IBM | November 08, 2023
The cloud-native SIEM enhances scalability, speed, and flexibility while leveraging AI for improved alert prioritization and response.
Cloud-native QRadar SIEM is built on an open foundation, supporting interoperability with multi-vendor tools and cloud platforms.
IBM plans to introduce generative AI capabilities in early 2024.
IBM introduced a significant transformation to its flagship IBM QRadar SIEM (Security Information and Event Management) product. The new QRadar SIEM is redesigned on a cloud-native architecture tailored for hybrid cloud environments, with a strong focus on scale, speed, and flexibility. This update aims to empower security teams by enabling AI and security analysts to work together efficiently.
In fact, SOC professionals get to less than half (49%) of the alerts that they're supposed to review within a typical workday, according to a recent global survey.
[Source- Cision PR Newswire]
The cloud-native QRadar SIEM builds upon the strong foundation of its predecessor, offering efficient data ingestion, rapid search capabilities, and analytics at scale. It is based on an open foundation and is part of the QRadar Suite, IBM's integrated threat detection and response software portfolio.
As hybrid cloud environments expand and evolve rapidly, the security challenges become increasingly complex. The growing attack surface makes it difficult for security professionals to identify true threats amid the noise, leading to delayed threat responses. The new cloud-native QRadar SIEM addresses these challenges by leveraging AI to manage repetitive tasks and streamline the detection and response process for high-priority security incidents.
Built on Red Hat OpenShift, QRadar SIEM is designed to be open at its core, allowing for deep interoperability with multi-vendor tools and cloud platforms. It supports common detection rules (SIGMA) to quickly integrate crowdsourced threat detections from the security community. Additionally, it offers federated search and threat-hunting capabilities across various data sources, enhancing threat investigation across cloud and on-premises environments.
IBM's cloud-native SIEM includes AI capabilities that automatically prioritize alerts, reduce noise, and provide context for high-priority alerts. It streamlines threat investigations by running federated searches, creating visual attack timelines, and suggesting recommended actions. It plans to introduce generative AI (GAI) capabilities for QRadar Suite in early 2024. These AI capabilities will automate tasks like report creation, threat detection, log data interpretation, and threat intelligence curation. GAI is expected to enhance the productivity of security analysts, allowing them to focus on higher-value tasks.
The investment in cloud-native SIEM and AI integration reflects its commitment to delivering next-generation security operations technology. These advancements are designed to simplify security operations, reduce complexity, and provide security teams with the tools to effectively address today's complex threat landscape. The new cloud-native QRadar SIEM will be available as SaaS in Q4 2023.
IBM is actively working on its AI and data platform, watsonx, to enable generative AI to support security teams in automating routine tasks, accelerating threat response, and simplifying threat investigations. This represents a significant step toward more efficient and effective security operations.
Cloud App Management
Spectro Cloud | November 07, 2023
Spectro Cloud has unveiled its third annual ‘State of Production Kubernetes’ report, providing unique insights into the highly dynamic Kubernetes industry. The report, based on a comprehensive survey of 333 Kubernetes practitioners and decision-makers, reveals key trends and challenges facing the industry.
The research highlights that operations teams are grappling with increasing complexity as their Kubernetes environments expand. A significant 56% of businesses have more than 10 Kubernetes clusters, and 69% run Kubernetes in multiple clouds or other environments. Furthermore, 75% report issues affecting the running of their clusters, an increase from 66% in 2022.
The report also underscores the need for greater support for application developers. Despite the rise of platform engineering, 82% of operations teams struggle to provide developers with access to tailored clusters. Additionally, 37% report inconsistencies between development, staging, and production environments.
The study also points to application modernization as a pressing issue for cloud-native organizations. While all interviewees reported a ‘container first’ approach, they agreed that virtual machines (VMs) are here to stay. A significant 85% are migrating existing VM workloads to Kubernetes, and 86% aim to unify containerized and VM workloads on a single infrastructure platform.
The Spectro Cloud's report reveals challenges in Kubernetes, with 75% of operations teams facing issues with cluster management and 82% struggling to provide developers with tailored clusters. The report also highlights the persistence of VMs and security, compliance, and cost issues in edge computing. However, it also shows a growing trend towards Kubernetes, with a majority of businesses operating multiple clusters across various environments. The rise of platform engineering, migration of VM workloads to Kubernetes, and increasing adoption of Kubernetes in edge computing environments suggest a shift towards modernization and promising advancements.
Finally, the report indicates that edge computing is gaining momentum, with 49% actively piloting or using Kubernetes in edge computing environments. AI is a key driver for edge adoption, with investment expected to improve business processes and enable new connected solutions. However, significant challenges remain, particularly around security, compliance, and the costs of field engineering.
Spectro Cloud's third annual ‘State of Kubernetes’ report highlights these trends and challenges. The report aims to inspire new dialogue in the industry, particularly at events like KubeCon. The report is available for download and will be discussed in a webinar on November 30.
About Spectro Cloud
Spectro Cloud is a leading provider of Kubernetes management solutions. Its comprehensive platform allows organizations to manage the full lifecycle of diverse Kubernetes environments, whether small or large, new or existing, simple or complex, in data centers or the cloud. The company's unique approach offers IT teams complete control and visibility, enabling them to provide developers with flexible Kubernetes stacks and tools tailored to their specific needs, all while ensuring granular governance and enterprise-grade security.
Avanade | November 06, 2023
Avanade launches an AI-based platform, "Avanade Cloud Impact", to unlock up to 50% of cloud spend.
The platform generates insights on IT estate risks and opportunities by analyzing cloud consumption patterns.
Avanade offers a free cost optimization workshop to clients interested in adopting an AI-first approach.
Avanade, a leading Microsoft solutions provider, launches a new platform, ‘Avanade Cloud Impact’, designed to help businesses establish an AI-ready digital core and unlock funding for innovation. The platform uses AI and machine learning to analyze industry, business, and technical data sources, providing tailored modernization insights for companies on their cloud journey. It has already saved Avanade clients up to 50% of their cloud spend.
The platform works by analyzing cloud consumption patterns and comparing them with various data sources to generate insights on a wide range of risks and opportunities across an IT estate. These insights can include modernization recommendations and cost-benefit analyses. Avanade Cloud Impact can deliver information about data egress cost spikes, application redesign options, and achieve up to 50% cloud cost savings while quantifying sustainability benefits, all without the need to make any code changes.
Andrew Stahel, Regional Applications and Infrastructure Solution Area Lead, Avanade Australia, emphasized the importance of AI in today's business environment and the need for businesses to rethink what the cloud can do for them. He expressed excitement about the potential of the Avanade Cloud Impact platform to help Australian businesses harness the true potential of AI by strengthening their digital core.
Merrie Williamson, CVP, Azure Infrastructure, Digital and App Innovation, Microsoft, also expressed enthusiasm about the new platform and its ability to provide deep insights and recommendations that accelerate value for Azure customers.
While Avanade's new platform, ‘Avanade Cloud Impact’, promises to unlock up to 50% of a business's cloud spend and provide tailored modernization insights, it does come with potential drawbacks. The platform's effectiveness is heavily dependent on the quality and accuracy of the data it analyzes, and incorrect or incomplete data could lead to misleading insights. Additionally, there may be a learning curve associated with understanding and effectively utilizing the insights generated by the platform. Furthermore, the platform might not be suitable for all types of businesses, particularly those with unique or complex cloud consumption patterns.
However, the benefits of the platform are significant. It can lead to substantial cost savings and help businesses make informed decisions on their cloud journey. The use of AI and machine learning allows the platform to handle large amounts of data and provide comprehensive insights. Plus, Avanade offers a free introductory cost optimization workshop, providing additional support for businesses adopting an AI-first approach.