Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

IBM Taps Security Intelligence and Big Data to Detect Hidden Threats

In effort to help customers detect threats that can hide within the massive amounts of data that reside within enterprise walls, IBM on Wednesday announced “IBM Security Intelligence with Big Data”, a new offering that combines security intelligence with big data analytics capabilities.

In effort to help customers detect threats that can hide within the massive amounts of data that reside within enterprise walls, IBM on Wednesday announced “IBM Security Intelligence with Big Data”, a new offering that combines security intelligence with big data analytics capabilities.

Designed to detect both external cyber threats and internal risks, IBM Security Intelligence with Big Data enables security analysts to extend their analysis beyond typical security data and answer questions they could never ask before, the company said.

“The solution combines real-time correlation for continuous insight, custom analytics across massive structured data (such as security device alerts, operating system logs, DNS transactions and network flows) and unstructured data (such as emails, social media content, full packet information and business transactions), and forensic capabilities for evidence gathering,” IBM explained in a statement.

IBM LogoBy analyzing structured, enriched security data alongside unstructured enterprise data, the IBM solution helps find malicious activity hidden deep in the masses of an organization’s data.

The offering fuses the real-time security correlation and anomaly detection capabilities from IBM’s QRadar Security Intelligence Platform, technology Big Blue gained as a result of the 2011 acquisition of Waltham, Massachusetts-based Q1Labs, with the analysis and exploration of business data provided by IBM InfoSphere BigInsights.

Key capabilities in the IBM Security Intelligence with Big Data solution include:

• Real-time correlation and anomaly detection of diverse security and network data

• High-speed querying of security intelligence data

• Flexible big data analytics across structured and unstructured data – including security, email, social media, business process, transactional, device, and other data

Advertisement. Scroll to continue reading.

• Graphical front-end tool for visualizing and exploring big data

• Forensics for deep visibility into network activity

The integrated offering includes a set of pre-packaged security intelligence content, ranging from a security data taxonomy and automated data normalization, to pre-defined rules and dashboards that codify industry best practices and accelerate time to value, the company said.

“As the sophistication and technological means of cyber-criminals increase, the financial industry and government need to move to a risk-based framework that incorporates the dynamic nature of the threat landscape,” said Mark Clancy, CISO, Managing Director, Technology Risk Management at The Depository Trust & Clearing Corporation (DTCC), a financial services transaction clearing house.

“We need to move from a world where we ‘farm’ security data and alerts with various prevention and detection tools to a situation where we actively ‘hunt’ for cyber-attackers in our networks,” Clancy said. “IBM’s Security Intelligence with Big Data solution gives us a practical way to gain visibility across our environment. We’re gaining real-time security awareness and meaningful insight into historical activity across years of diverse data.”

“Success today is too often defined as the absence of failure by the information security industry, instead of the demonstration of effectiveness. We do a lot of things in our profession that are hard to observe and hard to quantify. But any time you can measure the success or failure in a provable way, you can produce a much better outcome,” Clancy said.

The solution is also supported by new Security Intelligence for Big Data Professional Services from IBM, helping customers launch big data security initiatives through design best practices and implementation expertise. The consultancy services are also available to business and solution partners for delivery to end clients, IBM said.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...