What is QRadar SIEM?
About IBM QRadar SIEM
IBM QRadar SIEM (Security Information & Event Management) consolidates log events and network flow data from thousands of devices, endpoints and applications distributed throughout a network. It normalises and correlates raw data to identify security offences, and uses an advanced Sense Analytics engine to baseline normal behaviour, detect anomalies, uncover advanced threats and remove false positives. As an option, this software incorporates IBM X-Force Threat Intelligence which supplies a list of potentially malicious IP addresses including malware hosts, spam sources and other threats. IBM QRadar SIEM can also correlate system vulnerabilities with event and network data, helping to prioritise security incidents.
IBM QRadar SIEM Foundation:
- Provides real-time visibility to the entire IT infrastructure for threat detection and prioritisation.
- Reduces and prioritises alerts to focus security analyst investigations on an actionable list of suspected, high probability incidents.
- Enables more effective threat management while producing detailed data access and user activity reports.
- Operates across on-premises and cloud environments.
- Produces detailed data access and user activity reports to help manage compliance.
- Offers multi-tenancy and a master console to help managed service providers provide security intelligence solutions in a cost-effective manner.
To learn more about the product, visit: www-03.ibm.com/software/products/en/qradar.