A press statement by the company said IBM Security Intelligence with Big Data provides a comprehensive approach that allows security analysts to extend their analysis well beyond typical security data and to hunt for malicious cyber activity. IBM monitors 15 billion security events per day in more than 130 countries and holds more than 3,000 security patents.
The new solution combines real-time correlation for continuous insight, custom analytics across massive structured data (such as security device alerts, operating system logs, DNS transactions and network flows) and unstructured data (such as emails, social media content, full packet information and business transactions), and forensic capabilities for evidence gathering. The combination helps organizations address the most vexing security challenges, including advanced persistent threats, fraud and insider threats.
Brendan Hannigan, General Manager of IBM's Security Systems Division, said, "Our goal is to provide actionable insight into every bit of data, no matter where it resides across the network, and help clients learn from past activity to better secure the future."
Made in IBM Labs, IBM Security Intelligence with Big Data unites the real-time security correlation and anomaly detection capabilities of the IBM QRadar Security Intelligence Platform with the custom analysis and exploration of vast business data provided by IBM InfoSphere BigInsights.
The key capabilities of this new tool include:
- Real-time correlation and anomaly detection of diverse security and network data
- High-speed querying of security intelligence data
- Flexible big data analytics across structured and unstructured data – including security, email, social media, business process, transactional, device, and other data
- Graphical front-end tool for visualizing and exploring big data
- Forensics for deep visibility into network activity
Included in IBM Security Intelligence with Big Data is an extensive set of pre-packaged security intelligence content, ranging from a comprehensive security data taxonomy and automated data normalization, to pre-defined rules and dashboards that codify industry best practices and accelerate time to value. The solution is also supported by IBM Security Services, which helps clients manage day-to-day security operations by providing real-time management and monitoring of diverse technologies, the release added.