SlideShare uma empresa Scribd logo

IBM Security Products: Intelligence, Integration, Expertise

S
Shwetank Jayaswal

A Comprehensive Framework for Any Environment from Mobile to Cloud to Social to Unknown Futures

TecnologiaNegócios
1 de 12
Baixar para ler offline
IBM Software IBM Security Products: Intelligence, Integration, Expertise A Comprehensive Framework for Any Environment from Mobile to Cloud to Social to Unknown Futures
2 IBM Security Products: Intelligence, Integration, Expertise Contents 2 A Hyper-Connected Business World 3 Security Intelligence for a New World 3 A Unique, Comprehensive Approach 5 Product Portfolio 10 Solutions for Today’s Challenges 12 Conclusion 12 For More Information Labeled “The Year of the Security Breach” by the IBM X-FORCE research and development team, 2011 was marked by a high volume of severe and varied security attacks. Attack Type 2011 Sampling of Security Incidents by Attack Type, Time and Impact conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses SQL Injection URL Tampering Spear Phishing 3rd Party Software DDoS SecureID Trojan Software Unknown Gaming Defense Entertainment Banking Central Government Entertainment National Police Central Government Entertainment Central Government Central Government Central Government Central Government Entertainment Central Government Entertainment Defense Defense IT Security IT Security IT Security Consulting Banking Consumer Electronics Marketing Services National Police State Police Gaming Consumer Electronics State Police National Police Consumer Electronics Central Government Central Government Central Government Central Government Gaming Consulting Defense Financial Market Agriculture Tele- communications Internet Services Consumer Electronics Heavy Industry Insurance Internet Services Apparel Gaming Central Government Gaming Gaming Gaming Gaming Gaming Gaming Government Consulting Online Services Online Services Size of circle estimates relative impact of breach in terms of cost to business Jan Feb March April May June July Aug Sep Oct Nov Dec A Hyper-Connected Business World In today’s era of big data, a fundamentally different approach is needed to secure the enterprise. The explosion of digital busi- ness information that is accessed from and stored on virtualized cloud and social platforms, instrumentation, and mobile devices that are part consumer part business, have created an overwhelmingly complex IT environment—with possible attack points nearly limitless. The most sophisticated adversaries are now perpetrating Advanced Persistent Threats, using focus and persistence to gain access to sensitive business information. These attacks utilize cutting-edge methodologies, can last indefinitely and are specifically targeted. The increased diversity of today’s threats has eroded the effectiveness of traditional IT defenses such as firewalls and antivirus—even bypassing these controls com- pletely in many cases. A new approach is required, one that balances protection with detection, and advanced technology with mature processes.
3IBM Software Security Intelligence for a New World In the era of big data, big data should be used to help secure the enterprise. Only those companies that have deployed solutions to monitor, correlate and analyze the massive amounts of real- time events being generated from a comprehensive, integrated security infrastructure as well as from a well-researched external threat feed have the capability to cost-effectively maintain an extremely strong security posture. IBM calls this Security Intelligence. In addition to helping detect and remediate breaches that might otherwise have been missed, organizations employing this approach can also: ●  ● Shift from a reactive state to a proactive approach that better aligns with business objectives ●  ● Enable their business to deploy innovation initiatives far faster than otherwise possible ●  ● Automate their compliance activities ●  ● Reduce staff requirements for security operations A Unique, Comprehensive Approach With leading products and services across segments and an overarching strategy based on three main tenets—Intelligence, Integration and Expertise—IBM is helping its customers work toward true Security Intelligence. Intelligence Human intelligence requires knowledge, information and the ability to analyze this information to reach conclusions. In the realm of enterprise security, this translates to needing visibility into relevant networks and infrastructures and external threat Moving from a reactive and manual approach to a proactive and automated approach gives the organization an optimized security posture based in Security Intelligence. Security Intelligence Reactive ProactiveManualAutomated O ptim ized Proficient Basic The integration of Security Intelligence, X-FORCE research and core protection assets helps close the coverage gaps left by point product approaches. Integrated Intelligence. Integrated Research. Integrated Protection. Security Intelligence People A pplications Advanced Research In frastructure Data Security Intelligence People A pplications Advanced Research I nfrastructure Data Security Intelligence People Applications Advanced Research I nfrastructure Data 3rd Party Ecosystem
4 IBM Security Products: Intelligence, Integration, Expertise intelligence, plus the real-time correlation and analytics capabili- ties to flag and remediate suspicious activities. IBM Security offers these capabilities: ●  ● Internal visibility: IBM Security Intelligence solutions analyze information from IBM and non-IBM products and services in real-time. They provide comprehensive analysis and insight across all four areas of security risk: people, data, applications and infrastructure. ●  ● External threat visibility: The IBM® X-FORCE® threat intelligence feed provides intelligence from one of the world’s largest repositories of threat and vulnerability insights and is based on the real-time monitoring of 13 billion security events per day. This insight can flag behavior that may be associated with Advanced Persistent Threats and a wide range of adversaries. ●  ● Pinpoint analysis in an age of big data: IBM Security Intelligence solutions can drill down to individual data elements to analyze and query diverse activity. They provide insight on network access at the periphery, external cloud services and mobile devices, database activity at the core of a business, and everywhere in between. Integration The integration of the comprehensive IBM portfolio of Security Intelligence, X-FORCE research and core protection assets helps reduce attackable loopholes that are inherent in patched-together point-product security platforms. It can also ease deployment, collapse data silos for easier compliance reporting and improved Security Intelligence, reduce complexity, and lower the cost of maintaining a strong security posture. Other cost-saving and security-improving capabilities include: ●  ● External and internal contextual information for breach detection, prediction and remediation ●  ● Automated device and software updates for researched vulnerabilities ●  ● Linking of authentication and authorization with suspicious database activity ●  ● Automated compliance and risk assessment activities Expertise With more than 5,500 researchers, developers and subject- matter experts engaged in security initiatives, IBM operates one of the world’s broadest enterprise security research and development and delivery organization. This comprises the award- winning IBM X-FORCE research and development team with one of the largest vulnerability databases in the industry, nine security operations centers, ten IBM Security Research centers, 15 Security Solutions Development Labs and the Institute for Advanced Security with chapters in the United States, Europe and Asia Pacific. IBM currently monitors more than 13 billion security events per day for its clients in more than 130 countries. IBM operates one of the world’s broadest security research and development and delivery operations. Security Operations Centers Costa Mesa, US Atlanta, US Atlanta, US Raleigh, US Haifa, IL Pune, IN Bangalore, IN Bangalore, IN New Delhi, IN Perth, AU Brisbane, AU Singapore, SG Taipei, TW Tokyo, JP Tokyo, JP Gold Coast, AU IAS, Asia Pacific Brussels, BE Atlanta, US Hortolândia, BR Austin, US Alamden, US Boulder, US Ottawa, CA Waltham, US Fredericton, CA Belfast, N IR Zurich, CH Delft, NL Herzliya, IL IAS, Europe Toronto, CA TJ Watson, US Detroit, US IAS, Americas Security Research Centers Security Solution Development Centers Institute for Advanced Security Branches
5IBM Software IBM has the consultants and expertise to help any company move toward optimized, integrated security controls with Security Intelligence. Product Portfolio The IBM Security Framework is designed to help ensure that the correct people have access to the correct assets at the correct times, that critical data is protected in transit and at rest, that emerging threats are identified to support breach identification and remediation, and that protection is provided across all IT resources. This integrated approach to enterprise security includes appliances, software products and managed services and is delivered by technical and risk consulting and implementation services. At the very core, however, resides the IBM product portfolio. Help prevent, detect and remediate security breaches and compliance risks. Challenge and Solutions Highlights IBM Security Intelligence products assist with: ●  ● Detecting threats: Arm yourself with comprehensive and accurate Security Intelligence. ●  ● Addressing compliance: Automate data collection and reporting for audits and risk assessment. ●  ● Detecting inside threats and fraud: Identify and understand suspicious user activity in context. ●  ● Predicting risks to your business: Proactively identify and prioritize security vulnerabilities and gaps. ●  ● Consolidating data silos: Collect, correlate and report on data in one integrated solution. Products A family of integrated security intelligence products based on next-generation security information and event management (SIEM) and log management includes: ●  ● QRadar® SIEM: Security information and event manage- ment encompassing log management, threat management and compliance management; sophisticated event and network flow correlation; and integrated behavioral analysis and network anomaly detection ●  ● QRadar Log Manager: Turnkey log management supporting hundreds of data sources out of the box, offering pre-packaged reports and dashboards and easy customization ●  ● QRadar Risk Manager: Security configuration monitoring and auditing; predictive threat modeling and simulation; and advanced threat visualization and impact analysis ●  ● QRadar Network Anomaly Detection: Anomaly detection of network traffic and real-time correlation of security and network data, built to enhance IBM Security SiteProtector™ System The IBM Security Framework provides a methodical and efficient approach to fulfilling security needs and meeting security challenges across the enterprise. IBM Security Framework ProfessionalServices CloudandManagedServices Software and Appliances Governance, Risk and Compliance Security Intelligence and Analytics Advanced Security and Threat Research Infrastructure Applications Data People Security Intelligence and Analytics 360 Degree View
6 IBM Security Products: Intelligence, Integration, Expertise ●  ● QRadar QFlow and VFlow Collectors: Integrated network traffic collection and content capture, including Layer 7 appli- cation analysis, for both physical and virtual environments People Track Plan Enforce Control, monitor and authenticate user access to protected data and applications. Challenges and Solutions Highlights IBM Security identity and access management products assist with: ●  ● Managing users and their access rights: Efficiently enroll, manage and terminate user profiles and access rights through- out the lifecycle. Flag expired accounts and role conflicts. ●  ● Streamlining/tracking user access to protected resources: Integrate lifecycle access rights with single sign-on and password management, and with access auditing and reports. Support strong authentication of devices for extra security. ●  ● Safeguarding access in cloud, mobile and software-as-a- service environments: Provide a common identity service for user provisioning, role-based access and federated identity. Centralize security management for user entitlements and policies. Products Integrated solutions that govern users’ access activities and privileges throughout their lifecycle include: ●  ● IBM Security Identity Manager: Automated and policy- based user identity management software that helps manage user accounts, access rights, permissions and passwords from their creation to termination across the IT environment ●  ● IBM Federated Identity Manager: User-centric, federated single sign-on for sharing information between trusted business partners and helping simplify application integration across distributed portal and mainframe environments ●  ● IBM Security Access Manager for Web: A hub for authen- tication and authorization of web and other applications, centralizing access management ●  ● IBM Security Access Manager for Enterprise Single Sign-On: Integrated authentication, access workflow automa- tion, user switching and audit reporting to help simplify, strengthen and track access ●  ● IBM Security Identity and Access Assurance: Automated management of user accounts, access permissions and passwords with convenient single sign-on to enterprise, web and cloud-based applications and resources Data Monitor Encrypt Assess Redact Help protect critical data assets across key control points without impacting productivity. Challenges and Solutions Highlights IBM data security products assist with: ●  ● Preventing data breaches: Monitor transactions without requiring changes to databases or applications. Create realistic test sets while masking sensitive data value. Encrypt regulated data to help prevent loss—particularly via theft of backups and media. Redact standalone or embedded unstructured sensitive data in forms and documents. ●  ● Maintaining the integrity of sensitive data: Compare all transactions to policy and block violations in real time. ●  ● Reducing the cost of compliance: Automate and centralize controls to streamline compliance validation. Products IBM InfoSphere® Guardium® offerings designed to help assure the privacy and integrity of trusted information in your data center include: ●  ● IBM InfoSphere Guardium Database Activity Monitoring: A simple, robust solution that helps prevent leakage of sensitive data from databases and files, maintaining the integrity of information in the data center and automating compliance controls across heterogeneous environments
7IBM Software ●  ● IBM InfoSphere Guardium Vulnerability Assessment: Automated detection of database vulnerabilities with priori- tized remedial actions across heterogeneous infrastructures ●  ● IBM InfoSphere Guardium Data Redaction: Protection designed to guard against unintentional disclosure for sensitive data in documents and forms by detecting and removing data from openly shared document versions ●  ● IBM InfoSphere Guardium Data Encryption: Enterprise data encryption without sacrificing application performance or creating key management complexity ●  ● IBM InfoSphere Optim™ Data Masking: Capabilities to de-identify confidential information to help protect privacy and support compliance initiatives ●  ● IBM Tivoli® Key Lifecycle Manager: Encryption key lifecycle management with centralized and strengthened pro- cesses that leverage the industry-standard Key Management Interoperability Protocol ●  ● IBM InfoSphere Discovery: A tool for identifying and docu- menting what data you have, where it is located and how it is linked across systems by intelligently capturing relationships and determining applied transformations and business rules ●  ● Controlling access to application data: Manage and enforce fine-grained entitlement and message security policy management. Products A full portfolio of solutions designed to protect your applications includes: ●  ● IBM Security AppScan® Standard: Automated web applica- tion security testing for IT security, auditors and penetration testers ●  ● IBM Security AppScan Enterprise: Enterprise-class applica- tion security testing and risk management with governance, collaboration and Security Intelligence ●  ● IBM Security AppScan Source: Static application security testing to identify vulnerabilities in web and mobile applica- tions during the development lifecycle ●  ● IBM Security Policy Manager: Capabilities for authoring application entitlements and fine-grained access control policies for distributed policy decisions based on identity, transaction and service/resource context ●  ● IBM WebSphere® DataPower® XML Security Gateway: An appliance-based solution providing real-time web services security and XML threat protection Infrastructure: Network Pre-emptive Fast Extensible Help keep applications secure, protected from malicious or fraudulent use, and hardened against attacks. Challenges and Solutions Highlights IBM application security products assist with: ●  ● Finding and remediating mobile and web vulnerabilities: Utilize static, dynamic, runtime and client-side analysis and correlate the results. ●  ● Building applications that are secure by design: Integrate security testing early and throughout the design process. Enable security and development teams to communicate effectively. Applications Protect Test Control Help provide security for the network core. Challenges and Solutions Highlights IBM network protection products assist with: ●  ● Keeping pace with emerging threats: Provide Network Intrusion Prevention with evolving threat protection powered by IBM X-FORCE, with its track record of addressing zero- day vulnerabilities.
8 IBM Security Products: Intelligence, Integration, Expertise ●  ● Balancing security and performance without disrupting business-critical applications and infrastructures: Get up to 20+ Gbps of inspected throughput with Network Intrusion Prevention to address the most demanding service quality requirements—without compromising breadth and depth of security. ●  ● Reducing infrastructure cost and complexity: Consolidate point solutions and reduce complexity through integration with other security solutions. ●  ● Protecting non-network assets quickly when new threats emerge: Help protect data, client, web and enterprise applica- tions with the extensible engine within IBM Security Network Intrusion Prevention System. Products IBM offerings for network infrastructure security include: ●  ● IBM Security Network Protection: Provides core threat protection combined with high levels of visibility and control related to network use to help reduce risk and conserve bandwidth ●  ● IBM Security Network Intrusion Prevention System: The core of any Network Intrusion Prevention strategy, providing appliance-based protection against a wide range of attacks that target the network infrastructure ●  ● IBM Security SiteProtector System: Centralized manage- ment for IBM Security Network Intrusion Prevention solutions, providing a single management point of control, security policy, analysis, alerting and reporting Help secure and manage distributed endpoints. Challenges and Solutions Highlights IBM endpoint management and security products assist with: ●  ● Maintaining continuous compliance for all endpoints, regardless of their location or connection: Deploy an intelligent agent to monitor and report on compliance status and automatically take corrective action when needed. ●  ● Achieving high patch compliance in a heterogeneous environment: Provide patching capabilities for Microsoft Windows, UNIX, Linux and Mac environments, and for mobile devices, from a single management console and a single management server. ●  ● Protecting endpoints with rapid response: Automatically identify rogue or misconfigured endpoints and identify/ remediate/quarantine endpoints experiencing an incident in minutes. ●  ● Streamlining compliance and risk-management efforts: Achieve automated and robust audit and compliance reporting with deep, proactive auditing of security configurations. ●  ● Securing virtualized endpoints: Get a single, centralized security view of physical and virtual server environments with automatic protection for virtual machines as they come online or move. Products IBM offerings that help protect distributed endpoints include: ●  ● IBM Endpoint Manager: Endpoint and security manage- ment combined into a single solution that enables visibility into and control of physical and virtual endpoints; rapid remediation, protection and reporting on endpoints in real time; and automation of time-intensive tasks across complex networks to help control costs while helping reduce risk and support compliance Infrastructure: Endpoints Assess Remediate Enforce Report
9IBM Software Leverage the mainframe as the enterprise security hub to help protect mission-critical production systems and data. Challenges and Solutions Highlights IBM mainframe security products assist with: ●  ● Verifying compliance manually, with alerts only after a problem occurs: Get real-time alerts on external threats, inappropriate data access or misconfiguration with automated compliance monitoring. Help prevent privileged-user abuse by blocking IBM Resource Access Control Facility (RACF®) commands in real time. ●  ● Coping with the complexity of identifying and analyzing threats in mainframe environments: Automatically analyze and report on mainframe security events and detect exposures. Monitor intruders. Identify misconfigurations. ●  ● Maintaining a highly skilled IT staff to provide manual mainframe security: Simplify administration with a Windows-based graphical user interface (GUI) for RACF administration. Products The IBM Security zSecure™ Suite, designed to provide infrastructure mainframe security, includes: ●  ● IBM Security zSecure Admin: Efficient and effective RACF administration using significantly fewer resources ●  ● IBM Security Virtual Server Protection for VMware: Protection for every layer of the virtual infrastructure with defense-in-depth, dynamic security with virtual machine rootkit detection, virtual infrastructure auditing and monitor- ing of network traffic through hypervisor integration ●  ● IBM Security Host Protection: Protection designed to guard against both internal and external threats for network assets including servers and desktops Infrastructure: Mainframe Compliance Administration Advanced Security and Threat Research ●  ● IBM Security zSecure Visual: Helping reduce the need for scarce, RACF-trained expertise through a Windows-based GUI for RACF administration ●  ● IBM Security zSecure CICS® Toolkit: Mainframe admin- istration from an IBM Customer Information Control System (CICS) environment, freeing up native-RACF resources ●  ● IBM Security zSecure Audit: Automatic analysis of and reporting on security events and detection of security exposures ●  ● IBM Security zSecure Alert: Real-time mainframe threat monitoring to monitor intruders and identify misconfigura- tions that could hamper compliance efforts ●  ● IBM Security zSecure Command Verifier: Policy enforce- ment to support compliance with company and regulatory policies by preventing erroneous commands ●  ● IBM Security zSecure Manager for RACF z/VM®: A user-friendly layer added to the mainframe that enables superior administration coupled with audit capabilities for z/VM RACF and Linux on IBM System z® The world-renowned IBM X-FORCE research and develop- ment team provides the foundation for the IBM preemptive approach to Internet security. This group of security experts focuses on researching and evaluating vulnerabilities and security issues, developing assessments and countermeasure technology for IBM products (updated in real-time via the X-FORCE Threat Intelligence Feed) and educating the public about emerging Internet threats and trends. IBM X-FORCE research and development is instrumental in helping protect IBM customers against threats. The X-FORCE vulnerability database contains more than 63,000 documented vulnerabilities, with detailed analysis of every notable public vulnerability disclosure since 1994. The IBM X-FORCE Trend and Risk Report, published bi-annually, is one of the oldest and most comprehensive security research reports of its kind. It dives deeply into security challenges, including threats, operational and development practices, and emerging trends.
10 IBM Security Products: Intelligence, Integration, Expertise Solutions for Today’s Challenges The IBM Security Framework of integrated products and services, built to deliver Security Intelligence, can be used to help secure today’s and tomorrow’s enterprise platforms against known and unknown threats. Today, the biggest security trends and challenges are: Mobile, Cloud, Big Data and Advanced Threats. Mobile Security The mobile device and tablet is rapidly becoming the primary productivity tool for business and its employees, providing flexible access to information anytime, anywhere. Unprotected endpoint devices are like open doors into sensitive information. Organizations should guard the data on those devices—whether the data is at rest or in motion over unsecured networks and infrastructure. IBM helps organizations embrace both company- and employee-owned mobile devices in a security-rich environment with capabilities including: ●  ● Device Security and Management: Helping protect the data and the device ●  ● Secure Access: Helping guard enterprise resources, data and applications ●  ● Application Security: Helping ensure safety for the design, development, testing, delivery, use and management of mobile applications ●  ● Security Intelligence: Delivering enterprise visibility and an adaptive mobile security posture Highlighted Specific Offerings: ●  ● IBM AppScan for mobile: Helps detect vulnerabilities in mobile web applications ●  ● IBM Security Access Manager for Mobile: Authenticates and authorizes users and their devices to access enterprise resources ●  ● IBM Endpoint Manager for Mobile Devices: Enforces device security configuration and enterprise management control Cloud Security Organizations are looking for cloud security solutions that pro- vide visibility, control, isolation and automation across multiple cloud infrastructures. Security solutions from IBM help create a cloud infrastructure that drives down costs and is just as dynamic as today’s business climate requires. IT departments can reduce and manage risks associated with cloud computing by: ●  ● Managing identities and single sign-on access across multiple cloud services ●  ● Monitoring access to shared databases ●  ● Scanning cloud-deployed web applications for the latest vulnerabilities ●  ● Helping defend cloud users and workloads from sophisticated network attacks ●  ● Monitoring cloud-based and traditional resources with a single, unified approach ●  ● Providing endpoint and patch management of virtualized machines for security compliance ●  ● Increasing the visibility and auditing of cloud activity within multi-tenant environments Highlighted Specific Offerings: ●  ● IBM Security Virtual Server Protection for VMware: Threat protection for every layer of the virtual infrastructure ●  ● IBM Tivoli Federated Identity Manager: Authentication to multiple cloud applications, inside and outside the enterprise, via a single identity ●  ● IBM Endpoint Manager: Efficient security and compliance for distributed cloud virtual platforms Big Data The explosion of enterprise data is both a significant challenge to manage and a significant opportunity to leverage for security insight. IBM solutions extract insight from an immense volume, variety and velocity of data—in context and beyond what was
11IBM Software previously possible. Data is the new currency of business. IBM can help protect this valuable asset and strengthen enterprise security by: ●  ● Correlating large amounts of system-generated data (for example, events, logs and network flows) from across silos, using integrated and intelligent security analytics to better predict and detect risks to the business ●  ● Helping reduce operational risk from threats facing structured (databases) and unstructured (documents) data to help prevent data loss and unauthorized access Highlighted Specific Offerings ●  ● QRadar Security Intelligence Platform: Integrated, automated security intelligence and analytics for the entire enterprise ●  ● IBM InfoSphere Guardium: Real-time database security and monitoring, fine-grained database auditing, automated compliance reporting Advanced Threats Organizations face increasing complexity in defending them- selves from skilled and determined adversaries. These attackers can target critical IT assets and public infrastructure using both sophisticated and off-the-shelf techniques to gain access. The challenge: no one solution is enough. Organizations must go beyond traditional patch-monitor-remediate processes and employ both continuous monitoring and layers of defense capable of working in concert with one another to identify, analyze and respond to targeted threats. IBM helps protect against advanced threats by: ●  ● Helping identify and defend against known and unknown attacks by combining network security, worldwide threat intelligence and advanced security analytics Highlighted Specific Offering ●  ● IBM Advanced Threat Protection Platform: Including IBM Security Network Intrusion Prevention System, IBM SiteProtector, QRadar Network Anomaly Detection and the IBM X-FORCE IP Reputation Feed –– Accesses X-FORCE intelligence through QRadar to help identify threats associated with malicious IP addresses –– Helps protect against network-based threats masked in common network traffic and helps prevent attackers from exploiting vulnerabilities at the network, host and application layers Gartner rates IBM Security in the Leaders Quadrant Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms, by French Caldwell, Tom Scholtz, John Hagerty, July 13, 2011 Magic Quadrant for User Administration/Provisioning, by Earl Perkins, Perry Carpenter, December 22, 2011 Magic Quadrant for Static Application Security Testing, by Joseph Feiman, Neil MacDonald, December 12, 2010 Magic Quadrant for Dynamic Application Security Testing, by Joseph Feiman, Neil MacDonald, December 17, 2011 Magic Quadrant for Security Information & Event Management, by Mark Nicolett, Kelly Kavanagh, May 24, 2012
WGB03004-USEN-00 © Copyright IBM Corporation 2012 IBM Corporation Software Group Route 100 Somers, NY 10589 Produced in the United States of America September 2012 IBM, the IBM logo, ibm.com, Tivoli, WebSphere, AppScan, Guardium, InfoSphere, RACF, and X-FORCE are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party. Please Recycle Conclusion In a world of big data, where information is the lifeblood of business and persistent attacks on enterprise data and IT assets have eroded the effectiveness of traditional IT defenses, a fundamentally new approach to security is needed. Such an approach must be based on three main tenets—Intelligence, Integration and Expertise—delivering the infrastructure visibil- ity, cross-organizational linkages and optimized controls necessary not only to help protect business-critical data but to support compliance activities. The IBM Security Framework delivers a unified approach to enterprise security that manages key functions ranging from threat detection to user access, compliance cost reduction and configuration management—and much more—all with a foundation in world-renowned research and development to help reduce the risk of today’s advanced threats. For more information To learn more about IBM Security, please contact your IBM representative or IBM Business Partner, or visit: ibm.com/security To join the Institute for Advanced Security, please visit: www.instituteforadvancedsecurity.com Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost-effective and strategic way possible. We’ll partner with credit-qualified clients to customize a financing solution to suit your business and development goals, enable effective cash management, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing

Recomendados

Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
Security in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everSecurity in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everEC-Council
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolioPatrick Bouillaud
 
Pivotal Role of HR in Cybersecurity
Pivotal Role of HR in CybersecurityPivotal Role of HR in Cybersecurity
Pivotal Role of HR in CybersecurityMatthew Rosenquist
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security StrategyCamilo Fandiño Gómez
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Janghyuck Choi
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 

Recomendados

Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligencewbesse
 
Peter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive SecurityPeter Allor - The New Era of Cognitive Security
Peter Allor - The New Era of Cognitive Securityscoopnewsgroup
 
Security in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everSecurity in the Cognitive Era: Why it matters more than ever
Security in the Cognitive Era: Why it matters more than everEC-Council
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolioPatrick Bouillaud
 
Pivotal Role of HR in Cybersecurity
Pivotal Role of HR in CybersecurityPivotal Role of HR in Cybersecurity
Pivotal Role of HR in CybersecurityMatthew Rosenquist
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security StrategyCamilo Fandiño Gómez
 
Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Ibm cognitive security_white_paper_04_2016
Ibm cognitive security_white_paper_04_2016Janghyuck Choi
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...IBM Security
 
PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Matthew Rosenquist
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data BreachesMatthew Rosenquist
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurityMatthew Rosenquist
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptxGovt. P.G. College Sendhwa, Barwani (M.P.)
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesJack Nichelson
 
IT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoIT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoMark John Lado, MIT
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingSPI Conference
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistMatthew Rosenquist
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
CCA study group
CCA study groupCCA study group
CCA study groupIIBA UK Chapter
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoMark John Lado, MIT
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanShwetank Jayaswal
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 
Australia part 2
Australia part 2Australia part 2
Australia part 2denisemjones
 
Australia part 6
Australia part 6Australia part 6
Australia part 6denisemjones
 

Mais conteúdo relacionado

Mais procurados

PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Matthew Rosenquist
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services OverviewCasey Lucas
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurityMatthew Rosenquist
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...IBM Security
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesJack Nichelson
 
IT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoIT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoMark John Lado, MIT
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDonald Tabone
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingSPI Conference
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...IBM Security
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistMatthew Rosenquist
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMatthew Rosenquist
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoMark John Lado, MIT
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanShwetank Jayaswal
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceIBM Security
 

Mais procurados (20)

PCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red HatPCM Vision 2019 Breakout: IBM | Red Hat
PCM Vision 2019 Breakout: IBM | Red Hat
 
Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016Securing the Cloud by Matthew Rosenquist 2016
Securing the Cloud by Matthew Rosenquist 2016
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
True Cost of Data Breaches
True Cost of Data BreachesTrue Cost of Data Breaches
True Cost of Data Breaches
 
2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity2014 the future evolution of cybersecurity
2014 the future evolution of cybersecurity
 
Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...Avoiding data breach using security intelligence and big data to stay out of ...
Avoiding data breach using security intelligence and big data to stay out of ...
 
Information security.pptx
Information security.pptxInformation security.pptx
Information security.pptx
 
Information Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your VulnerabilitiesInformation Security - Back to Basics - Own Your Vulnerabilities
Information Security - Back to Basics - Own Your Vulnerabilities
 
IT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John LadoIT Security and Management - Prelim Lessons by Mark John Lado
IT Security and Management - Prelim Lessons by Mark John Lado
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
The Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew RosenquistThe Future of Cyber Security - Matthew Rosenquist
The Future of Cyber Security - Matthew Rosenquist
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
Mergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of InterestMergers and Acquisition Security - Areas of Interest
Mergers and Acquisition Security - Areas of Interest
 
CCA study group
CCA study groupCCA study group
CCA study group
 
IT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John LadoIT Security and Management - Semi Finals by Mark John Lado
IT Security and Management - Semi Finals by Mark John Lado
 
IBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajanIBM security systems overview v1.0 - rohit nagarajan
IBM security systems overview v1.0 - rohit nagarajan
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 

Destaque

T.i.c angie informatica
T.i.c angie informaticaT.i.c angie informatica
T.i.c angie informaticaAngie Mojik
 
Pedagogía de la imagen.
Pedagogía de la imagen.Pedagogía de la imagen.
Pedagogía de la imagen.emilse2012
 
T.i.c angie informatica
T.i.c angie informaticaT.i.c angie informatica
T.i.c angie informaticaAngie Mojik
 

Destaque (7)

Australia part 2
Australia part 2Australia part 2
Australia part 2
 
Australia part 6
Australia part 6Australia part 6
Australia part 6
 
Australia part 1
Australia part 1Australia part 1
Australia part 1
 
T.i.c angie informatica
T.i.c angie informaticaT.i.c angie informatica
T.i.c angie informatica
 
Gita in 16 beautiful slides
Gita in 16 beautiful slidesGita in 16 beautiful slides
Gita in 16 beautiful slides
 
Pedagogía de la imagen.
Pedagogía de la imagen.Pedagogía de la imagen.
Pedagogía de la imagen.
 
T.i.c angie informatica
T.i.c angie informaticaT.i.c angie informatica
T.i.c angie informatica
 

Semelhante a IBM Security Products: Intelligence, Integration, Expertise

Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...IBM Security
 
An Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityAn Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityGerard McNamee
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckArrow ECS UK
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
Cognitive security
Cognitive securityCognitive security
Cognitive securityIqra khalil
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planetVincent Kwon
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsToño Herrera
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM Security
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to CyberthreatsIBM Security
 
IBM Immune System
IBM Immune SystemIBM Immune System
IBM Immune SystemLuke Kenny
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations centerCMR WORLD TECH
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 

Semelhante a IBM Security Products: Intelligence, Integration, Expertise (20)

Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
Security (Ignorance) Isn't Bliss: 5 Ways to Advance Security Decisions with T...
 
IBM X-Force Research
IBM X-Force ResearchIBM X-Force Research
IBM X-Force Research
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016
 
An Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to SecurityAn Integrated, Intelligent Approach to Security
An Integrated, Intelligent Approach to Security
 
Ibm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deckIbm security overview 2012 jan-18 sellers deck
Ibm security overview 2012 jan-18 sellers deck
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
IBM X-Force Research
IBM X-Force ResearchIBM X-Force Research
IBM X-Force Research
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
Introduction to Cybersecurity Fundamentals
Introduction to Cybersecurity FundamentalsIntroduction to Cybersecurity Fundamentals
Introduction to Cybersecurity Fundamentals
 
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Busin...
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune System
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
 
IBM Immune System
IBM Immune SystemIBM Immune System
IBM Immune System
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
 
Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017Blueliv Corporate Brochure 2017
Blueliv Corporate Brochure 2017
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Último (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

IBM Security Products: Intelligence, Integration, Expertise

  • 1. IBM Software IBM Security Products: Intelligence, Integration, Expertise A Comprehensive Framework for Any Environment from Mobile to Cloud to Social to Unknown Futures
  • 2. 2 IBM Security Products: Intelligence, Integration, Expertise Contents 2 A Hyper-Connected Business World 3 Security Intelligence for a New World 3 A Unique, Comprehensive Approach 5 Product Portfolio 10 Solutions for Today’s Challenges 12 Conclusion 12 For More Information Labeled “The Year of the Security Breach” by the IBM X-FORCE research and development team, 2011 was marked by a high volume of severe and varied security attacks. Attack Type 2011 Sampling of Security Incidents by Attack Type, Time and Impact conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses SQL Injection URL Tampering Spear Phishing 3rd Party Software DDoS SecureID Trojan Software Unknown Gaming Defense Entertainment Banking Central Government Entertainment National Police Central Government Entertainment Central Government Central Government Central Government Central Government Entertainment Central Government Entertainment Defense Defense IT Security IT Security IT Security Consulting Banking Consumer Electronics Marketing Services National Police State Police Gaming Consumer Electronics State Police National Police Consumer Electronics Central Government Central Government Central Government Central Government Gaming Consulting Defense Financial Market Agriculture Tele- communications Internet Services Consumer Electronics Heavy Industry Insurance Internet Services Apparel Gaming Central Government Gaming Gaming Gaming Gaming Gaming Gaming Government Consulting Online Services Online Services Size of circle estimates relative impact of breach in terms of cost to business Jan Feb March April May June July Aug Sep Oct Nov Dec A Hyper-Connected Business World In today’s era of big data, a fundamentally different approach is needed to secure the enterprise. The explosion of digital busi- ness information that is accessed from and stored on virtualized cloud and social platforms, instrumentation, and mobile devices that are part consumer part business, have created an overwhelmingly complex IT environment—with possible attack points nearly limitless. The most sophisticated adversaries are now perpetrating Advanced Persistent Threats, using focus and persistence to gain access to sensitive business information. These attacks utilize cutting-edge methodologies, can last indefinitely and are specifically targeted. The increased diversity of today’s threats has eroded the effectiveness of traditional IT defenses such as firewalls and antivirus—even bypassing these controls com- pletely in many cases. A new approach is required, one that balances protection with detection, and advanced technology with mature processes.
  • 3. 3IBM Software Security Intelligence for a New World In the era of big data, big data should be used to help secure the enterprise. Only those companies that have deployed solutions to monitor, correlate and analyze the massive amounts of real- time events being generated from a comprehensive, integrated security infrastructure as well as from a well-researched external threat feed have the capability to cost-effectively maintain an extremely strong security posture. IBM calls this Security Intelligence. In addition to helping detect and remediate breaches that might otherwise have been missed, organizations employing this approach can also: ●  ● Shift from a reactive state to a proactive approach that better aligns with business objectives ●  ● Enable their business to deploy innovation initiatives far faster than otherwise possible ●  ● Automate their compliance activities ●  ● Reduce staff requirements for security operations A Unique, Comprehensive Approach With leading products and services across segments and an overarching strategy based on three main tenets—Intelligence, Integration and Expertise—IBM is helping its customers work toward true Security Intelligence. Intelligence Human intelligence requires knowledge, information and the ability to analyze this information to reach conclusions. In the realm of enterprise security, this translates to needing visibility into relevant networks and infrastructures and external threat Moving from a reactive and manual approach to a proactive and automated approach gives the organization an optimized security posture based in Security Intelligence. Security Intelligence Reactive ProactiveManualAutomated O ptim ized Proficient Basic The integration of Security Intelligence, X-FORCE research and core protection assets helps close the coverage gaps left by point product approaches. Integrated Intelligence. Integrated Research. Integrated Protection. Security Intelligence People A pplications Advanced Research In frastructure Data Security Intelligence People A pplications Advanced Research I nfrastructure Data Security Intelligence People Applications Advanced Research I nfrastructure Data 3rd Party Ecosystem
  • 4. 4 IBM Security Products: Intelligence, Integration, Expertise intelligence, plus the real-time correlation and analytics capabili- ties to flag and remediate suspicious activities. IBM Security offers these capabilities: ●  ● Internal visibility: IBM Security Intelligence solutions analyze information from IBM and non-IBM products and services in real-time. They provide comprehensive analysis and insight across all four areas of security risk: people, data, applications and infrastructure. ●  ● External threat visibility: The IBM® X-FORCE® threat intelligence feed provides intelligence from one of the world’s largest repositories of threat and vulnerability insights and is based on the real-time monitoring of 13 billion security events per day. This insight can flag behavior that may be associated with Advanced Persistent Threats and a wide range of adversaries. ●  ● Pinpoint analysis in an age of big data: IBM Security Intelligence solutions can drill down to individual data elements to analyze and query diverse activity. They provide insight on network access at the periphery, external cloud services and mobile devices, database activity at the core of a business, and everywhere in between. Integration The integration of the comprehensive IBM portfolio of Security Intelligence, X-FORCE research and core protection assets helps reduce attackable loopholes that are inherent in patched-together point-product security platforms. It can also ease deployment, collapse data silos for easier compliance reporting and improved Security Intelligence, reduce complexity, and lower the cost of maintaining a strong security posture. Other cost-saving and security-improving capabilities include: ●  ● External and internal contextual information for breach detection, prediction and remediation ●  ● Automated device and software updates for researched vulnerabilities ●  ● Linking of authentication and authorization with suspicious database activity ●  ● Automated compliance and risk assessment activities Expertise With more than 5,500 researchers, developers and subject- matter experts engaged in security initiatives, IBM operates one of the world’s broadest enterprise security research and development and delivery organization. This comprises the award- winning IBM X-FORCE research and development team with one of the largest vulnerability databases in the industry, nine security operations centers, ten IBM Security Research centers, 15 Security Solutions Development Labs and the Institute for Advanced Security with chapters in the United States, Europe and Asia Pacific. IBM currently monitors more than 13 billion security events per day for its clients in more than 130 countries. IBM operates one of the world’s broadest security research and development and delivery operations. Security Operations Centers Costa Mesa, US Atlanta, US Atlanta, US Raleigh, US Haifa, IL Pune, IN Bangalore, IN Bangalore, IN New Delhi, IN Perth, AU Brisbane, AU Singapore, SG Taipei, TW Tokyo, JP Tokyo, JP Gold Coast, AU IAS, Asia Pacific Brussels, BE Atlanta, US Hortolândia, BR Austin, US Alamden, US Boulder, US Ottawa, CA Waltham, US Fredericton, CA Belfast, N IR Zurich, CH Delft, NL Herzliya, IL IAS, Europe Toronto, CA TJ Watson, US Detroit, US IAS, Americas Security Research Centers Security Solution Development Centers Institute for Advanced Security Branches
  • 5. 5IBM Software IBM has the consultants and expertise to help any company move toward optimized, integrated security controls with Security Intelligence. Product Portfolio The IBM Security Framework is designed to help ensure that the correct people have access to the correct assets at the correct times, that critical data is protected in transit and at rest, that emerging threats are identified to support breach identification and remediation, and that protection is provided across all IT resources. This integrated approach to enterprise security includes appliances, software products and managed services and is delivered by technical and risk consulting and implementation services. At the very core, however, resides the IBM product portfolio. Help prevent, detect and remediate security breaches and compliance risks. Challenge and Solutions Highlights IBM Security Intelligence products assist with: ●  ● Detecting threats: Arm yourself with comprehensive and accurate Security Intelligence. ●  ● Addressing compliance: Automate data collection and reporting for audits and risk assessment. ●  ● Detecting inside threats and fraud: Identify and understand suspicious user activity in context. ●  ● Predicting risks to your business: Proactively identify and prioritize security vulnerabilities and gaps. ●  ● Consolidating data silos: Collect, correlate and report on data in one integrated solution. Products A family of integrated security intelligence products based on next-generation security information and event management (SIEM) and log management includes: ●  ● QRadar® SIEM: Security information and event manage- ment encompassing log management, threat management and compliance management; sophisticated event and network flow correlation; and integrated behavioral analysis and network anomaly detection ●  ● QRadar Log Manager: Turnkey log management supporting hundreds of data sources out of the box, offering pre-packaged reports and dashboards and easy customization ●  ● QRadar Risk Manager: Security configuration monitoring and auditing; predictive threat modeling and simulation; and advanced threat visualization and impact analysis ●  ● QRadar Network Anomaly Detection: Anomaly detection of network traffic and real-time correlation of security and network data, built to enhance IBM Security SiteProtector™ System The IBM Security Framework provides a methodical and efficient approach to fulfilling security needs and meeting security challenges across the enterprise. IBM Security Framework ProfessionalServices CloudandManagedServices Software and Appliances Governance, Risk and Compliance Security Intelligence and Analytics Advanced Security and Threat Research Infrastructure Applications Data People Security Intelligence and Analytics 360 Degree View
  • 6. 6 IBM Security Products: Intelligence, Integration, Expertise ●  ● QRadar QFlow and VFlow Collectors: Integrated network traffic collection and content capture, including Layer 7 appli- cation analysis, for both physical and virtual environments People Track Plan Enforce Control, monitor and authenticate user access to protected data and applications. Challenges and Solutions Highlights IBM Security identity and access management products assist with: ●  ● Managing users and their access rights: Efficiently enroll, manage and terminate user profiles and access rights through- out the lifecycle. Flag expired accounts and role conflicts. ●  ● Streamlining/tracking user access to protected resources: Integrate lifecycle access rights with single sign-on and password management, and with access auditing and reports. Support strong authentication of devices for extra security. ●  ● Safeguarding access in cloud, mobile and software-as-a- service environments: Provide a common identity service for user provisioning, role-based access and federated identity. Centralize security management for user entitlements and policies. Products Integrated solutions that govern users’ access activities and privileges throughout their lifecycle include: ●  ● IBM Security Identity Manager: Automated and policy- based user identity management software that helps manage user accounts, access rights, permissions and passwords from their creation to termination across the IT environment ●  ● IBM Federated Identity Manager: User-centric, federated single sign-on for sharing information between trusted business partners and helping simplify application integration across distributed portal and mainframe environments ●  ● IBM Security Access Manager for Web: A hub for authen- tication and authorization of web and other applications, centralizing access management ●  ● IBM Security Access Manager for Enterprise Single Sign-On: Integrated authentication, access workflow automa- tion, user switching and audit reporting to help simplify, strengthen and track access ●  ● IBM Security Identity and Access Assurance: Automated management of user accounts, access permissions and passwords with convenient single sign-on to enterprise, web and cloud-based applications and resources Data Monitor Encrypt Assess Redact Help protect critical data assets across key control points without impacting productivity. Challenges and Solutions Highlights IBM data security products assist with: ●  ● Preventing data breaches: Monitor transactions without requiring changes to databases or applications. Create realistic test sets while masking sensitive data value. Encrypt regulated data to help prevent loss—particularly via theft of backups and media. Redact standalone or embedded unstructured sensitive data in forms and documents. ●  ● Maintaining the integrity of sensitive data: Compare all transactions to policy and block violations in real time. ●  ● Reducing the cost of compliance: Automate and centralize controls to streamline compliance validation. Products IBM InfoSphere® Guardium® offerings designed to help assure the privacy and integrity of trusted information in your data center include: ●  ● IBM InfoSphere Guardium Database Activity Monitoring: A simple, robust solution that helps prevent leakage of sensitive data from databases and files, maintaining the integrity of information in the data center and automating compliance controls across heterogeneous environments
  • 7. 7IBM Software ●  ● IBM InfoSphere Guardium Vulnerability Assessment: Automated detection of database vulnerabilities with priori- tized remedial actions across heterogeneous infrastructures ●  ● IBM InfoSphere Guardium Data Redaction: Protection designed to guard against unintentional disclosure for sensitive data in documents and forms by detecting and removing data from openly shared document versions ●  ● IBM InfoSphere Guardium Data Encryption: Enterprise data encryption without sacrificing application performance or creating key management complexity ●  ● IBM InfoSphere Optim™ Data Masking: Capabilities to de-identify confidential information to help protect privacy and support compliance initiatives ●  ● IBM Tivoli® Key Lifecycle Manager: Encryption key lifecycle management with centralized and strengthened pro- cesses that leverage the industry-standard Key Management Interoperability Protocol ●  ● IBM InfoSphere Discovery: A tool for identifying and docu- menting what data you have, where it is located and how it is linked across systems by intelligently capturing relationships and determining applied transformations and business rules ●  ● Controlling access to application data: Manage and enforce fine-grained entitlement and message security policy management. Products A full portfolio of solutions designed to protect your applications includes: ●  ● IBM Security AppScan® Standard: Automated web applica- tion security testing for IT security, auditors and penetration testers ●  ● IBM Security AppScan Enterprise: Enterprise-class applica- tion security testing and risk management with governance, collaboration and Security Intelligence ●  ● IBM Security AppScan Source: Static application security testing to identify vulnerabilities in web and mobile applica- tions during the development lifecycle ●  ● IBM Security Policy Manager: Capabilities for authoring application entitlements and fine-grained access control policies for distributed policy decisions based on identity, transaction and service/resource context ●  ● IBM WebSphere® DataPower® XML Security Gateway: An appliance-based solution providing real-time web services security and XML threat protection Infrastructure: Network Pre-emptive Fast Extensible Help keep applications secure, protected from malicious or fraudulent use, and hardened against attacks. Challenges and Solutions Highlights IBM application security products assist with: ●  ● Finding and remediating mobile and web vulnerabilities: Utilize static, dynamic, runtime and client-side analysis and correlate the results. ●  ● Building applications that are secure by design: Integrate security testing early and throughout the design process. Enable security and development teams to communicate effectively. Applications Protect Test Control Help provide security for the network core. Challenges and Solutions Highlights IBM network protection products assist with: ●  ● Keeping pace with emerging threats: Provide Network Intrusion Prevention with evolving threat protection powered by IBM X-FORCE, with its track record of addressing zero- day vulnerabilities.
  • 8. 8 IBM Security Products: Intelligence, Integration, Expertise ●  ● Balancing security and performance without disrupting business-critical applications and infrastructures: Get up to 20+ Gbps of inspected throughput with Network Intrusion Prevention to address the most demanding service quality requirements—without compromising breadth and depth of security. ●  ● Reducing infrastructure cost and complexity: Consolidate point solutions and reduce complexity through integration with other security solutions. ●  ● Protecting non-network assets quickly when new threats emerge: Help protect data, client, web and enterprise applica- tions with the extensible engine within IBM Security Network Intrusion Prevention System. Products IBM offerings for network infrastructure security include: ●  ● IBM Security Network Protection: Provides core threat protection combined with high levels of visibility and control related to network use to help reduce risk and conserve bandwidth ●  ● IBM Security Network Intrusion Prevention System: The core of any Network Intrusion Prevention strategy, providing appliance-based protection against a wide range of attacks that target the network infrastructure ●  ● IBM Security SiteProtector System: Centralized manage- ment for IBM Security Network Intrusion Prevention solutions, providing a single management point of control, security policy, analysis, alerting and reporting Help secure and manage distributed endpoints. Challenges and Solutions Highlights IBM endpoint management and security products assist with: ●  ● Maintaining continuous compliance for all endpoints, regardless of their location or connection: Deploy an intelligent agent to monitor and report on compliance status and automatically take corrective action when needed. ●  ● Achieving high patch compliance in a heterogeneous environment: Provide patching capabilities for Microsoft Windows, UNIX, Linux and Mac environments, and for mobile devices, from a single management console and a single management server. ●  ● Protecting endpoints with rapid response: Automatically identify rogue or misconfigured endpoints and identify/ remediate/quarantine endpoints experiencing an incident in minutes. ●  ● Streamlining compliance and risk-management efforts: Achieve automated and robust audit and compliance reporting with deep, proactive auditing of security configurations. ●  ● Securing virtualized endpoints: Get a single, centralized security view of physical and virtual server environments with automatic protection for virtual machines as they come online or move. Products IBM offerings that help protect distributed endpoints include: ●  ● IBM Endpoint Manager: Endpoint and security manage- ment combined into a single solution that enables visibility into and control of physical and virtual endpoints; rapid remediation, protection and reporting on endpoints in real time; and automation of time-intensive tasks across complex networks to help control costs while helping reduce risk and support compliance Infrastructure: Endpoints Assess Remediate Enforce Report
  • 9. 9IBM Software Leverage the mainframe as the enterprise security hub to help protect mission-critical production systems and data. Challenges and Solutions Highlights IBM mainframe security products assist with: ●  ● Verifying compliance manually, with alerts only after a problem occurs: Get real-time alerts on external threats, inappropriate data access or misconfiguration with automated compliance monitoring. Help prevent privileged-user abuse by blocking IBM Resource Access Control Facility (RACF®) commands in real time. ●  ● Coping with the complexity of identifying and analyzing threats in mainframe environments: Automatically analyze and report on mainframe security events and detect exposures. Monitor intruders. Identify misconfigurations. ●  ● Maintaining a highly skilled IT staff to provide manual mainframe security: Simplify administration with a Windows-based graphical user interface (GUI) for RACF administration. Products The IBM Security zSecure™ Suite, designed to provide infrastructure mainframe security, includes: ●  ● IBM Security zSecure Admin: Efficient and effective RACF administration using significantly fewer resources ●  ● IBM Security Virtual Server Protection for VMware: Protection for every layer of the virtual infrastructure with defense-in-depth, dynamic security with virtual machine rootkit detection, virtual infrastructure auditing and monitor- ing of network traffic through hypervisor integration ●  ● IBM Security Host Protection: Protection designed to guard against both internal and external threats for network assets including servers and desktops Infrastructure: Mainframe Compliance Administration Advanced Security and Threat Research ●  ● IBM Security zSecure Visual: Helping reduce the need for scarce, RACF-trained expertise through a Windows-based GUI for RACF administration ●  ● IBM Security zSecure CICS® Toolkit: Mainframe admin- istration from an IBM Customer Information Control System (CICS) environment, freeing up native-RACF resources ●  ● IBM Security zSecure Audit: Automatic analysis of and reporting on security events and detection of security exposures ●  ● IBM Security zSecure Alert: Real-time mainframe threat monitoring to monitor intruders and identify misconfigura- tions that could hamper compliance efforts ●  ● IBM Security zSecure Command Verifier: Policy enforce- ment to support compliance with company and regulatory policies by preventing erroneous commands ●  ● IBM Security zSecure Manager for RACF z/VM®: A user-friendly layer added to the mainframe that enables superior administration coupled with audit capabilities for z/VM RACF and Linux on IBM System z® The world-renowned IBM X-FORCE research and develop- ment team provides the foundation for the IBM preemptive approach to Internet security. This group of security experts focuses on researching and evaluating vulnerabilities and security issues, developing assessments and countermeasure technology for IBM products (updated in real-time via the X-FORCE Threat Intelligence Feed) and educating the public about emerging Internet threats and trends. IBM X-FORCE research and development is instrumental in helping protect IBM customers against threats. The X-FORCE vulnerability database contains more than 63,000 documented vulnerabilities, with detailed analysis of every notable public vulnerability disclosure since 1994. The IBM X-FORCE Trend and Risk Report, published bi-annually, is one of the oldest and most comprehensive security research reports of its kind. It dives deeply into security challenges, including threats, operational and development practices, and emerging trends.
  • 10. 10 IBM Security Products: Intelligence, Integration, Expertise Solutions for Today’s Challenges The IBM Security Framework of integrated products and services, built to deliver Security Intelligence, can be used to help secure today’s and tomorrow’s enterprise platforms against known and unknown threats. Today, the biggest security trends and challenges are: Mobile, Cloud, Big Data and Advanced Threats. Mobile Security The mobile device and tablet is rapidly becoming the primary productivity tool for business and its employees, providing flexible access to information anytime, anywhere. Unprotected endpoint devices are like open doors into sensitive information. Organizations should guard the data on those devices—whether the data is at rest or in motion over unsecured networks and infrastructure. IBM helps organizations embrace both company- and employee-owned mobile devices in a security-rich environment with capabilities including: ●  ● Device Security and Management: Helping protect the data and the device ●  ● Secure Access: Helping guard enterprise resources, data and applications ●  ● Application Security: Helping ensure safety for the design, development, testing, delivery, use and management of mobile applications ●  ● Security Intelligence: Delivering enterprise visibility and an adaptive mobile security posture Highlighted Specific Offerings: ●  ● IBM AppScan for mobile: Helps detect vulnerabilities in mobile web applications ●  ● IBM Security Access Manager for Mobile: Authenticates and authorizes users and their devices to access enterprise resources ●  ● IBM Endpoint Manager for Mobile Devices: Enforces device security configuration and enterprise management control Cloud Security Organizations are looking for cloud security solutions that pro- vide visibility, control, isolation and automation across multiple cloud infrastructures. Security solutions from IBM help create a cloud infrastructure that drives down costs and is just as dynamic as today’s business climate requires. IT departments can reduce and manage risks associated with cloud computing by: ●  ● Managing identities and single sign-on access across multiple cloud services ●  ● Monitoring access to shared databases ●  ● Scanning cloud-deployed web applications for the latest vulnerabilities ●  ● Helping defend cloud users and workloads from sophisticated network attacks ●  ● Monitoring cloud-based and traditional resources with a single, unified approach ●  ● Providing endpoint and patch management of virtualized machines for security compliance ●  ● Increasing the visibility and auditing of cloud activity within multi-tenant environments Highlighted Specific Offerings: ●  ● IBM Security Virtual Server Protection for VMware: Threat protection for every layer of the virtual infrastructure ●  ● IBM Tivoli Federated Identity Manager: Authentication to multiple cloud applications, inside and outside the enterprise, via a single identity ●  ● IBM Endpoint Manager: Efficient security and compliance for distributed cloud virtual platforms Big Data The explosion of enterprise data is both a significant challenge to manage and a significant opportunity to leverage for security insight. IBM solutions extract insight from an immense volume, variety and velocity of data—in context and beyond what was
  • 11. 11IBM Software previously possible. Data is the new currency of business. IBM can help protect this valuable asset and strengthen enterprise security by: ●  ● Correlating large amounts of system-generated data (for example, events, logs and network flows) from across silos, using integrated and intelligent security analytics to better predict and detect risks to the business ●  ● Helping reduce operational risk from threats facing structured (databases) and unstructured (documents) data to help prevent data loss and unauthorized access Highlighted Specific Offerings ●  ● QRadar Security Intelligence Platform: Integrated, automated security intelligence and analytics for the entire enterprise ●  ● IBM InfoSphere Guardium: Real-time database security and monitoring, fine-grained database auditing, automated compliance reporting Advanced Threats Organizations face increasing complexity in defending them- selves from skilled and determined adversaries. These attackers can target critical IT assets and public infrastructure using both sophisticated and off-the-shelf techniques to gain access. The challenge: no one solution is enough. Organizations must go beyond traditional patch-monitor-remediate processes and employ both continuous monitoring and layers of defense capable of working in concert with one another to identify, analyze and respond to targeted threats. IBM helps protect against advanced threats by: ●  ● Helping identify and defend against known and unknown attacks by combining network security, worldwide threat intelligence and advanced security analytics Highlighted Specific Offering ●  ● IBM Advanced Threat Protection Platform: Including IBM Security Network Intrusion Prevention System, IBM SiteProtector, QRadar Network Anomaly Detection and the IBM X-FORCE IP Reputation Feed –– Accesses X-FORCE intelligence through QRadar to help identify threats associated with malicious IP addresses –– Helps protect against network-based threats masked in common network traffic and helps prevent attackers from exploiting vulnerabilities at the network, host and application layers Gartner rates IBM Security in the Leaders Quadrant Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms, by French Caldwell, Tom Scholtz, John Hagerty, July 13, 2011 Magic Quadrant for User Administration/Provisioning, by Earl Perkins, Perry Carpenter, December 22, 2011 Magic Quadrant for Static Application Security Testing, by Joseph Feiman, Neil MacDonald, December 12, 2010 Magic Quadrant for Dynamic Application Security Testing, by Joseph Feiman, Neil MacDonald, December 17, 2011 Magic Quadrant for Security Information & Event Management, by Mark Nicolett, Kelly Kavanagh, May 24, 2012
  • 12. WGB03004-USEN-00 © Copyright IBM Corporation 2012 IBM Corporation Software Group Route 100 Somers, NY 10589 Produced in the United States of America September 2012 IBM, the IBM logo, ibm.com, Tivoli, WebSphere, AppScan, Guardium, InfoSphere, RACF, and X-FORCE are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at ibm.com/legal/copytrade.shtml Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both. Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates. THE INFORMATION IN THIS DOCUMENT IS PROVIDED “AS IS” WITHOUT ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING WITHOUT ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT. IBM products are warranted according to the terms and conditions of the agreements under which they are provided. IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that systems and products are immune from the malicious or illegal conduct of any party. Please Recycle Conclusion In a world of big data, where information is the lifeblood of business and persistent attacks on enterprise data and IT assets have eroded the effectiveness of traditional IT defenses, a fundamentally new approach to security is needed. Such an approach must be based on three main tenets—Intelligence, Integration and Expertise—delivering the infrastructure visibil- ity, cross-organizational linkages and optimized controls necessary not only to help protect business-critical data but to support compliance activities. The IBM Security Framework delivers a unified approach to enterprise security that manages key functions ranging from threat detection to user access, compliance cost reduction and configuration management—and much more—all with a foundation in world-renowned research and development to help reduce the risk of today’s advanced threats. For more information To learn more about IBM Security, please contact your IBM representative or IBM Business Partner, or visit: ibm.com/security To join the Institute for Advanced Security, please visit: www.instituteforadvancedsecurity.com Additionally, IBM Global Financing can help you acquire the software capabilities that your business needs in the most cost-effective and strategic way possible. We’ll partner with credit-qualified clients to customize a financing solution to suit your business and development goals, enable effective cash management, and improve your total cost of ownership. Fund your critical IT investment and propel your business forward with IBM Global Financing. For more information, visit: ibm.com/financing