smarter cyber security with ibm solution - etda. smarter... · qradar incident forensics security...
Post on 30-Apr-2020
36 Views
Preview:
TRANSCRIPT
Smarter Cyber security with IBM SolutionINTEGRATED SECURITY FOR A NEW ERA
Mr.Thaweesak Srinak : Technical Sale Security Software
Updated April 2019
Computer Union
© Copyright
Data Is The New OilM a r k e t R e a l i t y
At its height, Oil held
79% of the American
market share
Holds 81% share of
search
$ 3
Conoco Phillips
$2.7
$4
$25 B
ILLION
BILLIO
N
BILLIO
N
MILLIO
N
Exxon MobilChevron
Microsoft
Apple
Amazon
Alphabet
Google & Facebook
Control 88% of all
new internet
advertising because
they hold most data
globally
88%
79%
81%
Data
© Copyright
There is explosive data growth across multiple platforms & data landscape is constantly evolving
1 Elastica Shadow Data Report Q2 2015; 2 IDC
Structured data
Big
Data
Unstructured
data
Cloud
Service
60%Growth in
cloud
documents 126%Annual
increase in
big data2
22.4%Annual increase
in structured
data2
42.5%Annual
increase in
unstructured
data2
Enterprises are constantly
acquiring new data
IP
Consumer Data
(PII, Privacy)
LOB Critical Data (Regulated, Clients)
Enterprise Operational Data
(Employees, Partners)
4 IBM Security
Critical Assets for Corporations– What are we Referring?
Data
PII (Internal/External), Intellectual Property,
Communications
Applications
Internal, External, Mobile
Mobile Devices
Mobile Phones/Devices
Endpoints
Desktops, laptops, servers, POS, ATMs
5 © 2018 IBM Corporation
CISOs tell us data security is a critical priority
• GDPR
• NY-DFS 504
• China Privacy
• Australian Act
• HIPAA
• IaaS (Containers)
• PaaS (DBaaS)
• SaaS (O365)
1. Get ahead of compliance demands
2. Protect against data breaches
3. Secure data across multiple clouds
4. Uncover business risks related to data
5 © 2018 IBM Corporation
6 IBM Security
Challenges with data security
Where is the critical data?
Are the crown jewels classified and protected?
Do they reside in the cloud? Unstructured?
Who can access the data?
There is now a fluid perimeter
How to maintain the right level of Data
security?
How to keep up with the pace of change?
What to lock down?
What data should be encrypted?
What SaaS apps are used?
How to address Compliance?
What compliance issues are there? What
controls exist? What are the remediation
action items?
Where to start?
What data assets are high value?
Which cloud services are used?
Which repositories and databases are used?
06/15/2017
Who is responsible for data security?
With Cloud Service Providers – clients still
have security obligations. What are they?
How to talk risk with the CRO?
7 IBM Security
Data Loss
Prevention
(DLP)
Vulnerability
Management
Cloud
Access
Security
Brokers
(CASB)
Database
Security
The C-Suite
Security Solutions
Although IT infrastructure and security metrics are important….there is a
growing divide in reporting them to the C-Suite or the Board
Identity
Management
8 IBM Security
Today’s security drivers
COMPLIANCEHUMAN
ERROR
SKILLS GAPADVANCED
ATTACKSINNOVATION
9 IBM Security
2013800+ Million records
20141+ Billion records
2015Unprecedented Impact
Attackers break through conventional safeguards every day
$7Maverage cost of a U.S. data breachaverage time to identify data breach
201 days
10 IBM Security10 IBM Security
Today’s security drivers
• Organized Crime
• Malicious Insiders
• Nation States
• Hacktivists
ACTORS TARGETS VECTORS
• Healthcare
• Manufacturing
• Government
• Financials
• Ransomware
• Phishing, Exploit Kits
• Stealthy Malware
• Denial of Service
REALITY
• Cloud, mobile, IoT
• Compliance
• Human error
• Skills gap
11 IBM Security
Imagine if you could…
PROTECT against tomorrow’s risks, today
12 IBM Security
How do I get started when all I see is chaos?
IP reputation
Indicators of compromiseThreat sharing
Firewalls
Incident and threat management
Virtual patching
Sandboxing
Network visibility
Malware protection
Antivirus
Data access control Data monitoring
Application security management
Application scanning
Access management
Entitlements and roles
Identity management
Transaction protection
Device management
Content security
Workloadprotection
Cloud accesssecurity brokerAnomaly detection
Log, flow, data analysis
Vulnerability management
Privileged identity management
Incident response
Criminal detection
Fraud protectionEndpoint patching and management
13 IBM Security
Threat Intelligence
Security Analytics
Cloud
Identityand
Access
Dataand
Apps
MobileAdvanced
Fraud
NetworkEndpoint
Security Ecosystem
An integrated and intelligent security immune system
Criminal detection
Fraud protection
Workloadprotection
Cloud accesssecurity broker
Access management
Entitlements and roles
Privileged identity management
Identity management
Data access control
Application security management
Application scanning
Data monitoring
Device Management
Transaction protection
Content security
Malware protection
Antivirus
Endpoint patching and management
Virtual patching
Firewalls
Incident and threat management
Sandboxing
Network visibility
Vulnerability management Incident response
Log, flow, data analysis Anomaly detection
Indicators of compromise
IP reputation Threat sharing
14 IBM Security14 IBM Security
Security Intelligence and Vulnerability Management
Fraud Identity & Access Data Applications Network Endpoint Mobile
Managed Security Services
Key differentiator: Only IBM Security can bring it all together
• AccessData
• Akamai
• Alien Vault
• BlueCoat
• EMC
• Guidance Software
• Hewlett-Packard
• Intel Security
• LogRhythm
• NetIQ
• NIKSUN
• Prolexic
• Qualys
• Rapid7
• Splunk
• Symantec
• Tripwire
• Tenable Network Security
• Vigilant
• Dell • HP • Symantec • Verizon
• 41st Parameter
• Accertify
• EMC
• Guardian Analytics
• iovation
• NICE Systems
• ThreatMetrix
• CA Technologies
• Dell
• EMC
• Entrust
• Okta
• OneLogin
• Oracle
• PingIdentity
• Symantec
• EMC
• Entrust
• Imperva
• Intel Security
• SafeNet
• Symantec
• Verdasys
• Vormetric
• Appthority
• F5 Networks
• Hewlett-Packard
• Qualys
• Trustwave
• Veracode
• WhiteHat Security
• Arbor
• CheckPoint
• Cisco
• Dell
• FireEye
• Fortinet
• Hewlett-Packard
• Intel Security
• Juniper
• Palo Alto Networks
• Sourcefire
• ESET
• F-Secure
• Intel Security
• Kaspersky
• Lumension
• Microsoft
• Sophos
• Symantec
• Trend Micro
• Good
• Check Point
• Cisco
• Citrix
• Intel Security
• Microsoft
• MobileIron
• Sophos
• Symantec
• VMware
• Webroot
• Zscaler
15 IBM Security15 IBM Security
Traditional security practices are unsustainable
MILLION
unfilled security positions
by 20201.585 security tools from 45 vendors
PERCENT of CEOs are
reluctant to share incident
information externally68
16 IBM Security
SECURITY TRANSFORMATION SERVICESManagement consulting | Systems integration | Managed security
Threat Intelligence
Security Analytics
Cloud
Identityand
Access
Dataand
Apps
MobileAdvanced
Fraud
NetworkEndpoint
Security Ecosystem
IBM has the world’s broadest and deepest security portfolio
App Exchange
MaaS360
INFORMATION RISKAND PROTECTION
Trusteer Mobile
Trusteer Rapport
AppScan
Guardium
Cloud Security
Privileged Identity Manager
Identity Governance and Access
Cloud Identity Service
Key Manager
zSecure
Trusteer PinpointQRadar Vulnerability Manager Resilient Incident Response
X-Force Exchange
QRadar Incident Forensics
SECURITY OPERATIONSAND RESPONSE
BigFix Network Protection XGS
QRadar SIEM QRadar Risk Manager
17 IBM Security
LEADin strategic domains
Security Transformation Services
Management Consulting | Systems Integration | Managed Security
Security Research and Threat Intelligence
Security Operations and Response Information Risk and Protection
IBM Security Strategy
Cloud Security Mobile Security
Identity Governance and Access Management
Data
Protection
Application
Security
Advanced Fraud
Prevention
Incident Response
Security Intelligence and Analytics
Vulnerability and
Patch Management
Endpoint and
Network Protection
User Behavior
Analytics
SUPPORTthe CISO agenda
CloudMobile and
Internet of ThingsComplianceMandates
SkillsShortage
AdvancedThreats
Cloud CollaborationCognitive
ACCELERATEwith key innovation
18 IBM Security
IBM helps protect against new and complex security challenges
Optimize your security program with skills to address modern day risks
SECURITY
TRANSFORMATION
SERVICES
Orchestrate your defenses
throughout the entire attack
lifecycle
SECURITY
OPERATIONS
AND RESPONSE
Keep your critical
information protected while
accelerating the business
INFORMATION
RISK AND
PROTECTION
19 IBM Security19 IBM Security
Context: Reaching security maturity in context
Security Intelligence and Operations
Can you identify active attack paths and high-risk assets?
Can you correlate events across domains and detect advanced threats?
Are you meeting compliance and reporting requirements?
Fraud People Data Application Infrastructure
Are your mobile, online
and cloud channels
secure from cybercrime?
Do you have automated,
policy-driven identity
and role based
management?
Can you monitor
(privileged) access
to data?
Can you test legacy
applications for
exposures?
Do you have real-time
visibility and full control
of your security and
operations?
Can you identify and
stop fraud without
negatively impacting
user productivity?
How are you managing
user access to
resources?
Do you know if sensitive
data leaves your
network?
Are you regularly
testing your website
for vulnerabilities?
Do you perform proactive
threat and vulnerability
management protection?
Are you able to detect
and prevent malware
and phishing attacks?
Have you rolled out an
identity program?
Have you classified
and encrypted sensitive
data?
Do you have a
secure application
development
process?
Are you providing basic
threat management
for all endpoints and
network devices, including
cloud and mobile?
Optimized
Proficient
Basic
20 IBM Security20 IBM Security
Capabilities: Reaching security maturity capabilities
Security Intelligence and Operations
Predictive analytics, big data workbench, flow analytics, forensics
SIEM and vulnerability management
Log management
Fraud People Data Application Infrastructure
• Transaction protection
• Endpoint protection
• Identity governance
• Fine-grained entitlements
• Privileged user management
• Data governance
• Encryption key management
• Fraud detection
• Hybrid scanning and correlation
• Multi-facetednetwork protection
• Anomaly detection
• Hardened
• Login challenge questions
• User provisioning
• Access management
• Strong authentication
• Data masking / redaction
• Data activity monitoring
• Data loss prevention
• Web application protection
• Source code scanning
• Virtualization security
• Asset management
• Endpoint / network security management
• Device ID rules • Directorymanagement
• Encryption
• Database access control
• Applicationscanning
• Perimeter security
• Host security
• Anti-virus
Optimized
Proficient
Basic
21 IBM Security
IBM helps protect against new and complex security challenges
Optimize your security program with skills to address modern day risks
SECURITY
TRANSFORMATION
SERVICES
Orchestrate your defenses
throughout the entire attack
lifecycle
SECURITY
OPERATIONS
AND RESPONSE
Keep your critical
information protected while
accelerating the business
INFORMATION
RISK AND
PROTECTION
22 IBM Security22 IBM Security
Outside and inside threats continue to challenge enterprises
$445 BILLION
estimated annual losses
to the global economy
49 PERCENT
of IT pros retain access
to their ex-employer’s network
23 IBM Security23 IBM Security
Abstract: Integration to help prevent, detect and respond to advanced threats
SIEM
Vulnerability management
Incident Response
Network security
Incident forensics
Threat sharing
Endpoint management
Malware prevention
Real-time
Continuously monitors activity
to prevent attacks and detect
anomalous behavior
Incident Response
Responds to incidents
in integrated and organized
fashion across IT environment
Sends network flow data
to SIEM for analysis of all
events and administration
of quarantine commands
Global threat research helps
SIEM place activity in external
context and determine severity
Provides endpoint assets
and malware events to
SIEM to manage patching
and prevent malware installs
Data activity monitor sends
events to SIEM to prevent
illicit activity of sensitive data
Data activity monitoring
24 IBM Security24 IBM Security
Example: Disrupt the attack chain in real-time
GATHER
Authorized system
attempts to access
resources
BREAK-IN
Remote employee
triggers drive-by
download
LATCH-ON
Internal system
infected as part
of a botnet
EXPAND
Targeted internal email
sent to high-profile
employees
EXFILTRATE
Persistent attackers
quietly siphoning
out data
ATTACK CHAIN
1 2 3 4 5
QRadar Incident
Forensics
reconstructs
abnormal user and
database activity
from network packets
BigFix patches the
latest vulnerabilities
and quarantines
infected endpoints
to prevent more
damage
Network Protection
blocks zero-day
exploit traffic and
sends flows to
QRadar for anomaly
detection
QRadar correlates
network flows and
security events
from other security
controls into a list of
priority offenses
Resilient Incident
Response Platform
allows responders
to coordinate activity
before damage
occurs
25 IBM Security25 IBM Security
Abstract: Integration to help prevent, detect and block insider threat
Privileged identity management
Identity governance and intelligence
SIEM
Data activity monitoring
Governs users and their access
to assure validity of privileged
access rights using credential
data and identity context
Detects anomalous behavior using data
activity and identity context and makes
corrections to block and prevent insider threat
Monitors privileged user
activity on sensitive data
sources and validates
access with identity solution
User Behavior Analytics
26 IBM Security26 IBM Security
Example: Detect insider threats and manage risk
IDENTITY
GOVERNANCE
ACTIVITY
MONITORING
PRIVILEGED IDENTITY
MANAGEMENT
SECURITY
INTELLIGENCE
IGI checks for Segregation
of Duties violations and runs
access certification
campaigns to ensure validity
of privileged access rights
Guardium monitors and
audits privileged user access
to sensitive data sources,
and can alert or block on
unauthorized access
PIM can share check in/
check out audit records,
and Guardium can cross
reference information
with its auditing of data
access activity
QRadar can correlate PIM
credentials and Guardium
activities to detect anomalies
and trigger alerts; consumes
User Behavior Analytics to
identify anomalous usage
SharedID
1 2 3 4
27 IBM Security
IBM helps protect against new and complex security challenges
Optimize your security program with skills to address modern day risks
SECURITY
TRANSFORMATION
SERVICES
Orchestrate your defenses
throughout the entire attack
lifecycle
SECURITY
OPERATIONS
AND RESPONSE
Keep your critical
information protected while
accelerating the business
INFORMATION
RISK AND
PROTECTION
28 IBM Security28 IBM Security
Organizations continue to struggle with compliance risks
Top cybersecurity oversight activities
IT SecurityBoard of Directors
regulatory fines in
data breach lawsuits
$25M
83%
of enterprises have difficulty
finding security skills
29 IBM Security29 IBM Security
Abstract: Integration to manage compliance and governance
Data activity monitoring Identity governance and intelligence
Identity governance helps govern, detect
and prevent access-related risk on the
mainframe to assure adherence to
compliance and security standard
Mainframe access
Provides visibility into
database activity through
validation of user accounts
and entitlements
Correlates audit and compliance data to
assess user access to critical enterprise data
30 IBM Security30 IBM Security
Example: Stop audit failures with identity governance
IDENTITY GOVERNANCE
CROWN JEWEL PROTECTION
ACTIVITY MONITORING
3
IGI cleans up data access privileges
using user accounts and entitlements
and removes the risk of improper
access to database and mainframe
resources
zSecure enhances mainframe
compliance audit and reporting to
comply with regulations
and detect threats
Guardium monitors and audits
privileged user activity in real-time,
and assesses zSecure audit collection
and reporting to provide a consistent
view across all access controls
1 2
31 IBM Security31 IBM Security
Abstract: Integration for risk-based access to critical assets
Enterprise mobility
Cloud accesssecurity broker
Fraud andmalware detection
Cloud identity service
Access management
Protects users from fraud with strong authentication
using risk-based access controls built around
malware and fraud risk-score
Enables easy access to enterprise mobile resources
with mobile device and content security to assure
mobile compliance and policy management
Provides visibility into cloud app usage using
threat intelligence, identity context and data
monitoring to assure safe cloud app adoptionEnables risk-based access to enterprise and cloud
apps from on-premise location or from the cloud
32 IBM Security32 IBM Security
Example: Safeguard digital identities in the era of cloud and mobile
5
1
2
3
4
4.Advanced user risk and fraud detection engine
2. Risk-aware enforcement point with strong authentication on-premise or from the cloud
1. Discover, control, and protect against risky cloud adoption
3.Mobile device compliance and policy management
5.Safeguard access to cloud and enterprise apps
33 IBM Security33 IBM Security
As cloud and mobile increases, so do security threats
11.6M devices are impacted by mobile malware
of firms discovered cloud usage outside of security policies
73%
30Bconnected “things” by 2020
34 IBM Security34 IBM Security
Abstract: Integration to help secure mobile transformation
Fraud andmalware detection
Access management
Evaluates risk-based access using
identity controls built around malware
and fraud risk-score
Enables easy access to enterprise mobile resources
with mobile device and content security to assure
mobile compliance and policy management
Scans and secures mobile enterprise apps
with vulnerability discovery and assessment
Application scanning
Provides strong authentication and enables secure SSO to
enterprise resources from mobile using risk-based identity context
Enterprise mobility
35 IBM Security35 IBM Security
Example: Remove barriers to mobile productivity
IDENTITY & ACCESS
MANAGEMENT
ENTERPRISE
MOBILITY
APPLICATION
SCANNING
FRAUD
PROTECTION
ISAM binds strong
authentication on mobile
devices with context sourced
from MaaS360 and Trusteer
for enhanced risk-based
access and authorization
MaaS360 protects the device,
content, apps and data and
enables SSO into enterprise
apps with ISAM
AppScan scans enterprise
and consumer mobile apps to
identify security vulnerabilities
and generate reports and fix
recommendations
Trusteer protects consumers
from fraud and malware on
mobile devices to build
integrity and assurance
2 3 41
36 IBM Security36 IBM Security
Abstract: Integration for secure adoption of cloud apps
Provides global threat intelligence
to place events in external
context and determine severityIPS and proxy technology
enable network threat
blocking and protect
mobile usage
Threat sharing
SIEM
Cloud accesssecurity broker
Intrusion Prevention System
Secure gateway
Cloud identity service
Access management
Correlates cross-cloud events, logs, mobile traffic,
IPS data, and anomalies to prevent threats and
enforce policies
Discovers cloud app usage based
on user analytics, identity context
and threat prevention data
Enables enterprise user access to SaaS
cloud applications with secure SSO and
cloud-based federated access,
provisioning, governance and compliance
37 IBM Security37 IBM Security
Example: Gain visibility into cloud application usage
IDENTITY & ACCESSMANAGEMENT
SECURITY INTELLIGENCE
DATA & THREAT PROTECTION
Identity and access enables federated
single-sign on to approved cloud apps
as well as policy enforcement to control
access to unsanctioned apps
Security intelligence correlates cloud
events to provide discovery and
visibility into cloud app usage, using X-
Force risk scoring for thousands of
applications and a continuous stream
of cloud activity data
XGS provides intrusion prevention
capabilities (threat signatures, network
analysis, and zero-day protection)
to protect against cloud-related threats,
while Guardium protects data in the
cloud
21 3
38 IBM Security
Data at Rest Configuration Data in Motion
Where is the sensitive data?
How to protect sensitive data to
reduce risk?
How to secure the repository?
Entitlements
Reporting
Activity
Monitoring
Blocking
Quarantine
Dynamic Data
Masking
Vulnerability
Assessment
Who canaccess?
What is actually happening?
Best practice journey – all products working together
EncryptionDiscovery
Classification
How to prevent unauthorized
activities?
How to protect sensitive data?
Harden Monitor ProtectDiscover
39 IBM Security
Protecting data now requires designing a Data Centric Protection (DCP) program
Governance
Regulatory
Compliance
Executive
Involvement
Organization
StructurePolicies Metrics/Reporting
People
SkillsRoles and
Responsibilities
Staff Capacity
ModelingTraining
Process
Formalized
DocumentationProcess
OptimizationData Lifecycle
Workflow
Automation
Technology
Data Loss
Prevention
Digital Rights
Management
Data Discovery
/ Flow /
Dependency
Data Activity
Monitoring
Data
Encryption /
Tokenization
Data Tagging
Cloud Access
Security Broker
Data Masking
Vulnerability
Management
SIEM
A.D.
CMDB
Technology &
Business Context
Integration
40 IBM Security
SaaS
IoT, Mobile Files
Files (systems)
Data Lakes
Databases
Big Data
IBM Data Security FrameworkProtect data where it resides with a business risk-driven approach
On
-Pre
mis
e, in
Clo
ud
Data-Centric Audit Protection
Information Security Enforcement
Information Security Risk Detection
Security Operations
and Response
Identity and Access Mgmt.
Tokenization MaskingEncryption Access Control DLP
DataDiscovery
Activity Monitoring
Risk Management
Data Classification
Behavioral Analytics
Compliance Reporting
Vulnerability Assessment
41 IBM Security
SaaS
IoT, Mobile Files
Files (systems)
Data Lakes
Databases
Big Data
IBM Data Security PortfolioIBM Offerings today and new deliverables in 2018
On
-Pre
mis
e, in
Clo
ud
Data-Centric Audit Protection
Information Security Enforcement
Information Security Risk Detection
Tokenization MaskingEncryption Access Control DLP
Vulnerability Assessment
Guardium Data and
Multi-Cloud Encryption
Data
Ecosyste
m
Behavioral Analytics
Compliance Reporting
Risk Management
NEW
Data Risk
ManagerBig Data
Intelligence
NEW NEW
Security Operations
and Response
Identity and Access Mgmt.
QRadar,
Resilient
Cloud
Identity
Guardium
Accelerators
DataDiscovery
Activity Monitoring
Data Classification
Guardium Data Protection
Guardium Analyzer*NEW
42 IBM Security
COGNITIVE, CLOUD,and COLLABORATION
The next era of security
INTELLIGENCEand INTEGRATION
PERIMETER CONTROLS
43 IBM Security
CLOUD COLLABORATION COGNITIVE
• Deliver Security from the Cloud
• Secure connections to the Cloud
• 750TB+ of threat intel
• 1.6M+ X-Force Exchange searches
• 35K+ App Exchange downloads
• 1M+ security documents read
• 10B+ security data elements
• 80K+ elements read per day
Pushing innovation
44 IBM Security
Security
Analytics
Threat
Hunting
Incident
Response
Threat
Intelligence
Build a Cognitive SOC
44
Security Operations and Response (SOAR)
45 IBM Security
Security Operations and Response: Build a Cognitive SOC
RESPONSE AND
ORCHESTRATION
Security Incident
Response #Resilient
Security
Orchestration#Resilient
External Threat
Monitoring Services
Easy to deploy,
integrates well with
IBM and third-party
solutions and services
via Apps
HIGH-VALUE
INSIGHTS
Risk and Vulnerability
Prioritization#QRadar
Governance,
Risk, and Compliance
Threat Actor and
Dark Web Intelligence#Watson
THREAT
INTELLIGENCE
Hunting and
Investigation Tools#i2
Threat Intelligence
Platform#X-Force #Watson for Cyber
NEAR SIEM
SECURITY ANALYTICSUser & Entity Behavior Analytics
#QRadar
Network
Analytics#QRadar
Focus value above Log
Management in Threat
Detection and Security
Operation and
Response Platform
EVENT
CORRELATION
SECURITY ANALYTICS
Security Information and Event Management
#QRadar
LOG COLLECTION
AND MANAGEMENT#QRadar
Traditional Log Management Solutions
(3rd Party)
Work seamlessly
with third-party LM
platforms when needed
NEW SECURITY
OPERATIONS TOOLS
Endpoint Detection
and Response (EDR)#BigFix
Network Forensics
and Anomaly Detection #Network Insights
Seamlessly integrate
with collection
infrastructure collection
and control points
Be
low
SIE
M L
aye
rA
bo
ve
46 IBM Security
Leverage an ecosystem of collaborative defenses
IBM Security App Exchange
47 IBM Security
Crowd-sourced sharing based on 700+TB of threat intelligence
IBM X-Force Exchange
48 IBM Security
Billions ofData Elements
X-Force Exchange
Trusted partner feed
Other threat feeds
Open source
Breach replies
Attack write-ups
Best practices
Course of action
Research
Websites
Blogs
News
Massive Corpus
of Security Knowledge10B elements plus 4M added / hour
1.25M docs plus 15K added / day
Millions ofDocuments
How Watson for Cyber Security works
STRUCTURED DATA UNSTRUCTURED DATA WEB CRAWLER
5-10 updates / hour! 100K updates / week!
50 beta customers
140K+ web visits in 5 weeks
200+ trial requests
SEE THE BIG PICTURE
“QRadar Advisor enables us to truly
understand our risk and the needed
actions to mitigate a threat.”
ACT WITH SPEED & CONFIDENCE
“The QRadar Advisor results in the enhanced
context graph is a BIG savings in time versus
manual research.”
49 IBM Security
Revolutionize how security analysts work
Watson determines the specific campaign (Locky),
discovers more infected endpoints, and sends results
to the incident response team
IBM QRadar Advisor with Watson
50 IBM Security
Collaboratively respond in minutes
IBM Resilient Incident Response
51 IBM Security
Detect abnormal behavior in one click
IBM QRadar User Behavior Analytics
52 IBM Security
Endpoint Detection, Response, and Remediation in ONE solution
IBM BigFix Detect
53 IBM Security
IBM Security invests in best-of-breed solutions
Incidentresponse
Cloud-enabledidentity management
Identity governance
Application security
Risk management
Data management
Security services and network security
Database monitoringand protection
Application security
SOA management and security
“…IBM Security is making all the right moves...”Forbes
2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002
IBM SecuritySystems
IBM SecurityServices
Identity management
Directory integration
Enterprisesingle-sign-on
Endpoint managementand security
Security Intelligence
Advanced fraud protection
Secure mobile mgmt.
CyberTap
54 IBM Security
Industry analysts rank IBM Security
DOMAIN SEGMENT MARKET SEGMENT / REPORTANALYST
RANKINGS
Security Operations and Response
Security Intelligence Security Information and Event Management (SIEM) LEADER
Network and Endpoint Protection
Intrusion Prevention Systems (IPS) LEADER
Endpoint: Client Management Tools LEADER
Endpoint Protection Platforms (EPP) Strong Performer
Information Risk
and Protection
Identity Governance
and Access
Management
Federated Identity Management and Single Sign-On LEADER
Identity and Access Governance LEADER
Identity and Access Management as a Service (IDaaS) LEADER
Web Access Management (WAM) LEADER
Mobile Access Management LEADER
Identity Provisioning Management LEADER
Data Security Data Masking LEADER
Application Security Application Security Testing (dynamic and static) LEADER
Mobile Protection Enterprise Mobility Management (MaaS360) LEADER
Fraud Protection Web Fraud Detection (Trusteer) LEADER
Security
Transformation
Services
Consulting and
Managed Services
Managed Security Services (MSS) LEADER
Information Security Consulting Services LEADER
V2016-06-16Note: This is a collective view of top analyst rankings, compiled as of August, 2016
55 IBM Security
Adaptive integration with ecosystem partners
Ready for IBM Security Intelligence
IBM PartnerWorld100+ ecosystem partners, 500+ QRadar integrations
56 IBM Security
A Global Leader in Enterprise Security
• #1 in enterprise security
software and services*
• 7,500+ people
• 12,000+ customers
• 133 countries
• 3,500+ security patents
• 19 acquisitions since 2002*According to Technology Business Research, Inc. (TBR) 2016
© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products
and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service
marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.
No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products
or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.
ibm.com/security
securityintelligence.com
xforce.ibmcloud.com
@ibmsecurity
youtube/user/ibmsecuritysolutions
FOLLOW US ON:
THANK YOU
top related