IBM® QRadar® Security Information and Event Management (SIEM) helps security professionals to ensure high accuracy of threat detection and prioritization. This solution allows them to quickly respond to incidents and minimize their consequences. Consolidation of events in logs and data streams coming to the network from thousands of devices, endpoints and applications gives QRadar the ability to compare a variety of information, combine interrelated events and issue spot alerts to speed up the analysis and elimination of incidents.
Functionality:
- Receiving large amounts of data from local and cloud sources.
- The use of built-in analysis tools for accurate threat detection.
- Comparison of interrelated operations to prioritize incidents.
- Automatic analysis and normalization of logs.
- Threat analysis and support for STIX/TAXII.
- Support for integration with 450 solutions.
- Flexible architecture for deployment in on-premises infrastructure or in the cloud.
- Scalable, auto-configurable and self-managed database.
