If you are a managed services provider (MSP), you know that one of the major challenges of providing cloud-based security intelligence or security information and event management (SIEM) is that one particular formula doesn’t fit all. You are serving clients in a rapidly evolving market space, which requires different combinations of on-premises and in-cloud equipment; deployment and management skills; and flexible licensing terms to meet budget expectations. Solely offering the standard options invites competition in a way similar to what we’ve seen in the fast-food industry.

Flexibility Reigns Supreme Across Industries

I grew up in the Midwest and so had exposure to the golden arches earlier than people in other parts of the country. Back then, getting a burger, fries and a shake in a few minutes outweighed the fact that you couldn’t customize your sandwich. The problem was easily solved because kids like me almost universally took off the toppings they didn’t like before devouring the hamburger. Moms didn’t object much either since they didn’t have to cook, and everyone seemed happy. But then a rival came to town and started offering some flexibility. Now kids could get a bigger cheeseburger with just the ketchup — minus the pickle and any other toppings that they did not like.

Flexibility grew the market for fast food, and technology vendors who can offer flexible licensing terms to an IT security managed services provider will similarly grow the market for cloud-based security intelligence solutions. As an MSP, you want to offer leadership technology and back it with customized services focused on specific use cases. IBM Security already has dozens of worldwide MSP partners delivering the QRadar Security Intelligence Platform to end user organizations — dating back to late 2013 — using a variety of licensing and delivery terms, typically packaged as a recurring monthly operating expense. Our MSP partners know their markets and can adapt QRadar to serve a variety of compliance and advanced threat detection requirements.

IBM Security uses something we call Application-Specific Licensing (ASL) to offer you terms and conditions to help QRadar fit within your specific business model. These flexible license terms provide access to fundamental, market-leading technology, allowing business partners to perform the day-to-day management of their client’s security operations centers. What platform components are used, how end clients are billed and even what IBM receives are all subject to negotiation.

Watch the on-demand webinar: Extend Your Market Reach with IBM Security QRadar for the MSP

Evolving as a Managed Services Provider

The next release of QRadar includes two new important technologies to improve the efficiency and utilization of your resources. Until now, QRadar offered a single-tenant architecture, guaranteeing dedicated infrastructural resources and data segregation to each supervised environment. For many prospective clients of an MSP, this was and will continue to be an important comfort factor in the adoption of cloud-based security technology; however, the new release will add multitenancy capabilities. An MSP with its own cloud infrastructure will now be able to increase the efficiency of its equipment and lower costs in much the same way that virtualization helped partition mainframe- and later Intel-based hardware resources.

QRadar will also be adding a master console capability so that you can aggregate multiple clients’ data onto a single screen. Not only will this help reduce the number of Web consoles required, but it will also highlight similar alerts and incidents occurring across different organizations in the same industry or those experiencing attacks and breaches due to a more widespread phishing campaign, Java exploit or distributed denial-of-service (DDoS) attack. The master console will help MSPs improve their visibility into client environments and accelerate the formation of remediation plans designed to contain fraud and data loss.

While fast-food tastes and preferences have changed over the years, successful businesses always put the client first. By offering our managed services provider partners flexibility, we are helping you provide an effective and efficient managed service offering.

more from Security Services

Controlling the Source: Abusing Source Code Management Systems

For full details on this research, see the X-Force Red whitepaper “Controlling the Source: Abusing Source Code Management Systems”. This material is also being presented at Black Hat USA 2022. Source Code Management (SCM) systems play a vital role within organizations and have been an afterthought in terms of defenses compared to other critical enterprise systems such as Active Directory.…

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however,…