IBM TechXchange Security Technology Alliance Program User Group

 View Only

Infoblox QRadar SIEM App Announcement

By Dan Schofield posted Mon August 05, 2024 05:07 AM

  

Strengthen Your Security Operations with the New Infoblox Integration for IBM QRadar SIEM

Infoblox is thrilled to announce the latest integration of Infoblox with IBM QRadar SIEM, designed to uplift your security operations efficiency to new heights. This integration brings together the comprehensive visibility of Infoblox SOC Insights and Infoblox DNS, DHCP and IP Address Management (“DDI”) with the SIEM capabilities of QRadar, offering you deeper visibility and reducing Mean Time To Respond (MTTR) to threats.

Key Features of the Integration

  1. Comprehensive Dashboards: Experience real-time visibility into your network with our new, interactive dashboards. These dashboards consolidate data from Infoblox SOC Insights, DNS, DHCP, Service Logs and Audit Logs, presenting it in a familiar format. This allows you to quickly identify anomalies, monitor threat indicators, and keep an eye on overall security threats, significantly reducing Mean Time to Respond (MTTR)


  1. SOC Insights Offense Rule: Easily identify Active Infoblox Events with a built-in QRadar offense rule, providing immediate visibility into potential threats. Additionally, each offense includes detailed Infoblox event annotations, allowing for quicker and more accurate incident analysis.
View of the QRadar console offense rule viewer showing the Infoblox SOC Insights rule

 

QRadar Offense example with Infoblox SOC Insights showing data fields on the QRadar Console offense viewer


    Benefits for Your Security Operations

    • Improved Operational Efficiency: Improve your security teams’ efficiency and reduce investigation time by up to 67% by focusing on the most critical alerts from SOC insights. Additionally, a unified interface for managing Infoblox and QRadar data reduces operational complexity.
    • Enhanced Visibility with Contextual Data: Comprehensive dashboards and lookup tools provide deeper insights into network activity and potential security threats. Quickly correlate network activities with potential threats using detailed lookups and visualizations.
    • Access Unique DNS-based Threat Intelligence: Access unparalleled DNS-based threat intelligence to enhance security decision-making and threat mitigation.

    Getting Started

    To start leveraging the benefits of the Infoblox integration for IBM QRadar, visit the IBM App Exchange and download the Infoblox app. Detailed documentation is available to guide you through the setup process and help you maximize the potential of these new features.

    Infoblox believes this integration will significantly enhance your ability to detect, investigate, and respond to security threats. Stay ahead with the combined power of Infoblox and QRadar SIEM and supercharge your security operations.

    0 comments
    5 views

    Permalink