Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

IBM Taps Security Intelligence and Big Data to Detect Hidden Threats

In effort to help customers detect threats that can hide within the massive amounts of data that reside within enterprise walls, IBM on Wednesday announced “IBM Security Intelligence with Big Data”, a new offering that combines security intelligence with big data analytics capabilities.

In effort to help customers detect threats that can hide within the massive amounts of data that reside within enterprise walls, IBM on Wednesday announced “IBM Security Intelligence with Big Data”, a new offering that combines security intelligence with big data analytics capabilities.

Designed to detect both external cyber threats and internal risks, IBM Security Intelligence with Big Data enables security analysts to extend their analysis beyond typical security data and answer questions they could never ask before, the company said.

“The solution combines real-time correlation for continuous insight, custom analytics across massive structured data (such as security device alerts, operating system logs, DNS transactions and network flows) and unstructured data (such as emails, social media content, full packet information and business transactions), and forensic capabilities for evidence gathering,” IBM explained in a statement.

IBM LogoBy analyzing structured, enriched security data alongside unstructured enterprise data, the IBM solution helps find malicious activity hidden deep in the masses of an organization’s data.

The offering fuses the real-time security correlation and anomaly detection capabilities from IBM’s QRadar Security Intelligence Platform, technology Big Blue gained as a result of the 2011 acquisition of Waltham, Massachusetts-based Q1Labs, with the analysis and exploration of business data provided by IBM InfoSphere BigInsights.

Key capabilities in the IBM Security Intelligence with Big Data solution include:

• Real-time correlation and anomaly detection of diverse security and network data

• High-speed querying of security intelligence data

• Flexible big data analytics across structured and unstructured data – including security, email, social media, business process, transactional, device, and other data

• Graphical front-end tool for visualizing and exploring big data

• Forensics for deep visibility into network activity

The integrated offering includes a set of pre-packaged security intelligence content, ranging from a security data taxonomy and automated data normalization, to pre-defined rules and dashboards that codify industry best practices and accelerate time to value, the company said.

“As the sophistication and technological means of cyber-criminals increase, the financial industry and government need to move to a risk-based framework that incorporates the dynamic nature of the threat landscape,” said Mark Clancy, CISO, Managing Director, Technology Risk Management at The Depository Trust & Clearing Corporation (DTCC), a financial services transaction clearing house.

“We need to move from a world where we ‘farm’ security data and alerts with various prevention and detection tools to a situation where we actively ‘hunt’ for cyber-attackers in our networks,” Clancy said. “IBM’s Security Intelligence with Big Data solution gives us a practical way to gain visibility across our environment. We’re gaining real-time security awareness and meaningful insight into historical activity across years of diverse data.”

“Success today is too often defined as the absence of failure by the information security industry, instead of the demonstration of effectiveness. We do a lot of things in our profession that are hard to observe and hard to quantify. But any time you can measure the success or failure in a provable way, you can produce a much better outcome,” Clancy said.

The solution is also supported by new Security Intelligence for Big Data Professional Services from IBM, helping customers launch big data security initiatives through design best practices and implementation expertise. The consultancy services are also available to business and solution partners for delivery to end clients, IBM said.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Threat Intelligence

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.