Conventional IT management calls for a means to visualize all activity, from the network and data center to the cloud, devices, users, apps and everything between. Without a security information and event management (SIEM) solution such as IBM QRadar, this challenge is nearly insurmountable.
Unprecedented Levels of Mobile Threats
Featuring 35 apps on the IBM Security App Exchange, IBM Security QRadar makes it easy for organizations to keep activity flowing, leaving no stone unturned as it sniffs out and pounces on vulnerabilities. It features:
- Multitudes of events and log data across each and every type of activity;
- Threat intelligence feeds with adequate context for prioritization and response; and
- Incident response platform integration to plan and execute textbook reactions.
Of all activity types, mobile users on smartphones, tablets and laptops present perhaps the biggest challenge for IT. These devices are always in motion. Questions of who’s using the device, where it’s located and what it’s connecting to are always causes for concern.
Not only are smartphones and tablets being manufactured at unprecedented rates, they’re also increasing in variety and becoming easier to use in a professional context due to the prevalence of productivity apps. Some apps are being delivered too quickly and bypassing security best practices, presenting vulnerabilities to every device they appear on. Without a proper defense, malware and other advanced threats can and will easily enter devices via apps, malicious websites or risky activities.
An App to Keep Activity Under Wraps
A lifesaver for enterprise CISOs seeking the means to prioritize event response, IBM MaaS360 and QRadar integration provides continuous visibility into mobile actions that put corporate assets and information at risk, giving the context necessary to perform on-the-fly threat severity assessments.
Further extending these capabilities, MaaS360 is the first enterprise mobility management (EMM) vendor to feature an app on the IBM Security App Exchange, making it easier than ever for QRadar admins to visualize questionable mobile events from a single dashboard, making for quicker, more informed responses.
The new App Exchange app delivers two new widgets that further extend the viewing capabilities offered by the existing QRadar integration. Using Web service calls to the MaaS360 platform, out-of-compliance devices can be viewed by operating system, making it easy to identify trends.
Additionally, the date and frequency of policy violations are broken down in a simple timeline.
After zeroing in on anything abnormal, QRadar admins can drill down further to pull more detailed log activity. This makes it easy to see specific events, when they occurred,and the overall threat magnitude — everything needed to determine what specific actions should be taken in response.
The Next Steps for App Exchange Users
To take advantage of these new features, visit the App Exchange today and download the MaaS360 app. Support documentation is included to help you configure these widgets within your QRadar dashboard, and it also provides the required steps to configure MaaS360 log sources within QRadar.
The QRadar and MaaS360 integrated solution displays mobile activity and out-of-compliance event information via visual dashboards and detailed reports. As a result, QRadar admins gain the intelligence required to act quickly before mobile infractions create organizationwide repercussions. Here are some examples:
- Unauthorized or jailbroken/rooted devices attempting to connect to corporate resources;
- Users who’ve installed malware-infected or blacklisted applications; and
- Those who’ve violated corporate policies configured via the MaaS360 portal.
These capabilities are available for QRadar admins after completing a quick and simple configuration process. As a prerequisite, admins must have access to an active MaaS360 account. If you have yet to complete this step, get started now with your free 30-day trial.