ibm qradar siem · ibm qradar siem augustin anić, system security engineer. agenda • siem leader...

IBM QRadar SIEM

Augustin Anić, System Security Engineer

Agenda

• SIEM leader• Effective Threat Detection• QRadar in action

– Dashboard– Search– Security incidents– Reports– User behaviour analysis

Gartner Magic Quadrant for SIEM

Open Platform

with hundreds of free integrations and content packs available via IBM Security App Exchange

See Everything

Automate Intelligence

Be Proactive

Effective Threat Detection

See EverythingGain comprehensive visibility into enterprise-wide data from behind a single pane of glass

BUSINESS CONTEXT

USERSCLOUD

APPLICATIONS

ENDPOINT

NETWORK

THREAT INTELLIGENCE

Automate IntelligenceAutomatically track threats as they progress, prioritize critical events and investigate potential incidents

Detect

Known and unknown threats

Connect

Related activity in multi-stage attacks

Prioritize

Business critical events

Investigate

Potential incidents with AI to find root

cause faster

Become Proactive

Hunt threats, respond faster and continuously improve based on lessons learned

Hunt ThreatsWith quick and advanced search

Respond Faster With automated containment and/orIR integration

Continuously ImproveWith closed-loop feedback based on lessons learned to improve automated detection processes

How it works?

QRadar dashboard

QRadar Search

QRadar offense/rules

QRadar reports

QRadar User behavior analysis

Summary

Trenutne prijetnje zahtijevaju konstantno nadziranje i analitiku

Potreba za centralnim sustavom obrade evenata u lokalnoj mreži

Potreba za automatizacijom detekcija sigurnosnih prijetnji i njihove prioritizacije

Proaktivnost i detekrianje prijetnji u ranijoj fazi njihove aktivnosti

Hvala na pažnji!