Cloud Security

IBM Redesigns Cloud-Native SIEM to Level-up Security

Cloud_Native_SIEM
  • The cloud-native SIEM enhances scalability, speed, and flexibility while leveraging AI for improved alert prioritization and response.
  • Cloud-native QRadar SIEM is built on an open foundation, supporting interoperability with multi-vendor tools and cloud platforms.
  • IBM plans to introduce generative AI capabilities in early 2024.

IBM introduced a significant transformation to its flagship IBM QRadar SIEM (Security Information and Event Management) product. The new QRadar SIEM is redesigned on a cloud-native architecture tailored for hybrid cloud environments, with a strong focus on scale, speed, and flexibility. This update aims to empower security teams by enabling AI and security analysts to work together efficiently.

In fact, SOC professionals get to less than half (49%) of the alerts that they're supposed to review within a typical workday, according to a recent global survey.

[Source- Cision PR Newswire]

The cloud-native QRadar SIEM builds upon the strong foundation of its predecessor, offering efficient data ingestion, rapid search capabilities, and analytics at scale. It is based on an open foundation and is part of the QRadar Suite, IBM's integrated threat detection and response software portfolio.

As hybrid cloud environments expand and evolve rapidly, the security challenges become increasingly complex. The growing attack surface makes it difficult for security professionals to identify true threats amid the noise, leading to delayed threat responses. The new cloud-native QRadar SIEM addresses these challenges by leveraging AI to manage repetitive tasks and streamline the detection and response process for high-priority security incidents.

Built on Red Hat OpenShift, QRadar SIEM is designed to be open at its core, allowing for deep interoperability with multi-vendor tools and cloud platforms. It supports common detection rules (SIGMA) to quickly integrate crowdsourced threat detections from the security community. Additionally, it offers federated search and threat-hunting capabilities across various data sources, enhancing threat investigation across cloud and on-premises environments.

IBM's cloud-native SIEM includes AI capabilities that automatically prioritize alerts, reduce noise, and provide context for high-priority alerts. It streamlines threat investigations by running federated searches, creating visual attack timelines, and suggesting recommended actions. It plans to introduce generative AI (GAI) capabilities for QRadar Suite in early 2024. These AI capabilities will automate tasks like report creation, threat detection, log data interpretation, and threat intelligence curation. GAI is expected to enhance the productivity of security analysts, allowing them to focus on higher-value tasks.

The investment in cloud-native SIEM and AI integration reflects its commitment to delivering next-generation security operations technology. These advancements are designed to simplify security operations, reduce complexity, and provide security teams with the tools to effectively address today's complex threat landscape. The new cloud-native QRadar SIEM will be available as SaaS in Q4 2023.

IBM is actively working on its AI and data platform, watsonx, to enable generative AI to support security teams in automating routine tasks, accelerating threat response, and simplifying threat investigations. This represents a significant step toward more efficient and effective security operations.

Spotlight

Spotlight

Related News

AWS Analytics

Persistent Announces Strategic Collaboration Agreement with AWS to Accelerate Generative AI Adoption

PR Newswire | January 04, 2024

Persistent Systems a global Digital Engineering and Enterprise Modernization leader, announced a multi-year Strategic Collaboration Agreement with Amazon Web Services (AWS) to accelerate the pace of innovation and development of generative AI solutions for clients. Persistent is a long-standing AWS Partner and has a proven track record of early scale generative AI adoption across multiple industry verticals leveraging services like Amazon CodeWhisperer and Amazon Bedrock. Amazon CodeWhisperer provides generative AI-powered code recommendations directly in multiple integrated development environments (IDEs) to help developers build applications quickly in more than 15 coding languages; Amazon Bedrock is a fully managed service that makes foundation models (FMs) from leading AI companies accessible via an API to build and scale generative AI applications. This strategic collaboration with AWS will help Persistent to further increase the impact it delivers to its clients that are embracing generative AI. Through this teaming, Persistent will have access to additional resources from AWS to build proofs of concept to help clients identify tangible business outcomes from generative AI. This will also support use case discovery and rapid build out of solutions with additional go-to-market funds from AWS. One of the key benefits to combined clients will be continued early access to AWS's generative AI services and investments that will help clients with their aspirations around growth, time-to-market, and better customer experience. The Strategic Collaboration Agreement builds on Persistent's 30+ years of software engineering heritage, its best practices from more than 120 AWS engagements for cloud migration and modernization, and its 2,500 AWS practitioners to enable flexible and scalable generative AI-powered solutions tailored to clients' unique needs. Persistent's AWS Migration Competency status provides proven cloud expertise to help clients move successfully to AWS through all phases of complex migration projects. This collaboration reflects Persistent's proficiency in building robust cloud infrastructure, crucial in today's cloud-first, AI-first world, enabling clients to implement cloud-powered generative AI solutions. These combined assets from AWS and Persistent can bolster the value provided to joint clients, helping them unlock the full potential of their technology investments. Rajiv Sodhi, Senior Vice President – Hyperscaler Business & Strategic Alliances, Persistent: "Enterprises across industries are looking to tap into the transformative potential of generative AI to reimagine, redefine, and rethink their business models for improved customer experiences and business growth. Combined with our newly acquired AWS Migration Competency status and our SCA, AWS will help us scale generative AI adoption among our clients so they can identify and implement use cases where this technology can have a real impact. We remain committed to helping clients reach their technology goals by leveraging the agility, breadth of services, and rapid innovation that AWS provides." Quan Yang, Vice President of Research IT, Regeneron: "Generative AI unlocks new opportunities to transform the life sciences industry. We are modernizing our legacy research applications to help accelerate the drug development process and simplify workflows. With Persistent's Digital Engineering expertise, powered by the AWS platform, Regeneron's research and pre-clinical development teams help bring our new life-savings drugs to market faster." Chris Sullivan, Vice President, Worldwide System Integrator Partners, AWS: "We are delighted to be working with Persistent to help our customers accelerate growth, enable business transformation, and enhance their digital experience. Together, we aim to redefine what's possible with generative AI, setting new standards for efficiency, innovation, and technological advancements." About Persistent With over 22,800 employees located in 21 countries, Persistent Systems (BSE: PERSISTENT) (NSE: PERSISTENT) is a global services and solutions company delivering Digital Engineering and Enterprise Modernization. As a participant of the United Nations Global Compact, Persistent is committed to aligning strategies and operations with universal principles on human rights, labor, environment, and anti-corruption, as well as take actions that advance societal goals. With 268% growth since 2020, Persistent is the fastest-growing Indian IT Services brand according to Brand Finance.

Read More

Cloud Security

SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider

PR Newswire | January 03, 2024

SonicWall, a global cybersecurity leader, today announced the acquisition of Banyan Security, a leading provider of security service edge (SSE) solutions for the modern workforce. This acquisition strengthens SonicWall's portfolio by adding zero trust security relied on by leading fortune 100 companies to small businesses who are replacing legacy architectures for SSE solutions, including Zero Trust Network Access (ZTNA). "Cybersecurity's focus is shifting to more dynamic solutions that can adapt to the ever-evolving landscape of threats in the cloud age," said SonicWall President and CEO Bob Vankirk. "For years, firewalls have been the cornerstone of cybersecurity defenses. However, with the rise of cloud computing and secure access service edge (SASE), the industry is shifting its focus to more comprehensive and flexible approaches that include SSE and ZTNA as a necessity. Together, SonicWall and Banyan Security will provide cloud-based secure access service edge (SASE) solutions that empower partners to deliver a security architecture for any stage of their customers' evolving cloud journey." Banyan's technology further extends SonicWall's portfolio to the cloud and provides partners and their customers with more flexibility, which is key to the continued development of SonicWall's cybersecurity platform. The acquisition aligns with SonicWall's "best of suite" strategy — which includes network, endpoint, wireless, cloud email, and threat intelligence — under a single, multi-tenant portal. The platform also simplifies workflows and offers unified threat visibility, enabling service providers and end users to focus on what truly matters. "For decades, SonicWall has played a pivotal role in supporting their partners by delivering leading cybersecurity solutions," said Joshua Skeens, CEO of Logically, a valued SonicWall partner. "They're now extending that to the cloud as the demand for cloud-first strategies is evident. As businesses embark on their cloud journey, they will require hybrid deployments which SonicWall is ideally positioned to provide, and we are excited to be working alongside SonicWall as we empower businesses to thrive in this new era." With hybrid and remote employees working from their homes, virtual offices, and coffee shops, while accessing critical business applications across increasingly complex networks, a new set of challenges has emerged. To secure this ever-growing and interconnected access surface, organizations have been driven to adopt zero trust models to modernize security, often as a replacement for legacy architectures. The announcement comes on the heels of SonicWall's acquisition of Solutions Granted, Inc. (SGI), which helped arm the channel with the latest managed detection and response services tailor-made for Managed Service Providers and Managed Security Service Providers. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. About Banyan Security Banyan Security provides secure, zero trust "work from anywhere" access to infrastructure and applications for employees, developers and third parties without relying on network-centric solutions like VPNs. Deep visibility provides actionable insight, while continuous authorization with device trust scoring and least privilege access, deliver the highest level of protection without sacrificing end-user productivity. Banyan Security protects tens of thousands of employees across multiple industries, including finance, healthcare, manufacturing and technology.

Read More

Cloud App Management

DriveNets and Acacia Announce Joint Network Cloud 400G ZR/ZR+ Solution

PR Newswire | January 16, 2024

DriveNets – a leader in innovative networking solutions – and Acacia today announced the completion of integrating multiple Acacia 400G ZR/ZR+ optical modules with DriveNets' Network Cloud platform. The combined DriveNets-Acacia solution will ensure quick adoption of this innovative disaggregated networking solution and accelerate large-scale network rollouts. DriveNets and Acacia have joint Tier-1 operator customers who will deploy the joint solution. Last September, DriveNets announced that Network Cloud was the first Disaggregated Distributed Chassis/Backbone Router (DDC/DDBR) to support ZR/ZR+ optics as native transceivers that can be inserted into any Network Cloud-supported white boxes. The combined Acacia-DriveNets solution announced today adds the initial collaboration between the companies, offering several benefits: The joint solution will deliver significant simplicity and cost savings by collapsing Layer-1 to Layer-3 communications into a single platform. The use of 400ZR/ZR+ eliminates the need for standalone optical transponders, lowering the number of boxes in the solution, and reducing operational-overhead, floor-space, and power. DriveNets and Acacia worked together to ensure that the DriveNets NOS (DNOS) supports the 400ZR/ZR+ modules beyond simply plugging them into the box. The collaboration ensures the 400ZR/ZR+ modules can be tunable, configurable, and manageable by DriveNets Network Cloud software. This integration also goes beyond interoperability validation. DriveNets Network Cloud offers full software support for the Acacia modules, including configuration (channel and power), monitoring, and troubleshooting for Acacia Bright 400ZR+ transceivers with transmit power greater than +1dBm. "Today's announcement is further proof of the growth of disaggregated networking solutions and demonstrates that more operators are looking for open solutions that will allow them to mix elements from multiple vendors and avoid being locked to a specific end-to-end vendor solution," said Nir Gasko, Vice President, Global Strategic Alliances for DriveNets. "By collaborating with Acacia, we enable our joint customers to quickly adopt cutting-edge technologies and evolve their networks faster." "Partnering with DriveNets on this joint solution will allow network operators to deploy Acacia's high-volume standard-based coherent pluggable portfolio in open disaggregated networks with less effort," said Fenghai Liu, Senior Director of Product Line Management for Acacia. "Through this collaboration customers can achieve significant capex and opex savings with router-based coherent optics." DriveNets Network Cloud is being adopted by more Tier-1 operators around the world. By partnering with world-class providers like Acacia, the company continues to expand its ecosystem to support its customers' desire to mix-and-match hardware and software from multiple vendors. Learn more about DriveNets here. About DriveNets DriveNets is a leader in high-scale disaggregated networking solutions. Founded in 2015, DriveNets modernizes the way service providers, cloud providers and hyperscalers build networks, streamlining network operations, increasing network performance at scale, and improving their economic model. DriveNets' solutions – Network Cloud and Network Cloud-AI – adapt the architectural model of hyperscale cloud to telco-grade networking and support any network use case – from core-to-edge to AI networking – over a shared physical infrastructure of standard white-boxes, radically simplifying the network's operations and offering telco-scale performance and reliability with hyperscale elasticity. DriveNets' solutions are currently deployed in the world's largest networks.

Read More