Available for download from IBM X-Force Exchange, the Securonix App for IBM QRadar provides security analysts and response teams with threat dashboards powered by our advanced user and entity behavior analytics solution. Simply launch from inside your QRadar Security Intelligence Platform console by selecting the Securonix tab from your App menu.
The Securonix App opens to a Security Dashboard which ranks users, accounts, resources, and network addresses. From here you can quickly and easily drill down into the highest risk concerns within your organization and take action.
Security Analysts: Securonix uses advanced machine learning algorithms to detect anomalies and ranks the risk of these anomalies based on behavior based threat models. The Securonix App for IBM QRadar builds a baseline of what is considered “normal” for that user or entity and then alerts on behavior that is considered abnormal.
Response Teams: Respond to threats quickly as Securonix provides real-time alerting of incidents. Launch the Investigation workbench to gather deeper intelligence about the security event including user name, IP address, date, time, and severity of incident based on assigned risk scores. Use link analyze to launch investigation of other users with similar violations.
- Quickly focus on highest risk activities
- Track security trends of users and entities
- Comparison of users’ security incidents within a peer group(s)
- Only approved IBM QRadar users (role based) are allowed access to the Securonix data
- Sift through current and historical security data to profile users and entities
- View individual violations, drill down into details