IBM Security QRadar

 View Only

QRadar SIEM (cloud-native) edition is here

By Christopher Meenan posted 26 days ago


It is with great excitement that I announce the launch of QRadar SIEM (cloud-native) edition, a completely new generation of QRadar SIEM. The cloud-native edition has been re-built from the ground up on a cloud-native architecture to allow us to serve the demands and challenges of securing multi-cloud environments. This new launch marks a critical step in the evolution of our broader QRadar Suite portfolio and will be the key to outpacing the adversary with speed, scale and accuracy. 

Today’s announcement is just the beginning of a series of more in-depth product updates where we showcase how QRadar SIEM will help transform the people, process, and technologies with:

  • The cloud-native advantage

  • Open collaborative, community powered defense

  • An unwavering commitment to ensuring analyst success

The cloud-native advantage

The new cloud-native architecture allows for faster innovations and customer feedback. By leveraging a higher performance data warehouse and query language, IBM’s new cloud-native SIEM can offer significantly faster search speeds than a traditional SIEM. Additionally, it provides a more flexible data ingestion pipeline that can dynamically evolve and scale with customers changing environments like scaling up for large data bursts and scaling down during low ingest periods. It also offers higher resiliency, leveraging a microservices-based architecture with Red Hat OpenShift – allowing it to automatically shift cloud resources in the event of corruption. 

Built to be open 

Building on over a decade of QRadar’s market leadership and analyst recognition, we have designed our cloud-native SIEM to be open on multiple levels - specifically with hybrid multi-cloud in mind. While other vendors may offer a cloud-native architecture, IBM is approaching cloud-native SIEM more broadly - building it specifically for hybrid multi-cloud. Other vendors offer an architecture built with a closed, single cloud approach - where the full potential can only be achieved within that vendors native cloud or with that vendors products. This makes it so that their analytics, integrations, and search options work well within their native cloud, but are difficult to implement across a dispersed, hybrid cloud environment. 

The QRadar difference is our dedication to an open approach at a foundational level. Built on Red Hat OpenShift, and leveraging open source and open standards for core functions including detections and query language, QRadar is natively interoperable across all types of environments and toolsets.

Designed for the analyst

At IBM, we recognize that having the most powerful technology means nothing if it burdens the analyst with complexity. That’s why we built QRadar SIEM with the analyst in mind. With a streamlined intuitive interface designed to remove typical SOC operations tool fatigue, the unified analyst experience removes the burden of switching between tools, or dealing with false positives and inefficient workflows. QRadar SIEM provides complete visibility along with AI-driven capabilities to amplify analyst decisions and automate repetitive tasks. Whether it’s simplified case management, threat investigation, or near real-time alerting, QRadar SIEM is thoughtfully engineered to help analysts succeed. When analysts have the right tools and context, they can move with speed and precision to stop sophisticated attacks.

What does this mean for current QRadar SIEM customers? 

We understand the importance of meeting our clients where they are in their technology journey. IBM will continue driving innovation for both the original QRadar SIEM portfolio, including on-premises and SaaS deployment options - as well as the new cloud-native edition. We recognize that clients have different requirements for their current SIEM needs, therefore we will continue supporting those that are looking for the powerful streaming analytics and correlation engine that QRadar classic SIEM offers, while also supporting a seamless transition path for those interested in the scalability and flexibility of a cloud-native solution.

Join me on November 15, for an overview and introduction of the new cloud-native edition: [Register Today]

To learn more about QRadar SIEM (cloud-native) and how it can help you outsmart the adversary, please visit