IBM QRadar Platform

threat detection 6

IBM® QRadar® Security Intelligence Platform products provide a unified architecture for integrating security information and event management (SIEM), log management, anomaly detection, incident forensics and configuration and vulnerability management. These products offer advanced threat detection, greater ease of use and lower total cost of ownership.

IBM QRadar Security Intelligence Platform products deliver:

  •  A single architecture for analyzing log, flow, vulnerability, user and asset data.
  • Near real-time correlation and behavioral anomaly detection to identify high-risk threats.
  • High-priority incident detection among billions of data points.
  • Full visibility into network, application and user activity.
  • Automated regulatory compliance with collection, correlation and reporting capabilities.

Product editions:

IBM Security QRadar Incident Forensics: Allows you to retrace the step-by-step actions of a potential attacker, and quickly and easily conduct an in-depth forensics investigation of suspected malicious network security incidents.

IBM Security QRadar Log Manager: Delivers high-performance for collecting, analyzing, archiving and storing large volumes of network and security event logs.

IBM Security QRadar Network Anomaly Detection: Enhances IBM intrusion prevention system (IPS) solutions by providing greater insight into network behavior and abnormal activity to better identify security threats.

IBM Security QRadar QFlow Collector: Combines with IBM Security QRadar SIEM and flow processors to provide Layer 7 application visibility and flow analysis, helping you understand and respond to activities throughout your network.

IBM Security QRadar Risk Manager: IBM Security QRadar Risk Manager monitors network topology, switch, router, firewall and Intrusion Prevention System (IPS) configurations to reduce risk and increase compliance.

IBM Security QRadar SIEM: Consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network. It performs immediate normalization and correlation activities on raw data to distinguish real threats from false positives.

IBM Security QRadar VFlow Collector: Combines with IBM Security QRadar SIEM to provide Layer 7 application-layer visibility into virtual network traffic, helping you understand and respond to activities in your network.

IBM Security QRadar Vulnerability Manager: IBM Security QRadar Vulnerability Manager proactively discovers network device and application security vulnerabilities, adds context and supports the prioritization of remediation and mitigation activities.