Smarter Cyber security with IBM Solution - ETDA. Smarter... · QRadar Incident Forensics SECURITY...

Smarter Cyber security with IBM SolutionINTEGRATED SECURITY FOR A NEW ERA

Mr.Thaweesak Srinak : Technical Sale Security Software

Updated April 2019

Computer Union

© Copyright

Data Is The New OilM a r k e t R e a l i t y

At its height, Oil held

79% of the American

market share

Google

Holds 81% share of

search

$ 3

Conoco Phillips

$2.7

$4

$25 B

ILLION

BILLIO

N

BILLIO

N

MILLIO

N

Exxon MobilChevron

Microsoft

Facebook

Apple

Amazon

Alphabet

Google & Facebook

Control 88% of all

new internet

advertising because

they hold most data

globally

88%

79%

81%

Data

© Copyright

There is explosive data growth across multiple platforms & data landscape is constantly evolving

1 Elastica Shadow Data Report Q2 2015; 2 IDC

Structured data

Big

Data

Unstructured

data

Cloud

Service

60%Growth in

cloud

documents 126%Annual

increase in

big data2

22.4%Annual increase

in structured

data2

42.5%Annual

increase in

unstructured

data2

Enterprises are constantly

acquiring new data

IP

Consumer Data

(PII, Privacy)

LOB Critical Data (Regulated, Clients)

Enterprise Operational Data

(Employees, Partners)

4 IBM Security

Critical Assets for Corporations– What are we Referring?

Data

PII (Internal/External), Intellectual Property,

Communications

Applications

Internal, External, Mobile

Mobile Devices

Mobile Phones/Devices

Endpoints

Desktops, laptops, servers, POS, ATMs

5 © 2018 IBM Corporation

CISOs tell us data security is a critical priority

• GDPR

• NY-DFS 504

• China Privacy

• Australian Act

• HIPAA

• IaaS (Containers)

• PaaS (DBaaS)

• SaaS (O365)

1. Get ahead of compliance demands

2. Protect against data breaches

3. Secure data across multiple clouds

4. Uncover business risks related to data

5 © 2018 IBM Corporation

6 IBM Security

Challenges with data security

Where is the critical data?

Are the crown jewels classified and protected?

Do they reside in the cloud? Unstructured?

Who can access the data?

There is now a fluid perimeter

How to maintain the right level of Data

security?

How to keep up with the pace of change?

What to lock down?

What data should be encrypted?

What SaaS apps are used?

How to address Compliance?

What compliance issues are there? What

controls exist? What are the remediation

action items?

Where to start?

What data assets are high value?

Which cloud services are used?

Which repositories and databases are used?

06/15/2017

Who is responsible for data security?

With Cloud Service Providers – clients still

have security obligations. What are they?

How to talk risk with the CRO?

7 IBM Security

Data Loss

Prevention

(DLP)

Vulnerability

Management

Cloud

Access

Security

Brokers

(CASB)

Database

Security

The C-Suite

Security Solutions

Although IT infrastructure and security metrics are important….there is a

growing divide in reporting them to the C-Suite or the Board

Identity

Management

8 IBM Security

Today’s security drivers

COMPLIANCEHUMAN

ERROR

SKILLS GAPADVANCED

ATTACKSINNOVATION

9 IBM Security

2013800+ Million records

20141+ Billion records

2015Unprecedented Impact

Attackers break through conventional safeguards every day

$7Maverage cost of a U.S. data breachaverage time to identify data breach

201 days

10 IBM Security10 IBM Security

Today’s security drivers

• Organized Crime

• Malicious Insiders

• Nation States

• Hacktivists

ACTORS TARGETS VECTORS

• Healthcare

• Manufacturing

• Government

• Financials

• Ransomware

• Phishing, Exploit Kits

• Stealthy Malware

• Denial of Service

REALITY

• Cloud, mobile, IoT

• Compliance

• Human error

• Skills gap

11 IBM Security

Imagine if you could…

PROTECT against tomorrow’s risks, today

12 IBM Security

How do I get started when all I see is chaos?

IP reputation

Indicators of compromiseThreat sharing

Firewalls

Incident and threat management

Virtual patching

Sandboxing

Network visibility

Malware protection

Antivirus

Data access control Data monitoring

Application security management

Application scanning

Access management

Entitlements and roles

Identity management

Transaction protection

Device management

Content security

Workloadprotection

Cloud accesssecurity brokerAnomaly detection

Log, flow, data analysis

Vulnerability management

Privileged identity management

Incident response

Criminal detection

Fraud protectionEndpoint patching and management

13 IBM Security

Threat Intelligence

Security Analytics

Cloud

Identityand

Access

Dataand

Apps

MobileAdvanced

Fraud

NetworkEndpoint

Security Ecosystem

An integrated and intelligent security immune system

Criminal detection

Fraud protection

Workloadprotection

Cloud accesssecurity broker

Access management

Entitlements and roles


Identity management

Data access control

Application security management


Data monitoring

Device Management

Transaction protection

Content security

Malware protection

Antivirus

Endpoint patching and management

Virtual patching

Firewalls

Incident and threat management

Sandboxing

Network visibility

Vulnerability management Incident response

Log, flow, data analysis Anomaly detection

Indicators of compromise

IP reputation Threat sharing


Security Intelligence and Vulnerability Management

Fraud Identity & Access Data Applications Network Endpoint Mobile

Managed Security Services

Key differentiator: Only IBM Security can bring it all together

• AccessData

• Akamai

• Alien Vault

• BlueCoat

• EMC

• Guidance Software

• Hewlett-Packard

• Intel Security

• LogRhythm

• NetIQ

• NIKSUN

• Prolexic

• Qualys

• Rapid7

• Splunk

• Symantec

• Tripwire

• Tenable Network Security

• Vigilant

• Dell • HP • Symantec • Verizon

• 41st Parameter

• Accertify

• EMC

• Guardian Analytics

• iovation

• NICE Systems

• ThreatMetrix

• CA Technologies

• Dell

• EMC

• Entrust

• Okta

• OneLogin

• Oracle

• PingIdentity

• Symantec

• EMC

• Entrust

• Imperva

• Intel Security

• SafeNet

• Symantec

• Verdasys

• Vormetric

• Appthority

• F5 Networks

• Hewlett-Packard

• Qualys

• Trustwave

• Veracode

• WhiteHat Security

• Arbor

• CheckPoint

• Cisco

• Dell

• FireEye

• Fortinet

• Hewlett-Packard

• Intel Security

• Juniper

• Palo Alto Networks

• Sourcefire

• ESET

• F-Secure

• Intel Security

• Kaspersky

• Lumension

• Microsoft

• Sophos

• Symantec

• Trend Micro

• Good

• Check Point

• Cisco

• Citrix

• Intel Security

• Microsoft

• MobileIron

• Sophos

• Symantec

• VMware

• Webroot

• Zscaler


Traditional security practices are unsustainable

MILLION

unfilled security positions

by 20201.585 security tools from 45 vendors

PERCENT of CEOs are

reluctant to share incident

information externally68

16 IBM Security

SECURITY TRANSFORMATION SERVICESManagement consulting | Systems integration | Managed security

Threat Intelligence

Security Analytics

Cloud

Identityand

Access

Dataand

Apps

MobileAdvanced

Fraud

NetworkEndpoint

Security Ecosystem

IBM has the world’s broadest and deepest security portfolio

App Exchange

MaaS360

INFORMATION RISKAND PROTECTION

Trusteer Mobile

Trusteer Rapport

AppScan

Guardium

Cloud Security

Privileged Identity Manager

Identity Governance and Access

Cloud Identity Service

Key Manager

zSecure

Trusteer PinpointQRadar Vulnerability Manager Resilient Incident Response

X-Force Exchange

QRadar Incident Forensics

SECURITY OPERATIONSAND RESPONSE

BigFix Network Protection XGS

QRadar SIEM QRadar Risk Manager

17 IBM Security

LEADin strategic domains

Security Transformation Services

Management Consulting | Systems Integration | Managed Security

Security Research and Threat Intelligence

Security Operations and Response Information Risk and Protection

IBM Security Strategy

Cloud Security Mobile Security

Identity Governance and Access Management

Data

Protection

Application

Security

Advanced Fraud

Prevention

Incident Response

Security Intelligence and Analytics

Vulnerability and

Patch Management

Endpoint and

Network Protection

User Behavior

Analytics

SUPPORTthe CISO agenda

CloudMobile and

Internet of ThingsComplianceMandates

SkillsShortage

AdvancedThreats

Cloud CollaborationCognitive

ACCELERATEwith key innovation

18 IBM Security

IBM helps protect against new and complex security challenges

Optimize your security program with skills to address modern day risks

SECURITY

TRANSFORMATION

SERVICES

Orchestrate your defenses

throughout the entire attack

lifecycle

SECURITY

OPERATIONS

AND RESPONSE

Keep your critical

information protected while

accelerating the business

INFORMATION

RISK AND

PROTECTION


Context: Reaching security maturity in context

Security Intelligence and Operations

Can you identify active attack paths and high-risk assets?

Can you correlate events across domains and detect advanced threats?

Are you meeting compliance and reporting requirements?

Fraud People Data Application Infrastructure

Are your mobile, online

and cloud channels

secure from cybercrime?

Do you have automated,

policy-driven identity

and role based

management?

Can you monitor

(privileged) access

to data?

Can you test legacy

applications for

exposures?

Do you have real-time

visibility and full control

of your security and

operations?

Can you identify and

stop fraud without

negatively impacting

user productivity?

How are you managing

user access to

resources?

Do you know if sensitive

data leaves your

network?

Are you regularly

testing your website

for vulnerabilities?

Do you perform proactive

threat and vulnerability

management protection?

Are you able to detect

and prevent malware

and phishing attacks?

Have you rolled out an

identity program?

Have you classified

and encrypted sensitive

data?

Do you have a

secure application

development

process?

Are you providing basic

threat management

for all endpoints and

network devices, including

cloud and mobile?

Optimized

Proficient

Basic


Capabilities: Reaching security maturity capabilities

Security Intelligence and Operations

Predictive analytics, big data workbench, flow analytics, forensics

SIEM and vulnerability management

Log management

Fraud People Data Application Infrastructure

• Transaction protection

• Endpoint protection

• Identity governance

• Fine-grained entitlements

• Privileged user management

• Data governance

• Encryption key management

• Fraud detection

• Hybrid scanning and correlation

• Multi-facetednetwork protection

• Anomaly detection

• Hardened

• Login challenge questions

• User provisioning

• Access management

• Strong authentication

• Data masking / redaction

• Data activity monitoring

• Data loss prevention

• Web application protection

• Source code scanning

• Virtualization security

• Asset management

• Endpoint / network security management

• Device ID rules • Directorymanagement

• Encryption

• Database access control

• Applicationscanning

• Perimeter security

• Host security

• Anti-virus

Optimized

Proficient

Basic

21 IBM Security



SECURITY

TRANSFORMATION

SERVICES



lifecycle

SECURITY

OPERATIONS

AND RESPONSE

Keep your critical



INFORMATION

RISK AND

PROTECTION


Outside and inside threats continue to challenge enterprises

$445 BILLION

estimated annual losses

to the global economy

49 PERCENT

of IT pros retain access

to their ex-employer’s network


Abstract: Integration to help prevent, detect and respond to advanced threats

SIEM

Vulnerability management

Incident Response

Network security

Incident forensics

Threat sharing

Endpoint management

Malware prevention

Real-time

Continuously monitors activity

to prevent attacks and detect

anomalous behavior

Incident Response

Responds to incidents

in integrated and organized

fashion across IT environment

Sends network flow data

to SIEM for analysis of all

events and administration

of quarantine commands

Global threat research helps

SIEM place activity in external

context and determine severity

Provides endpoint assets

and malware events to

SIEM to manage patching

and prevent malware installs

Data activity monitor sends

events to SIEM to prevent

illicit activity of sensitive data

Data activity monitoring


Example: Disrupt the attack chain in real-time

GATHER

Authorized system

attempts to access

resources

BREAK-IN

Remote employee

triggers drive-by

download

LATCH-ON

Internal system

infected as part

of a botnet

EXPAND

Targeted internal email

sent to high-profile

employees

EXFILTRATE

Persistent attackers

quietly siphoning

out data

ATTACK CHAIN

1 2 3 4 5

QRadar Incident

Forensics

reconstructs

abnormal user and

database activity

from network packets

BigFix patches the

latest vulnerabilities

and quarantines

infected endpoints

to prevent more

damage

Network Protection

blocks zero-day

exploit traffic and

sends flows to

QRadar for anomaly

detection

QRadar correlates

network flows and

security events

from other security

controls into a list of

priority offenses

Resilient Incident

Response Platform

allows responders

to coordinate activity

before damage

occurs


Abstract: Integration to help prevent, detect and block insider threat


Identity governance and intelligence

SIEM

Data activity monitoring

Governs users and their access

to assure validity of privileged

access rights using credential

data and identity context

Detects anomalous behavior using data

activity and identity context and makes

corrections to block and prevent insider threat

Monitors privileged user

activity on sensitive data

sources and validates

access with identity solution

User Behavior Analytics


Example: Detect insider threats and manage risk

IDENTITY

GOVERNANCE

ACTIVITY

MONITORING

PRIVILEGED IDENTITY

MANAGEMENT

SECURITY

INTELLIGENCE

IGI checks for Segregation

of Duties violations and runs

access certification

campaigns to ensure validity

of privileged access rights

Guardium monitors and

audits privileged user access

to sensitive data sources,

and can alert or block on

unauthorized access

PIM can share check in/

check out audit records,

and Guardium can cross

reference information

with its auditing of data

access activity

QRadar can correlate PIM

credentials and Guardium

activities to detect anomalies

and trigger alerts; consumes

User Behavior Analytics to

identify anomalous usage

SharedID

1 2 3 4

27 IBM Security



SECURITY

TRANSFORMATION

SERVICES



lifecycle

SECURITY

OPERATIONS

AND RESPONSE

Keep your critical



INFORMATION

RISK AND

PROTECTION


Organizations continue to struggle with compliance risks

Top cybersecurity oversight activities

IT SecurityBoard of Directors

regulatory fines in

data breach lawsuits

$25M

83%

of enterprises have difficulty

finding security skills


Abstract: Integration to manage compliance and governance

Data activity monitoring Identity governance and intelligence

Identity governance helps govern, detect

and prevent access-related risk on the

mainframe to assure adherence to

compliance and security standard

Mainframe access

Provides visibility into

database activity through

validation of user accounts

and entitlements

Correlates audit and compliance data to

assess user access to critical enterprise data


Example: Stop audit failures with identity governance

IDENTITY GOVERNANCE

CROWN JEWEL PROTECTION

ACTIVITY MONITORING

3

IGI cleans up data access privileges

using user accounts and entitlements

and removes the risk of improper

access to database and mainframe

resources

zSecure enhances mainframe

compliance audit and reporting to

comply with regulations

and detect threats

Guardium monitors and audits

privileged user activity in real-time,

and assesses zSecure audit collection

and reporting to provide a consistent

view across all access controls

1 2


Abstract: Integration for risk-based access to critical assets

Enterprise mobility


Fraud andmalware detection

Cloud identity service

Access management

Protects users from fraud with strong authentication

using risk-based access controls built around

malware and fraud risk-score

Enables easy access to enterprise mobile resources

with mobile device and content security to assure

mobile compliance and policy management

Provides visibility into cloud app usage using

threat intelligence, identity context and data

monitoring to assure safe cloud app adoptionEnables risk-based access to enterprise and cloud

apps from on-premise location or from the cloud


Example: Safeguard digital identities in the era of cloud and mobile

5

1

2

3

4

4.Advanced user risk and fraud detection engine

2. Risk-aware enforcement point with strong authentication on-premise or from the cloud

1. Discover, control, and protect against risky cloud adoption

3.Mobile device compliance and policy management

5.Safeguard access to cloud and enterprise apps


As cloud and mobile increases, so do security threats

11.6M devices are impacted by mobile malware

of firms discovered cloud usage outside of security policies

73%

30Bconnected “things” by 2020


Abstract: Integration to help secure mobile transformation

Fraud andmalware detection

Access management

Evaluates risk-based access using

identity controls built around malware

and fraud risk-score

Enables easy access to enterprise mobile resources

with mobile device and content security to assure

mobile compliance and policy management

Scans and secures mobile enterprise apps

with vulnerability discovery and assessment


Provides strong authentication and enables secure SSO to

enterprise resources from mobile using risk-based identity context

Enterprise mobility


Example: Remove barriers to mobile productivity

IDENTITY & ACCESS

MANAGEMENT

ENTERPRISE

MOBILITY

APPLICATION

SCANNING

FRAUD

PROTECTION

ISAM binds strong

authentication on mobile

devices with context sourced

from MaaS360 and Trusteer

for enhanced risk-based

access and authorization

MaaS360 protects the device,

content, apps and data and

enables SSO into enterprise

apps with ISAM

AppScan scans enterprise

and consumer mobile apps to

identify security vulnerabilities

and generate reports and fix

recommendations

Trusteer protects consumers

from fraud and malware on

mobile devices to build

integrity and assurance

2 3 41


Abstract: Integration for secure adoption of cloud apps

Provides global threat intelligence

to place events in external

context and determine severityIPS and proxy technology

enable network threat

blocking and protect

mobile usage

Threat sharing

SIEM


Intrusion Prevention System

Secure gateway

Cloud identity service

Access management

Correlates cross-cloud events, logs, mobile traffic,

IPS data, and anomalies to prevent threats and

enforce policies

Discovers cloud app usage based

on user analytics, identity context

and threat prevention data

Enables enterprise user access to SaaS

cloud applications with secure SSO and

cloud-based federated access,

provisioning, governance and compliance


Example: Gain visibility into cloud application usage

IDENTITY & ACCESSMANAGEMENT

SECURITY INTELLIGENCE

DATA & THREAT PROTECTION

Identity and access enables federated

single-sign on to approved cloud apps

as well as policy enforcement to control

access to unsanctioned apps

Security intelligence correlates cloud

events to provide discovery and

visibility into cloud app usage, using X-

Force risk scoring for thousands of

applications and a continuous stream

of cloud activity data

XGS provides intrusion prevention

capabilities (threat signatures, network

analysis, and zero-day protection)

to protect against cloud-related threats,

while Guardium protects data in the

cloud

21 3

38 IBM Security

Data at Rest Configuration Data in Motion

Where is the sensitive data?

How to protect sensitive data to

reduce risk?

How to secure the repository?

Entitlements

Reporting

Activity

Monitoring

Blocking

Quarantine

Dynamic Data

Masking

Vulnerability

Assessment

Who canaccess?

What is actually happening?

Best practice journey – all products working together

EncryptionDiscovery

Classification

How to prevent unauthorized

activities?

How to protect sensitive data?

Harden Monitor ProtectDiscover

39 IBM Security

Protecting data now requires designing a Data Centric Protection (DCP) program

Governance

Regulatory

Compliance

Executive

Involvement

Organization

StructurePolicies Metrics/Reporting

People

SkillsRoles and

Responsibilities

Staff Capacity

ModelingTraining

Process

Formalized

DocumentationProcess

OptimizationData Lifecycle

Workflow

Automation

Technology

Data Loss

Prevention

Digital Rights

Management

Data Discovery

/ Flow /

Dependency

Data Activity

Monitoring

Data

Encryption /

Tokenization

Data Tagging

Cloud Access

Security Broker

Data Masking

Vulnerability

Management

SIEM

A.D.

CMDB

Technology &

Business Context

Integration

40 IBM Security

SaaS

IoT, Mobile Files

Files (systems)

Data Lakes

Databases

Big Data

IBM Data Security FrameworkProtect data where it resides with a business risk-driven approach

On

-Pre

mis

e, in

Clo

ud

Data-Centric Audit Protection

Information Security Enforcement

Information Security Risk Detection

Security Operations

and Response

Identity and Access Mgmt.

Tokenization MaskingEncryption Access Control DLP

DataDiscovery

Activity Monitoring

Risk Management

Data Classification

Behavioral Analytics

Compliance Reporting

Vulnerability Assessment

41 IBM Security

SaaS

IoT, Mobile Files

Files (systems)

Data Lakes

Databases

Big Data

IBM Data Security PortfolioIBM Offerings today and new deliverables in 2018

On

-Pre

mis

e, in

Clo

ud

Data-Centric Audit Protection

Information Security Enforcement

Information Security Risk Detection

Tokenization MaskingEncryption Access Control DLP

Vulnerability Assessment

Guardium Data and

Multi-Cloud Encryption

Data

Ecosyste

m

Behavioral Analytics

Compliance Reporting

Risk Management

NEW

Data Risk

ManagerBig Data

Intelligence

NEW NEW

Security Operations

and Response

Identity and Access Mgmt.

QRadar,

Resilient

Cloud

Identity

Guardium

Accelerators

DataDiscovery

Activity Monitoring

Data Classification

Guardium Data Protection

Guardium Analyzer*NEW

42 IBM Security

COGNITIVE, CLOUD,and COLLABORATION

The next era of security

INTELLIGENCEand INTEGRATION

PERIMETER CONTROLS

43 IBM Security

CLOUD COLLABORATION COGNITIVE

• Deliver Security from the Cloud

• Secure connections to the Cloud

• 750TB+ of threat intel

• 1.6M+ X-Force Exchange searches

• 35K+ App Exchange downloads

• 1M+ security documents read

• 10B+ security data elements

• 80K+ elements read per day

Pushing innovation

44 IBM Security

Security

Analytics

Threat

Hunting

Incident

Response

Threat

Intelligence

Build a Cognitive SOC

44

Security Operations and Response (SOAR)

45 IBM Security

Security Operations and Response: Build a Cognitive SOC

RESPONSE AND

ORCHESTRATION

Security Incident

Response #Resilient

Security

Orchestration#Resilient

External Threat

Monitoring Services

Easy to deploy,

integrates well with

IBM and third-party

solutions and services

via Apps

HIGH-VALUE

INSIGHTS

Risk and Vulnerability

Prioritization#QRadar

Governance,

Risk, and Compliance

Threat Actor and

Dark Web Intelligence#Watson

THREAT

INTELLIGENCE

Hunting and

Investigation Tools#i2

Threat Intelligence

Platform#X-Force #Watson for Cyber

NEAR SIEM

SECURITY ANALYTICSUser & Entity Behavior Analytics

#QRadar

Network

Analytics#QRadar

Focus value above Log

Management in Threat

Detection and Security

Operation and

Response Platform

EVENT

CORRELATION

SECURITY ANALYTICS

Security Information and Event Management

#QRadar

LOG COLLECTION

AND MANAGEMENT#QRadar

Traditional Log Management Solutions

(3rd Party)

Work seamlessly

with third-party LM

platforms when needed

NEW SECURITY

OPERATIONS TOOLS

Endpoint Detection

and Response (EDR)#BigFix

Network Forensics

and Anomaly Detection #Network Insights

Seamlessly integrate

with collection

infrastructure collection

and control points

Be

low

SIE

M L

aye

rA

bo

ve

46 IBM Security

Leverage an ecosystem of collaborative defenses

IBM Security App Exchange

https://www-03.ibm.com/security/engage/app-exchange/

47 IBM Security

Crowd-sourced sharing based on 700+TB of threat intelligence

IBM X-Force Exchange

https://exchange.xforce.ibmcloud.com/new

48 IBM Security

Billions ofData Elements

X-Force Exchange

Trusted partner feed

Other threat feeds

Open source

Breach replies

Attack write-ups

Best practices

Course of action

Research

Websites

Blogs

News

Massive Corpus

of Security Knowledge10B elements plus 4M added / hour

1.25M docs plus 15K added / day

Millions ofDocuments

How Watson for Cyber Security works

STRUCTURED DATA UNSTRUCTURED DATA WEB CRAWLER

5-10 updates / hour! 100K updates / week!

50 beta customers

140K+ web visits in 5 weeks

200+ trial requests

SEE THE BIG PICTURE

“QRadar Advisor enables us to truly

understand our risk and the needed

actions to mitigate a threat.”

ACT WITH SPEED & CONFIDENCE

“The QRadar Advisor results in the enhanced

context graph is a BIG savings in time versus

manual research.”

49 IBM Security

Revolutionize how security analysts work

Watson determines the specific campaign (Locky),

discovers more infected endpoints, and sends results

to the incident response team

IBM QRadar Advisor with Watson

https://www.ibm.com/us-en/marketplace/cognitive-security-analytics

50 IBM Security

Collaboratively respond in minutes

IBM Resilient Incident Response

http://www-03.ibm.com/software/products/en/resilient-incident-response-platform-enterprise

51 IBM Security

Detect abnormal behavior in one click

IBM QRadar User Behavior Analytics

http://www-03.ibm.com/software/products/en/qradar-user-behavior-analytics

52 IBM Security

Endpoint Detection, Response, and Remediation in ONE solution

IBM BigFix Detect

https://www.ibm.com/us-en/marketplace/bigfix-detect

53 IBM Security

IBM Security invests in best-of-breed solutions

Incidentresponse

Cloud-enabledidentity management

Identity governance

Application security

Risk management

Data management

Security services and network security

Database monitoringand protection

Application security

SOA management and security

“…IBM Security is making all the right moves...”Forbes

2011 2012 2013 2014 2015 20162005 2006 2007 2008 2009 20102002

IBM SecuritySystems

IBM SecurityServices

Identity management

Directory integration

Enterprisesingle-sign-on

Endpoint managementand security

Security Intelligence

Advanced fraud protection

Secure mobile mgmt.

CyberTap

54 IBM Security

Industry analysts rank IBM Security

DOMAIN SEGMENT MARKET SEGMENT / REPORTANALYST

RANKINGS

Security Operations and Response

Security Intelligence Security Information and Event Management (SIEM) LEADER

Network and Endpoint Protection

Intrusion Prevention Systems (IPS) LEADER

Endpoint: Client Management Tools LEADER

Endpoint Protection Platforms (EPP) Strong Performer

Information Risk

and Protection

Identity Governance

and Access

Management

Federated Identity Management and Single Sign-On LEADER

Identity and Access Governance LEADER

Identity and Access Management as a Service (IDaaS) LEADER

Web Access Management (WAM) LEADER

Mobile Access Management LEADER

Identity Provisioning Management LEADER

Data Security Data Masking LEADER

Application Security Application Security Testing (dynamic and static) LEADER

Mobile Protection Enterprise Mobility Management (MaaS360) LEADER

Fraud Protection Web Fraud Detection (Trusteer) LEADER

Security

Transformation

Services

Consulting and

Managed Services

Managed Security Services (MSS) LEADER

Information Security Consulting Services LEADER

V2016-06-16Note: This is a collective view of top analyst rankings, compiled as of August, 2016

55 IBM Security

Adaptive integration with ecosystem partners

Ready for IBM Security Intelligence

IBM PartnerWorld100+ ecosystem partners, 500+ QRadar integrations

56 IBM Security

A Global Leader in Enterprise Security

• #1 in enterprise security

software and services*

• 7,500+ people

• 12,000+ customers

• 133 countries

• 3,500+ security patents

• 19 acquisitions since 2002*According to Technology Business Research, Inc. (TBR) 2016

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,

express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products

and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service

marks of others.

Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your

enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.

No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,

products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products

or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

ibm.com/security

securityintelligence.com

xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

FOLLOW US ON:

THANK YOU

Smarter Cyber security with IBM Solution - ETDA. Smarter... · QRadar Incident Forensics SECURITY...

Documents

Transcript of Smarter Cyber security with IBM Solution - ETDA. Smarter... · QRadar Incident Forensics SECURITY...