International Business Machines
QRadar identifies abnormal activity by combining known threats and hackers' methods with real-time analysis of the traffic on the corporate IT infrastructure, the company said. For example, IBM said, it can detect when multiple failed logins to a database server are followed by a successful login and access to credit card information, followed by an upload to a questionable site.
Many corporations have been unable to create a security defense system because they have cobbled together technologies that are not integrated, creating a patchwork approach with loopholes that hackers can exploit, IBM said. “Trying to approach security with a piece-part approach simply doesn't work,” said Brendan Hannigan, general manager at IBM Security Systems. IBM is betting that a broadbased approach will appeal to companies and organizations looking to prevent threats before they happen. “These attacks don't come out of the blue,” Hannigan said. “No one walks into a bank and walks out with the crown jewels in one fell swoop. “They will spend a enormous amount of time and put in place the mechanisms to get the info they want,” he said, “and obviously they try to hide their trail and not set off security events.”
Taking care of the hackers?
Hannigan said IBM's X-Force threat feed monitored 13 billion security events per day, and “that could flag behavior from teams of attackers that may access networks through stealth means.”
Organizations are struggling to defend themselves against an onslaught of ever-evolving data breaches, such as theft of customer and employee information, credit card data and corporate intellectual property, IBM said.
Defense contractors such as Lockheed Martin Corp
U.S. FBI Director Robert Mueller said recently that cyberattacks against government agencies and businesses would surpass terrorism as a danger to the United States. That translates into an information security market that, according to research firm Gartner, will grow to $71 billion by 2015 from $55 billion last year.
In response, IBM organized its security portfolio into a security systems division last year and beefed it up with the acquisition of Q1 Labs in October. The company said 7,000 customers used its security products. Shares of IBM were up 0.3 percent at $194.05 in afternoon trading.