Q1 Labs Corporate Overview
The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010, 2009 Magic Quadrant Award-winning solutions: Family of next-generation Log Management, SIEM, Risk Management, Security Intelligence solutions Proven and growing rapidly: Thousands of customers worldwide Five-year average annual revenue growth of 70%+ Now part of IBM Security Systems: Unmatched security expertise and breadth of integrated capabilities 2
3 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the IT security and risk posture of an enterprise Security Intelligence provides actionable and comprehensive insight for managing risks and threats from protection and detection through remediation
Solving Customer Challenges with Total Security Intelligence 4 Detecting threats others miss Discovered Arm yourself 500 with hosts total with security Here intelligence You Have virus, which all other security products missed Consolidating data silos 2 Collect, Billion archive logs and and events analyze per day data reduced in one integrated to 25 high priority solution offenses Detecting insider fraud Trusted Next generation insider stealing SIEM with and identity destroying correlation key data Predicting risks against your business Automating Full life cycle the of policy compliance monitoring and risk and management evaluation for process network for and config. security change infrastructures the infrastructure Exceeding regulation mandates Real-time Automated monitoring data collection of all and network configuration activity, in audits addition to PCI mandates
Solutions for the Full Compliance and Security Intelligence Timeline 5
QRadar: The Most Intelligent, Integrated, Automated Security Intelligence Platform 6
Intelligent: Context & Correlation Drive Deepest Insight 7
Integrated: Unified Platform for Scale & Ease of Use Bolted Together Solution QRadar Integrated Solution Scale problems Non-integrated reporting & searching No local decisions Multi-product administration Duplicate log repositories Operational bottlenecks Highly scalable Common reporting & searching Distributed correlation Unified administration Logs stored once Total visibility 8
Automated: No need for additional staff 9 Auto-discovery of log sources, applications and assets Asset auto-grouping Centralized log mgmt Automated configuration audits Monitor Analyze Asset-based prioritization Auto-update of threats Auto-response Directed remediation Act Auto-tuning Auto-detect threats Thousands of pre-defined rules and role based reports Easy-to-use event filtering Advanced security analytics
QRadar Family: Built On a Common Foundation 10 Security Intelligence Solutions QRadar SIEM QRadar Log Manager QRadar QFlow QRadar VFlow QRadar Risk Manager Virtual Appliances Security Intelligence Operating System Reporting Engine Warehouse Workflow Analytics Engine Normalization Rules Engine Archival Real-Time Viewer Reporting API Forensics API LEEF AXIS Configuration NetFlow Offense Intelligent, Integrated, Automated One Console Security
11 Fully Integrated Security Intelligence Log Management Turnkey log management SME to Enterprise Upgradeable to enterprise SIEM SIEM Integrated log, threat, risk & compliance mgmt. Sophisticated event analytics Asset profiling and flow analytics Offense management and workflow Risk Management Predictive threat modeling & simulation Scalable configuration monitoring and audit Advanced threat visualization and impact analysis Network Activity & Anomaly Detection Network analytics Behavior and anomaly detection Fully integrated with SIEM Network and Application Visibility Layer 7 application monitoring Content capture Physical and virtual environments
12 Fully Integrated Security Intelligence Log Management Turnkey log management SME to Enterprise Upgradeable to enterprise SIEM One Console Security SIEM Integrated log, threat, risk & compliance mgmt. Sophisticated event analytics Asset profiling and flow analytics Offense management and workflow Risk Management Predictive threat modeling & simulation Scalable configuration monitoring and audit Advanced threat visualization and impact analysis Network Activity & Anomaly Detection Network analytics Behavior and anomaly detection Fully integrated with SIEM Network and Application Visibility Layer 7 application monitoring Content capture Physical and virtual environments Built on a Single Data Architecture
QRadar: The Most Intelligent, Integrated, Automated Security Intelligence Platform 13 Proactive threat management Identifies most critical anomalies Rapid, complete impact analysis Eliminates silos Highly scalable Flexible, future-proof Easy deployment Rapid time to value Operational efficiency
14 Top Reasons Customers Choose Q1 Labs 1. Most intelligent, integrated and automated solution 2. Most sophisticated threat analytics and compliance automation 3. Rapid time to value, with low staffing requirements 4. Easily scales as deployments and security data grow 5. Established market leadership with excellent support 6. Easy to do business with, backed by best channel relationships 7. IBM s unmatched security expertise and breadth of integrated capabilities
Thank You! Q1 Labs, Inc. 890 Winter Street, Suite 230, Waltham, MA 02451 USA 781-250-5800 email: info@q1labs.com
Organizations Need an Intelligent View of Their Security Posture Manual Automated 16 Basic Organizations employ perimeter protection, which regulates access and feeds manual reporting Reactive Proactive Optimized Organizations use predictive and automated security analytics to drive toward security intelligence Proficient Security is layered into the IT fabric and business operations
Security Intelligence is Enabling Progress to Optimized Security 17 Security Intelligence Optimized Role based analytics Identity governance Privileged user controls Security Intelligence: Information and event management Advanced correlation and deep analytics External threat research Data flow analytics Data governance Secure app engineering processes Fraud detection Advanced network monitoring Forensics / data mining Secure systems Proficient User provisioning Access mgmt Strong authentication Access monitoring Data loss prevention Application firewall Source code scanning Virtualization security Asset mgmt Endpoint / network security management Basic Centralized directory Encryption Access control Application scanning Perimeter security Anti-virus People Data Applications Infrastructure
18 IBM Security: Delivering Intelligence, Integration and Expertise across a Comprehensive Framework Only vendor in the market with end-to-end coverage of the security foundation $1.8B investment in innovative technologies 6K+ security engineers and consultants Award-winning X-Force research Largest vulnerability database in the industry Intelligence Integration Expertise
Intelligence: Leading Products and Services in Every Segment 19
Integration: Increasing Security, Collapsing Silos, and Reducing Complexity Increased Awareness and Accuracy Prevent advanced threats with real-time intelligence correlation across security domains Increase situational awareness by leveraging real-time feeds of X-Force Research and Global Threat Intelligence across IBM security products, such as QRadar SIEM and Network Security appliances Conduct complete incident investigations with unified identity, database, network and endpoint activity monitoring and log management Ease of Management Simplify risk management and decision-making with automated reporting though a unified console Enhance auditing and access capabilities by sharing Identity context across multiple IBM security products Build automated, customized application protection policies by feeding AppScan results into IBM Network Intrusion Prevention Systems Reduced Cost and Complexity Deliver faster deployment, increased value and lower TCO by working with a single strategic partner 20
Expertise: Unmatched Global Coverage & Security Awareness 21 WorldWide Managed Security Services Coverage 20,000+ devices under contract 3,700+ MSS clients worldwide 9B+ events managed per day 1,000+ security patents* 133 monitored countries (MSS) Security Operations Centers Security Research Centers Security Solution Development Centers Institute for Advanced Security Branches