IBM has launched QRadar Suite, a cloud-native expansion to its QRadar security offering that the company claims accelerates detection, assessment and remediation of threats, TechRepublic reports.
According to IBM, QRadar Suites features include extended detection and response, security information and event management, security orchestration, automation and response, and cloud-native log management, which are all accessible through a common dashboard.
Todays Security Operation Center teams are protecting a fast-expanding digital footprint that extends across hybrid cloud environments -- creating complexity and making it hard to keep pace with accelerating attack speeds, IBM said.
The product also leverages artificial intelligence and automation, resulting in a 55% decline in alert triage timelines on average within a company's first year of implementation, according to IBM Managed Security Services. Qradar's AI is trained on prior analyst response patterns in order to effectively triage alerts in conjunction with threat intelligence provided by IBM X-Force. Upon detection of high-priority incidents, AI models produce an attack graph and timeline using theMITRE ATT&CK framework and provide a recommended response. QRadar also actively seeks indicators of compromise across environments using federated search capabilities and open-source threat hunting language.