IBM QRadar Endpoint is Ring -1 ( Hypervisor level) , we hope to integrate Intel SDK tools with IBM QRadar Endpoint (IBM ReaQta uses Stealth Nano OS in the Hypervisor Level Ring -1 with HiveDB) to satisfy the protection from ( Microcode let us consider it Ring-4) or from Ring -3 to Ring -1 and then from Ring 0 up to Ring 3 , this very important to hunt the threats and vulnerabilities and predict the harmful behavior of the attackers and spy ware,

To Achive this we may need to integrate the QRadar ReaQta Hive DB with other Real time Data base of the Threat Detection Tools from other companies like Intel Corp.

for example, we can use the Intel vPro ( more details in the attached document) which include the following:

Intel® Bios Guard,

Intel® Boot Guard

Intel® Firmware Guard

Intel Firmware Update/ Recovery

Intel® Platform Trust Technology (Intel® PTT)

Intel® Runtime BIOS Resilience

Intel® System Resources Defense

Intel® Trusted Execution Technology (Intel® TXT)

Intel® System Security Report

Intel® Tunable Replica Circuit – Fault Injection Detection