IBM launched its IBM Security App Exchange at the tail end of 2015, so it has been live for almost a year now. We always thought the App Exchange had significant potential, but we’ve been blown away by its success with our customers and other security vendors. We now have security information and event management (SIEM) customers imploring other vendors to provide a QRadar app as a prerequisite to joining their security operations. It has also helped IBM demonstrate its security immune system in a tangible way.

App Exchange Offers Market Insights

The program has been so successful that we passed our 12-month target for third-party vendors and apps on the Exchange after only seven months. We are currently seeing approximate monthly totals of:

  • 3,500 downloads;
  • 35,000 visits; and
  • 11,000 unique visitors.

These numbers illustrate the App Exchange’s value to IBM customers, partners and the overall market. We’ve also trained over 90 security vendors in app development and have a vibrant backlog of third-party and IBM apps that we are planning to launch over the next few months.

One thing that was clear from the outset was the wide variety of security operations that the apps are addressing. This offers some interesting insights into what products are hot in the security market. While the IBM Security App Exchange is product-agnostic, it is currently dominated by apps for the QRadar Security Intelligence Platform, followed by IBM BigFix and IBM X-Force. Because QRadar sits right in the center of organizations’ threat detection and response processes, most systems involved in security operations should interface with it in some way.

Since the App Exchange launched, we’ve added over 70 apps that fall into the following broad categories:

  • Visualizations;
  • Threat Intelligence;
  • User Behavior Analytics (UBA);
  • Incident Response;
  • Endpoint Detection and Response;
  • Hunting;
  • Compliance Use Cases; and
  • Other Threat Detection Use Cases.

High Demand for Use Cases

The first set of stats shows the relative number of apps on the App Exchange in each category. Apps that fall into the categories of Threat Detection Use Cases and Compliance Use Cases account for more than half the offerings. Demand is high because these are the first use cases that most organizations address when implementing security operations.

The third most common set of apps fall into the category of User Behavior Analytics. The market is piping hot for these apps due to the fact that more than 50 percent of threats fall into this category. Demand for apps that fall into the Threat Intelligence category is similarly high.

Download Ratios

The second set of stats show the relative ratio of app downloads in each category. Again, the top category is Threat Detection Use Cases. This is very closely followed by User Behavior Analytics, with both Visualizations and Threat Intelligence hot on its heels. It’s interesting that Visualizations ranks so high in downloads while the category includes a relatively small set of apps. This may represent an unmet need.

Of course, download statistics are skewed by the length of time some apps have been available on the App Exchange. QRadar UBA, for example, has only been available for four months, but is already the third most downloaded app. Some newer apps in the areas of Endpoint Detection and Response, Incident Response and Hunting, while low in volume and relative downloads, are growing quickly. It’ll be interesting to review this trend in another six months to a year.

Key Takeaways

In summary, the key insights we can take away from this data are:

  • Threat Detection Use Cases, Threat Intelligence and User Behavior Analytics are at the forefront of most security programs.
  • Organizations place great value in threat, risk and incident visualizations, and there may be unmet demand in this area.
  • Compliance use cases are still an important foundation.
  • We’re starting to see a real pickup in areas of Endpoint Detection and Response, Hunting and Incident Response.

That’s just a sampling of the insights we can draw from the App Exchange statistics. We’ll continue to track the App Exchange’s development and shine a light on what apps are gaining traction in the market. Stay tuned!

Visit the IBM Security App Exchange

More from Intelligence & Analytics

2022 Industry Threat Recap: Manufacturing

It seems like yesterday that industries were fumbling to understand the threats posed by post-pandemic economic and technological changes. While every disruption provides opportunities for positive change, it's hard to ignore the impact that global supply chains, rising labor costs, digital currency and environmental regulations have had on commerce worldwide. Many sectors are starting to see the light at the end of the tunnel. But 2022 has shown us that manufacturing still faces some dark clouds ahead when combatting persistent…

Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space

View Part 1, Introduction to New Space, and Part 2, Cybersecurity Threats in New Space, in this series. As we see in the previous article of this series discussing the cybersecurity threats in the New Space, space technology is advancing at an unprecedented rate — with new technologies being launched into orbit at an increasingly rapid pace. The need to ensure the security and safety of these technologies has never been more pressing. So, let’s discover a range of measures…

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

The 13 Costliest Cyberattacks of 2022: Looking Back

2022 has shaped up to be a pricey year for victims of cyberattacks. Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the loss of consumer trust will always be a risk after any significant attack. Let’s look at the 13 costliest cyberattacks of the past year and…