IBM today said IBM Security QRadar Incident Forensics, its new software product designed as a module for the QRadar Security Intelligence Platform, will assist security teams retrace the step-by-step actions of cyber criminals.
The enterprise IT vendor said IBM Security QRadar Incident Forensics is a vital appliance for helping organizations diagnose and defend their data and enterprise networks against external attacks and unauthorized insider activities.
According to the IBM X-Force Threat Intelligence Quarterly to be released next week, in 2013, more than half a billion records of personally identifiable information were leaked through a number of attacks against strategic targets. By detecting malicious activity earlier, organizations can more quickly stop, or reduce the potential loss of data.
With the addition of IBM Security QRadar Incident Forensics, IBM clients can further strengthen their abilities to efficiently investigate security incidents and understand the impact of any suspicious activity. QRadar Incident Forensics provides a record of activity on the network, enabling organizations to retrace suspicious activity, provide alerts to growing concerns, and provide forensics search capabilities.
Brendan Hannigan, general manager of IBM Security Systems, said: “QRadar Incident Forensics further helps IT staff prevent emerging threats and better determine the impact of any intrusion.”
IBM Security QRadar Incident Forensics will help any member of an IT security team research security incidents or test for conditions associated with an observed attack pattern from an Internet threat intelligence feed such as X-Force.
In the second quarter of 2014, IBM will introduce new capabilities to help organizations better understand the threat landscape. IBM Advanced Cyberthreat Intelligence Service will provide customers with insight into the threat landscape, targeted attacks and attacker tools, tactics and practices, incorporating IBM’s own research with that of strategic partners specializing in threat visibility.
IBM is now allowing existing QRadar clients to test this solution as part of a beta program.