IBM QRadar

Hi, This question is for Jose,
I am running a couple of small startups and I want to be proactive about he security of my sites before we have a larger foot print. One of my companies is a dating site with a lot of transactions (Kismet )  and other one is Magnabid (MagnaBid.com) which needs to be HIPPA compliant. I was wondering if using Qradar is a right choice for us at this moment. 

Thanks, 
Ben Mansori

------------------------------
Ben Mansouri
------------------------------

Hi Ben,

I know this question is for Jose but could not resist. I read your question and it was quite exciting.
As your's are startups, I have following points for your companies. I will try to keep it as unbiased as possible :P
1) Is QRadar right choice for your companies at this moment?
Right chice really depends on various factors: age in the market, maturity, popularity(which attracts developers), cost, flexibility, scalability(as to when your startups are not startups anymore but large scale companies). In my opinion, QRadar would be a good fit for your company but the only concern is cost. As QRadar is a niche player inthe market, is costlier than other open source/log management and correlation tools.
2) Honestly, QRadar works perfect when it is a small deployment(maybe one or two boxes). It becomes really complex and difficult to manage, maintain or upgrade QRadar.
3) On Cloud, it works a bit different in terms of high availability, upgrades, etc than on company premise. Also, when(and not if) you decide to go to cloud, you need the tool to be easily scalable.
4) Please understand that QRadar can help you monitor that you are HIPPA compaint. However, it cannot make you compaint. QRadar can just tell you whether someone accessed the server or the database storing the information but cannot avoid a HIPPA violation.

So overall, QRadar would be a good fit for you at this moment but I would encourage you to take a look at open source tooling as well(alienVault, ElasticSIEM etc).

------------------------------
Chinmay Kulkarni
------------------------------

Original Message:
Sent: Wed October 23, 2019 08:18 PM
From: Ben Mansouri
Subject: Qradar for small Startups

Hi, This question is for Jose,
I am running a couple of small startups and I want to be proactive about he security of my sites before we have a larger foot print. One of my companies is a dating site with a lot of transactions (Kismet )  and other one is Magnabid (MagnaBid.com) which needs to be HIPPA compliant. I was wondering if using Qradar is a right choice for us at this moment. 

Thanks, 
Ben Mansori

------------------------------
Ben Mansouri
------------------------------

In my opinion, signup for this webinar and you'll find most of the answers for your questions. 
Jose Bravo will join too! ;)

Best regards,

------------------------------
Kiril Bonev
System Specialist
------------------------------

Original Message:
Sent: Thu October 24, 2019 02:39 AM
From: Chinmay Kulkarni
Subject: Qradar for small Startups

Hi Ben,

I know this question is for Jose but could not resist. I read your question and it was quite exciting.
As your's are startups, I have following points for your companies. I will try to keep it as unbiased as possible :P
1) Is QRadar right choice for your companies at this moment?
Right chice really depends on various factors: age in the market, maturity, popularity(which attracts developers), cost, flexibility, scalability(as to when your startups are not startups anymore but large scale companies). In my opinion, QRadar would be a good fit for your company but the only concern is cost. As QRadar is a niche player inthe market, is costlier than other open source/log management and correlation tools.
2) Honestly, QRadar works perfect when it is a small deployment(maybe one or two boxes). It becomes really complex and difficult to manage, maintain or upgrade QRadar.
3) On Cloud, it works a bit different in terms of high availability, upgrades, etc than on company premise. Also, when(and not if) you decide to go to cloud, you need the tool to be easily scalable.
4) Please understand that QRadar can help you monitor that you are HIPPA compaint. However, it cannot make you compaint. QRadar can just tell you whether someone accessed the server or the database storing the information but cannot avoid a HIPPA violation.

So overall, QRadar would be a good fit for you at this moment but I would encourage you to take a look at open source tooling as well(alienVault, ElasticSIEM etc).

------------------------------
Chinmay Kulkarni

Original Message:
Sent: Wed October 23, 2019 08:18 PM
From: Ben Mansouri
Subject: Qradar for small Startups

Hi, This question is for Jose,
I am running a couple of small startups and I want to be proactive about he security of my sites before we have a larger foot print. One of my companies is a dating site with a lot of transactions (Kismet )  and other one is Magnabid (MagnaBid.com) which needs to be HIPPA compliant. I was wondering if using Qradar is a right choice for us at this moment. 

Thanks, 
Ben Mansori

------------------------------
Ben Mansouri
------------------------------

@Chinmay Kulkarni ​ Chinmay, Thanks for the reply. I will follow tour guidelines. Ben

------------------------------
Ben Mansouri
------------------------------

Original Message:
Sent: Fri October 25, 2019 04:21 AM
From: Kiril Bonev
Subject: Qradar for small Startups

In my opinion, signup for this webinar and you'll find most of the answers for your questions. 
Jose Bravo will join too! ;)

Best regards,

------------------------------
Kiril Bonev
System Specialist

Original Message:
Sent: Thu October 24, 2019 02:39 AM
From: Chinmay Kulkarni
Subject: Qradar for small Startups

Hi Ben,

I know this question is for Jose but could not resist. I read your question and it was quite exciting.
As your's are startups, I have following points for your companies. I will try to keep it as unbiased as possible :P
1) Is QRadar right choice for your companies at this moment?
Right chice really depends on various factors: age in the market, maturity, popularity(which attracts developers), cost, flexibility, scalability(as to when your startups are not startups anymore but large scale companies). In my opinion, QRadar would be a good fit for your company but the only concern is cost. As QRadar is a niche player inthe market, is costlier than other open source/log management and correlation tools.
2) Honestly, QRadar works perfect when it is a small deployment(maybe one or two boxes). It becomes really complex and difficult to manage, maintain or upgrade QRadar.
3) On Cloud, it works a bit different in terms of high availability, upgrades, etc than on company premise. Also, when(and not if) you decide to go to cloud, you need the tool to be easily scalable.
4) Please understand that QRadar can help you monitor that you are HIPPA compaint. However, it cannot make you compaint. QRadar can just tell you whether someone accessed the server or the database storing the information but cannot avoid a HIPPA violation.

So overall, QRadar would be a good fit for you at this moment but I would encourage you to take a look at open source tooling as well(alienVault, ElasticSIEM etc).

------------------------------
Chinmay Kulkarni

Original Message:
Sent: Wed October 23, 2019 08:18 PM
From: Ben Mansouri
Subject: Qradar for small Startups

Hi, This question is for Jose,
I am running a couple of small startups and I want to be proactive about he security of my sites before we have a larger foot print. One of my companies is a dating site with a lot of transactions (Kismet )  and other one is Magnabid (MagnaBid.com) which needs to be HIPPA compliant. I was wondering if using Qradar is a right choice for us at this moment. 

Thanks, 
Ben Mansori

------------------------------
Ben Mansouri
------------------------------

Sure @Ben Mansouri.
Hope it helps you.​

------------------------------
Chinmay Kulkarni
------------------------------

Original Message:
Sent: Fri October 25, 2019 01:08 PM
From: Ben Mansouri
Subject: Qradar for small Startups

@Chinmay Kulkarni ​ Chinmay, Thanks for the reply. I will follow tour guidelines. Ben

------------------------------
Ben Mansouri

Original Message:
Sent: Fri October 25, 2019 04:21 AM
From: Kiril Bonev
Subject: Qradar for small Startups

In my opinion, signup for this webinar and you'll find most of the answers for your questions. 
Jose Bravo will join too! ;)

Best regards,

------------------------------
Kiril Bonev
System Specialist

Original Message:
Sent: Thu October 24, 2019 02:39 AM
From: Chinmay Kulkarni
Subject: Qradar for small Startups

Hi Ben,

I know this question is for Jose but could not resist. I read your question and it was quite exciting.
As your's are startups, I have following points for your companies. I will try to keep it as unbiased as possible :P
1) Is QRadar right choice for your companies at this moment?
Right chice really depends on various factors: age in the market, maturity, popularity(which attracts developers), cost, flexibility, scalability(as to when your startups are not startups anymore but large scale companies). In my opinion, QRadar would be a good fit for your company but the only concern is cost. As QRadar is a niche player inthe market, is costlier than other open source/log management and correlation tools.
2) Honestly, QRadar works perfect when it is a small deployment(maybe one or two boxes). It becomes really complex and difficult to manage, maintain or upgrade QRadar.
3) On Cloud, it works a bit different in terms of high availability, upgrades, etc than on company premise. Also, when(and not if) you decide to go to cloud, you need the tool to be easily scalable.
4) Please understand that QRadar can help you monitor that you are HIPPA compaint. However, it cannot make you compaint. QRadar can just tell you whether someone accessed the server or the database storing the information but cannot avoid a HIPPA violation.

So overall, QRadar would be a good fit for you at this moment but I would encourage you to take a look at open source tooling as well(alienVault, ElasticSIEM etc).

------------------------------
Chinmay Kulkarni

Original Message:
Sent: Wed October 23, 2019 08:18 PM
From: Ben Mansouri
Subject: Qradar for small Startups

Hi, This question is for Jose,
I am running a couple of small startups and I want to be proactive about he security of my sites before we have a larger foot print. One of my companies is a dating site with a lot of transactions (Kismet )  and other one is Magnabid (MagnaBid.com) which needs to be HIPPA compliant. I was wondering if using Qradar is a right choice for us at this moment. 

Thanks, 
Ben Mansori

------------------------------
Ben Mansouri
------------------------------

@Kiril Bonev Thanks Kiril, Will do for sure. 
Ben
ben@magnabid.com

------------------------------
Ben Mansouri
------------------------------

Original Message:
Sent: Fri October 25, 2019 04:21 AM
From: Kiril Bonev
Subject: Qradar for small Startups

In my opinion, signup for this webinar and you'll find most of the answers for your questions. 
Jose Bravo will join too! ;)

Best regards,

------------------------------
Kiril Bonev
System Specialist

Original Message:
Sent: Thu October 24, 2019 02:39 AM
From: Chinmay Kulkarni
Subject: Qradar for small Startups

Hi Ben,

I know this question is for Jose but could not resist. I read your question and it was quite exciting.
As your's are startups, I have following points for your companies. I will try to keep it as unbiased as possible :P
1) Is QRadar right choice for your companies at this moment?
Right chice really depends on various factors: age in the market, maturity, popularity(which attracts developers), cost, flexibility, scalability(as to when your startups are not startups anymore but large scale companies). In my opinion, QRadar would be a good fit for your company but the only concern is cost. As QRadar is a niche player inthe market, is costlier than other open source/log management and correlation tools.
2) Honestly, QRadar works perfect when it is a small deployment(maybe one or two boxes). It becomes really complex and difficult to manage, maintain or upgrade QRadar.
3) On Cloud, it works a bit different in terms of high availability, upgrades, etc than on company premise. Also, when(and not if) you decide to go to cloud, you need the tool to be easily scalable.
4) Please understand that QRadar can help you monitor that you are HIPPA compaint. However, it cannot make you compaint. QRadar can just tell you whether someone accessed the server or the database storing the information but cannot avoid a HIPPA violation.

So overall, QRadar would be a good fit for you at this moment but I would encourage you to take a look at open source tooling as well(alienVault, ElasticSIEM etc).

------------------------------
Chinmay Kulkarni

Original Message:
Sent: Wed October 23, 2019 08:18 PM
From: Ben Mansouri
Subject: Qradar for small Startups

Hi, This question is for Jose,
I am running a couple of small startups and I want to be proactive about he security of my sites before we have a larger foot print. One of my companies is a dating site with a lot of transactions (Kismet )  and other one is Magnabid (MagnaBid.com) which needs to be HIPPA compliant. I was wondering if using Qradar is a right choice for us at this moment. 

Thanks, 
Ben Mansori

------------------------------
Ben Mansouri
------------------------------