IBM Unveils QRadar Threat Analytics System

IBM boffins have come up with a new system of threat analytics to help spot suspicious traffic on corporate networks.

The firm notes that security risks are far more wide ranging these days, with enterprises opening up networks to smartphone and tablet access, and the likes of social media. As a result, traditional firewalls and security software are looking less adequate in terms of protection.

The company points to an IBM X-Force Trend and Risk Report from last year, which showed that social engineering attacks were ramped up, along with a 19 per cent increase in mobile exploits.

IBM has developed a solution to deal with more advanced threats, namely the QRadar Network Anomaly Detection appliance. This analyses network activity in real-time, pinpointing any abnormalities which fall outside normal behaviour, sifting through both inbound and outbound traffic. Furthermore, it quantifies risk factors, and the value of potentially targeted resources.

Marc van Zadelhoff, vice president of Strategy and Product Management, IBM Security Systems, commented: "Advanced attackers are both patient and clever, leaving just a whisper of their presence, and evading many network protection and detection approaches."

"Most organizations don't even know they have been infected by malware. An advantage of IBM analytics is that it can detect the harbingers of new attacks from the outside or reveal covert malicious activity from the inside."

The new QRadar appliance is set to go live this quarter, and leverages the QRadar Security Intelligence Platform, plus it receives threat intelligence from IBM X-Force research. It's designed to complement IBM SiteProtector and IBM Security Network IPS deployments.