The QRadar team at IBM Security was delighted to see IBM Security QRadar named as the winner of the 2015 SANS Best SIEM Award. Every year, the SANS Institute surveys its more than 200,000 hands-on security practitioners, most of whom use commercial products, and publishes what the community likes best.
SANS Honors Top Security Products
“Each year SANS surveys the SANS community for nominations for the SANS ‘Best of the Year’ awards for products and services that have been successfully used to provide increases in both the effectiveness and efficiency of cybersecurity programs,” the SANS Institute wrote.
“In 2015 the products were voted on by security operations professionals and security managers from around the world, all of whom are actual users of these products. The SANS Best of Awards are not driven by vendors, but by the people actually using these products.”
Organizations have told IBM what they need from a security information and event management (SIEM) solution. The top features included the ability to:
- Detect attacks in real time using best practices and behavioral analysis.
- Deploy quickly with minimal intervention from an already overworked and understaffed security team.
- Integrate with third-party security solutions to create a single pane of glass for all security events, alerts and workflows.
- Monitor and secure cloud services, including cloud-based deployments.
- Have a strong partner network and ecosystem to provide support and offer advanced security skills.
- Maintain compliance with internal and external regulations.
Why QRadar Stands Out
This is quite a list, but the QRadar team is focused on these requirements and relentlessly drives innovations to deliver real value against them. Take, for example, the IBM Security App Exchange, which now has more than 30 available apps and extensions, covering many aspects of security operations workflow, compliance, visualization, monitoring and more.
The product has also expanded deployment options to include new cloud, managed security services provider and software-as-a-service offerings while simultaneously improving out-of-the-box support for on-premises security systems.
QRadar is very busy working on new innovations to transform customers’ security operations with leadership features, including:
- A single architecture for analyzing log, flow, vulnerability, user and asset data;
- Real-time and historical security data correlation and behavioral anomaly detection rules to identify high-risk threats;
- High-priority incident detection among billions of daily incoming data points;
- Full visibility into cloud, network, application and user activities; and
- Compliance data collection and reporting using automation to reduce regulatory burdens.
The security environment continues to get tougher, the threats are getting more severe, there are fewer available skills, and there is an abundance of point security solutions — all long on promises, yet short on delivery. This recognition from SANS showed that there are SIEM solutions that can balance advanced technologies with positive user experiences, and QRadar is one of them.