The QRadar team at IBM Security was delighted to see IBM Security QRadar named as the winner of the 2015 SANS Best SIEM Award. Every year, the SANS Institute surveys its more than 200,000 hands-on security practitioners, most of whom use commercial products, and publishes what the community likes best.

SANS Honors Top Security Products

“Each year SANS surveys the SANS community for nominations for the SANS ‘Best of the Year’ awards for products and services that have been successfully used to provide increases in both the effectiveness and efficiency of cybersecurity programs,” the SANS Institute wrote.

“In 2015 the products were voted on by security operations professionals and security managers from around the world, all of whom are actual users of these products. The SANS Best of Awards are not driven by vendors, but by the people actually using these products.”

Organizations have told IBM what they need from a security information and event management (SIEM) solution. The top features included the ability to:

  • Detect attacks in real time using best practices and behavioral analysis.
  • Deploy quickly with minimal intervention from an already overworked and understaffed security team.
  • Integrate with third-party security solutions to create a single pane of glass for all security events, alerts and workflows.
  • Monitor and secure cloud services, including cloud-based deployments.
  • Have a strong partner network and ecosystem to provide support and offer advanced security skills.
  • Maintain compliance with internal and external regulations.

Why QRadar Stands Out

This is quite a list, but the QRadar team is focused on these requirements and relentlessly drives innovations to deliver real value against them. Take, for example, the IBM Security App Exchange, which now has more than 30 available apps and extensions, covering many aspects of security operations workflow, compliance, visualization, monitoring and more.

The product has also expanded deployment options to include new cloud, managed security services provider and software-as-a-service offerings while simultaneously improving out-of-the-box support for on-premises security systems.

QRadar is very busy working on new innovations to transform customers’ security operations with leadership features, including:

  • A single architecture for analyzing log, flow, vulnerability, user and asset data;
  • Real-time and historical security data correlation and behavioral anomaly detection rules to identify high-risk threats;
  • High-priority incident detection among billions of daily incoming data points;
  • Full visibility into cloud, network, application and user activities; and
  • Compliance data collection and reporting using automation to reduce regulatory burdens.

The security environment continues to get tougher, the threats are getting more severe, there are fewer available skills, and there is an abundance of point security solutions — all long on promises, yet short on delivery. This recognition from SANS showed that there are SIEM solutions that can balance advanced technologies with positive user experiences, and QRadar is one of them.

Tour the award winning QRadar platform

More from

OneNote, Many Problems? The New Phishing Framework

There are plenty of phish in the digital sea, and attackers are constantly looking for new bait that helps them bypass security perimeters and land in user inboxes.Their newest hook? OneNote documents. First noticed in December 2022, this phishing framework has seen success in fooling multiple antivirus (AV) tools by using .one file extensions, and January 2023 saw an attack uptick as compromises continued.While this novel notes approach will eventually be phased out as phishing defenses catch up, current conditions…

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

LastPass Breaches Cast Doubt on Password Manager Safety

In 2022, LastPass suffered a string of security breaches which sparked concern among cyber professionals and those impacted by the intrusions. Some called into question the way LastPass handled and responded to the incident. In addition, the situation ignited a wider conversation about the risks linked to utilizing password managers.A password manager helps users generate strong passwords and safeguards them within a digital locker. A master password secures all data, which enables users to conveniently access all their passwords for…

The Role of Finance Departments in Cybersecurity

Consumers are becoming more aware of the data companies collect about them, and place high importance on data security and privacy. Though consumers aren’t aware of every data breach, they are justifiably concerned about what happens to the data companies collect. A recent study of consumer views on data privacy and security revealed consumers are more careful about sharing data. The majority of respondents (87%) say they wouldn’t do business with companies that appear to have weak security. Study participants also…