UPDATED 17:59 EST / JULY 25 2013


Big Blue Unleashes Big Data Security Intelligence

IBM has announced a new solution today designed to help organizations identify security vulnerabilities across a network in real-time, giving security officers up-to-date visibility to sort and prioritize which vulnerabilities to immediately fix that pose the greatest risk to data.  The solution is a predictive  security information and event management (SIEM) product called QRadar Vulnerability Manager.  This product is the latest in a wave of products that are forward looking in identifying advanced threats through Big Data analytics before these events even happen.  The platform sifts through massive amounts of collected data, and uses analytics to reduce a previously untenable amount of data down to a manageable base of incidents that can be identified and remediated.  This platform reaches into any number of sources of unstructured data, from sources like network data, social network information, email, machine data, business, and so on.  The powerful ability to correlate from these sources without such a system would involve massive efforts and time consumption.  QRadar Vulnerability Manager, can not only scan the corporate network, but it can also incorporate collected data from third-party scanners.  So if you have systems like Nessus, Qualys, nCircle, Rapid7, McAfee – you can plug these right in.  QRadar does these operations rapidly and throughout the enterprise, giving the company vast capabilities to analyze these threats and understand what they look like before they are threats.

“Security Intelligence is about putting all the available data into context, and making it useful for each client’s unique security needs,” said Brendan Hannigan, General Manager, IBM, Security Systems Division. “We have relentlessly expanded QRadar’s capabilities, and tight integration of vulnerability management is the next natural extension.”

QRadar leverages the analytic power in IBM’s InfoSphere with the efforts put together by the IBM X-Force team, who have cataloged more than 70,000 known vulnerabilities. The QRadar single risk-based view allows for the quick identification and prioritization of threats, vulnerabilities, and other issues as well. QRadar also features an embedded PCI-certified scanner that can be automatically scheduled or brought into action when network events occur. Also very neat – Sometimes there are vulnerabilities out there that don’t have a way of patching them, either something doesn’t exist or whatever remediation you’ve taken just hasn’t worked. The QRadar Security Intelligence Platform introduces the IBM Security Network Protection XGS 5100, which provides ongoing network data feeds that help identify stealthy Secure Socket Layer (SSL) attacks. The platform provides a virtual patch to protect against a detected vulnerability in those conditions where a software patch isn’t available.

“QRadar Vulnerability Manager is a breakthrough for the IT security industry,” said Murray Benadie Managing Director, Zenith Systems, an IBM Business Partner. “It can cut a huge list of vulnerabilities in half, if not more. Users will quickly see vulnerabilities on their networks, without trying to mash products together– that is how information falls through the cracks. This is a true game changer.”

IBM’s announcement also introduced a new version of its IBM Security zSecure Suite that will work with the QRadar. The zSecure product delivers auditing and alerting software for IBM mainframe security. In this new version it can share information with the QRadar systems to give you mainframe security event visibility.

All told, IBM is unleashing its powerful Big Data and Analytics into the security products market with full force. By delivering a formidable next-generation security product that has gone beyond signature based, beyond real-time, and into the predictive realm of security, they are looking at the landscape of real-world threats against the enterprise with a plan to neutralize these threats.  The following video features IBM’s Marc van Zadelhoff, Kevin Skapinetz, Sandy Bird and Brendan Hannigan talk about the introduction of this new approach to vulnerability management, one built around the principles of Security Intelligence.


A message from John Furrier, co-founder of SiliconANGLE:

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Join Our Community 

Click here to join the free and open Startup Showcase event.

“TheCUBE is part of re:Invent, you know, you guys really are a part of the event and we really appreciate your coming here and I know people appreciate the content you create as well” – Andy Jassy

We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.

Click here to join the free and open Startup Showcase event.