Light Dark
November 22, 2016 By Chris Meenan 3 min read
Intelligence & Analytics
Threat Intelligence
X-Force

IBM launched its IBM Security App Exchange at the tail end of 2015, so it has been live for almost a year now. We always thought the App Exchange had significant potential, but we’ve been blown away by its success with our customers and other security vendors. We now have security information and event management (SIEM) customers imploring other vendors to provide a QRadar app as a prerequisite to joining their security operations. It has also helped IBM demonstrate its security immune system in a tangible way.

App Exchange Offers Market Insights

The program has been so successful that we passed our 12-month target for third-party vendors and apps on the Exchange after only seven months. We are currently seeing approximate monthly totals of:

  • 3,500 downloads;
  • 35,000 visits; and
  • 11,000 unique visitors.

These numbers illustrate the App Exchange’s value to IBM customers, partners and the overall market. We’ve also trained over 90 security vendors in app development and have a vibrant backlog of third-party and IBM apps that we are planning to launch over the next few months.

One thing that was clear from the outset was the wide variety of security operations that the apps are addressing. This offers some interesting insights into what products are hot in the security market. While the IBM Security App Exchange is product-agnostic, it is currently dominated by apps for the QRadar Security Intelligence Platform, followed by IBM BigFix and IBM X-Force. Because QRadar sits right in the center of organizations’ threat detection and response processes, most systems involved in security operations should interface with it in some way.

Since the App Exchange launched, we’ve added over 70 apps that fall into the following broad categories:

  • Visualizations;
  • Threat Intelligence;
  • User Behavior Analytics (UBA);
  • Incident Response;
  • Endpoint Detection and Response;
  • Hunting;
  • Compliance Use Cases; and
  • Other Threat Detection Use Cases.

High Demand for Use Cases

The first set of stats shows the relative number of apps on the App Exchange in each category. Apps that fall into the categories of Threat Detection Use Cases and Compliance Use Cases account for more than half the offerings. Demand is high because these are the first use cases that most organizations address when implementing security operations.

The third most common set of apps fall into the category of User Behavior Analytics. The market is piping hot for these apps due to the fact that more than 50 percent of threats fall into this category. Demand for apps that fall into the Threat Intelligence category is similarly high.

Download Ratios

The second set of stats show the relative ratio of app downloads in each category. Again, the top category is Threat Detection Use Cases. This is very closely followed by User Behavior Analytics, with both Visualizations and Threat Intelligence hot on its heels. It’s interesting that Visualizations ranks so high in downloads while the category includes a relatively small set of apps. This may represent an unmet need.

Of course, download statistics are skewed by the length of time some apps have been available on the App Exchange. QRadar UBA, for example, has only been available for four months, but is already the third most downloaded app. Some newer apps in the areas of Endpoint Detection and Response, Incident Response and Hunting, while low in volume and relative downloads, are growing quickly. It’ll be interesting to review this trend in another six months to a year.

Key Takeaways

In summary, the key insights we can take away from this data are:

  • Threat Detection Use Cases, Threat Intelligence and User Behavior Analytics are at the forefront of most security programs.
  • Organizations place great value in threat, risk and incident visualizations, and there may be unmet demand in this area.
  • Compliance use cases are still an important foundation.
  • We’re starting to see a real pickup in areas of Endpoint Detection and Response, Hunting and Incident Response.

That’s just a sampling of the insights we can draw from the App Exchange statistics. We’ll continue to track the App Exchange’s development and shine a light on what apps are gaining traction in the market. Stay tuned!

Visit the IBM Security App Exchange

 |  |  |  | 
Chris Meenan
VP, Product Management, IBM Security

More from Intelligence & Analytics
September 5, 2024

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

August 21, 2024

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature