IBM® Security X-Force® Threat Intelligence adds dynamic Internet threat data to the analytical capabilities of IBM QRadar Security Intelligence Platform to help you gain more intelligent and accurate security enforcement.
Enriching QRadar threat analysis capabilities with up-to-the-minute data on Internet threats helps organizations see new threats more quickly, gain deeper insight and context, prioritize security incidents and prevent or minimize attacks.
IBM Security X-Force Threat Intelligence:
- Automatically feeds X-Force data into IBM QRadar Security Intelligence Platform analytics to provide deeper insight and greater protection
- Provides vulnerability coverage across a wide range of use cases to optimize the value of additional threat intelligence
- Uses IBM X-Force research to protect against the threat of attack through data collection efforts and an extensive knowledge base
Automatically feeds X-Force data into IBM QRadar Security Intelligence Platform analytics
- Delivers additional insight into and context for security situations that involve IP addresses of a suspicious nature
- Incorporates IP reputation data into QRadar rules, offenses and events
- Provides relative threat scoring, and automatically incorporates data into QRadar correlation and analysis functions
- Incorporates the latest X-Force security threat advisories and informational updates into the QRadar dashboard
Provides vulnerability coverage across a wide range of use cases
- A series of attempted logins from a dynamic range of IP addresses
- An anonymous proxy connection to a business partner portal
- A connection from a non-mail server with a known spam host
- A connection between an internal endpoint and a known “botnet” command and control
- Communication between an endpoint and a known malware distribution site
Uses IBM X-Force research to protect against the threat of attack
- Maintains and analyzes a known security vulnerabilities database with more than 70,000 entries
- Tracks billions of security incidents, monitors millions of spam and phishing attacks and has analyzed billions of web pages and images
- Maintains a global research footprint and collects data from multiple research sources
- Collaborates with businesses and governments, vertical sector information centers and global coordination centers
- Analyzes proof of concepts and public exploit code, and updates the IBM Internet Security Systems AlertCon resource center in near real time