM Security Evolving beyond intrusion prevention to provide greater value 1997+ 2002+ 2005+ 2008+ 2012+ 2013+ 2014+ Future Threat Management.NEXT New protection and integration capabilities to stay ahead of the threat Advanced Malware Defense Blocks malware infections on the network SSL/TLS Inspection Protects against attacks hidden inside encrypted traffic URL/App Control Protects users from visiting risky sites on the web Web App Protection Heuristically protects against common app-based attacks Behavioral Defense Protects against attacks based on behavior, not specific vulnerabilities Intrusion Prevention Protects against attacks on vulnerabilities, not exploits Intrusion Detection Evolutionbasedonclientneeds
  • 14. 14 IBM Security IBM Security Network Protection (XGS) Next-generation intrusion prevention protects against the latest attacks IBM Security Network Protection PROTECTION Disrupt known and unknown exploits and malware attacks VISIBILITY Gain insight into network traffic patterns to detect anomalies CONTROL Limit the use of risky applications to reduce your attack surface  
  • 15. 15 IBM Security Exploit-matching engines can be useless against even simple mutations A simple change to a variable name allows the attack to succeed, while rendering the protection of a signature matching engines useless A simple change to the HTML code in a compromised web page makes the attack invisible to signature protection Simply adding a comment to a web page results in an attack successfully bypassing signature IPS Original Variable Names Mutated Variable Names Shellcode somecode Block brick heapLib badLib Original Class Reference Mutated Class Reference <html><head></head> <body><applet archive="jmBXTMuv.jar" code="msf.x.Exploit.class" width="1" height="1"><param name="data" value=""/><param name="jar"> <html><head></head> <body><applet archive="eXRZLr.jar" code="msf.x.badguy.class" width="1" height="1"><param name="data" value=""/><param name="jar"> Original Code Mutated Code var t = unescape; var t = unescape <!— Comment -->; Source: Tolly Group
  • 16. 16 IBM Security IBM goes beyond pattern matching with a broad spectrum of vulnerability and exploit coverage Exploit Signatures Attack-specific pattern matching Web Injection Logic Patented protection against web attacks, e.g., SQL injection and cross-site scripting Vulnerability Decodes Focused algorithms for mutating threats Application Layer Heuristics Proprietary algorithms to block malicious use Protocol Anomaly Detection Protection against misuse, unknown vulnerabilities, and tunneling across 230+ protocols Shellcode Heuristics Behavioral protection to block exploit payloads Content Analysis File and document inspection and anomaly detection Other IPS solutions stop at pattern matching
  • 17. 17 IBM Security IBM Security Network Protection IBM XGS protects against a full spectrum of attack techniques… Web App System and Service Traffic-based User Risky Applications Protocol Tunneling RFC Non- Compliance Unpatched / Unpatchable Vulnerabilities Code Injection Buffer Overflows Cross-site Scripting SQL Injection Cross-site Request Forgery Cross-path Injection Spear Phishing Drive-by Downloads Malicious Attachments Malware Links Obfuscation Techniques Protocol Anomalies Traffic on Non- Standard Ports DoS / DDoS Information Leakage Social Media File Sharing Remote Access Audio / Video Transmission
  • 18. 18 IBM Security Network Traffic and Flows … delivering visibility and control over your network traffic Identity and Application Awareness Associates users and groups with their network activity, application usage and actions Deep Packet Inspection Classifies network traffic, regardless of port or protocol SSL Visibility Identifies encrypted threats, without a separate appliance 500+ Protocols and file formats analyzed 2,000+ Applications and actions identified 25+ Billion URLs classified in 70 categories Inbound Traffic Outbound Traffic Application A Application B Employee A Employee B Employee C Prohibited Application Attack Traffic Botnet Traffic Good Application Clean Traffic
  • 19. 19 IBM Security IBM X-Force® Research and Development Expert analysis and data sharing on the global threat landscape Vulnerability Protection IP Reputation Anti-Spam Malware Analysis Web Application Control URL / Web Filtering Zero-day Research The IBM X-Force Mission  Monitor and evaluate the rapidly changing threat landscape  Research new attack techniques and develop protection for tomorrow’s security challenges  Educate our customers and the general public  Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter
  • 20. 20 IBM Security The benefits of behavioral detection, Part 1 Stopping mutated threats  Delivers superior protection from evolving threats with high levels of performance  Stops 99% of tested, publicly available attacks  Is nearly twice as effective as Snort at stopping “mutated” attacks INLINE IPS SYSTEM EFFICACY (2012) IBM IPS GX7800 versus Snort IPS SOURCE: IBM SECURITY NETWORK INTRUSION PREVENTION SYSTEM GX7800 EVALUATION, TOLLY GROUP, 2012
  • 21. 21 IBM Security The benefits of behavioral detection, Part 2 Stopping encrypted threats and evasion techniques  Stopped 100% of tested, publically disclosed attacks, both encrypted & unencrypted  Stopped 100% of McAfee Evader test suite attacks  Delivered 17 Gbps of Multi-protocol throughput with SSL/TLS inspection enabled; 26 Gbps without SSL/TLS inspection enabled INLINE IPS SYSTEM EFFICACY (2016) IBM next-gen IPS XGS7100 SOURCE: IBM SECURITY NETWORK PROTECTION XGS7100 EVALUATION, TOLLY GROUP, 2016
  • 22. 22 IBM Security Modular network interfaces help future-proof your investment Eight different network interface modules (NIM) meet current and future connectivity needs 4-port Fixed fiber (LX) with built-in bypass 8-port RJ-45 copper with built-in bypass 4-port Fixed fiber (SX) with built-in bypass 2-port 10GbE (SR) with built-in bypass 2-port 10GbE (LR) with built-in bypass 4-port SFP (requires transceivers) 2-port 10GbE SFP+ (requires transceivers) XGS 7100 supports 4 NIMs; XGS 5100 supports 2 NIMs (+ 4 built-in RJ-45 ports); XGS 4100 supports 1 NIM (+ 4 built-in RJ-45 ports) 2-port 40GbE QSFP+ (requires transceivers) XGS 7100 only
  • 23. 23 IBM Security Flexible Performance Licensing (FPL) Enables performance upgrades without changing hardware FPL Level 2 FPL Level 2 800 Mb/s Inspected Throughput FPL Level 1 (base) 400 Mb/s Inspected Throughput 750 Mb/s Inspected Throughput 1.5 Gb/s Inspected Throughput XGS 3100 XGS 4100 XGS 5100 FPL Level 1 (base) FPL Level 1 (base) FPL Level 2 FPL Level 3 FPL Level 4 5.0 Gb/s Inspected Throughput 10.0 Gb/s Inspected Throughput 15.0 Gb/s Inspected Throughput XGS 7100 FPL Level 1 (base) FPL Level 2 20.0 Gb/s Inspected Throughput FPL Level 3 25.0 Gb/s Inspected Throughput FPL Level 5 FPL Level 2 1.0 Gb/s Inspected Throughput 600 Mb/s Inspected Throughput XGS Virtual FPL Level 4 FPL Level 1 (base) 2.5 Gb/s Inspected Throughput 4.0 Gb/s Inspected Throughput 7.0 Gb/s Inspected Throughput 5.5 Gb/s Inspected Throughput
  • 24. 24 IBM Security IBM XGS protects both your network and investment Forrester determined XGS has the following three-year risk-adjusted financial impact: RETURN ON INVESTMENT 340% NET PRESENT VALUE $1,075,592 PAYBACK PERIOD 1.9 months SOURCE: THE TOTAL ECONOMIC IMPACT OF IBM SECURITY NETWORK SECURITY (XGS), FORRESTER RESEARCH, 2016 IBM Security Network Protection
  • 25. 25 IBM Security IBM QRadar and XGS integration improves intelligence and security Send data flows to QRadar and send quarantine commands to XGS directly from QRadar Layer 7 Flow Data to QRadar Offense-blocking from QRadar • Detect abnormal activity through network flow data generated through XGS • Identify application misuse via user and application information • Save money by reducing the need for a separate flow generation appliance • Make QRadar Intelligence actionable by leveraging XGS to block in-progress attacks • Reduce response time by initiating blocking within the QRadar console to stop threats quickly
  • 26. 26 IBM Security IBM positioned in the “Leaders” Quadrant in the 2015 Gartner Magic Quadrant for Intrusion Prevention Systems Magic Quadrant for Intrusion Prevention Systems “The capabilities of leading IPS products have adapted to changing threats, and next-generation IPSs (NGIPSs) have evolved incrementally in response to advanced targeted threats that can evade first-generation IPSs.” Craig Lawson, Adam Hils, and Claudio Neiva Gartner, November 16, 2015 This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The link to the Gartner report is available upon request from IBM. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
  • 27. 27 IBM Security Top 5 Things to Look for in an IPS Solution 1. Threat Detection Method Behavior analysis 2. Application & User Controls Granular controls 3. Encrypted Traffic Inspection Fast on-board inspection 4. Flexible Performance Options FPL and NIM’s 5. Integration with Security Investments IBM QRadar & more IBM XGS     
  • 28. Q & A
  • 29. ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions © Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party. FOLLOW US ON: THANK YOU