IBM Security QRadar

 View Only

IBM Security expands technology initiatives with AWS to secure hybrid cloud

By George Mina posted Tue December 08, 2020 04:53 PM


Today, we are pleased to announce the availability of IBM Security QRadar as a paid listing on the AWS marketplace  along with broader technology initiatives as part of the annual AWS re:Invent conference. This is a significant milestone as we see more clients migrating their workloads to the cloud. By 2023, Gartner predicts that 90% of SIEM capabilities will be delivered only through the cloud.

What we’re hearing from our clients

Organizations are accelerating their move to cloud to drive business innovation and customer success. At the same time, cloud poses new cybersecurity challenges as the number and types of security threats continue to grow. We’ve heard some common security concerns as our clients drive more of their workloads to the cloud.

  • An expanding footprint requires a unified security posture: As the footprint expands across cloud and on-premises, having multiple security tools creates a disjointed security posture, making it difficult to establish a unified approach.
  • You can’t protect what you can’t see: Meeting regulatory and compliance requirements is difficult without proper visibility across the hybrid landscape, and the process in cloud is fundamentally different from that of on-premise.
  • Cybersecurity and mitigation strategies need refining: Threat detection and response in hybrid environments requires prioritizing threats across networks, users, endpoints and cloud resources.

What we’re delivering

IBM Security is helping clients securely migrate and modernize to AWS Cloud by offering a unique combination of security technology products and services that embrace AWS native services.

  1. QRadar with AWS – Extend visibility and insights into the most critical threats across AWS and hybrid cloud environments via deep integrations across AWS native security services
  2. QRadar with X-Force Threat Management – Gain faster time to value via an end-to-end threat management program that offers integrated services across each phase of the NIST cybersecurity framework, supporting clients regardless of where they are on their AWS journey
  3. Cloud Pak for Security with AWS– Simplify and accelerate threat investigation across AWS and hybrid environments, including native support for AWS services and runs on Red Hat OpenShift to enable security teams to search for threats from one console, without migrating any data
  4. Security Services for AWS – Consulting and managed services across AWS security services to help clients reduce complexity and manage their overall security posture as they grow

QRadar with AWS Spotlight


QRadar provides deep integrations with a broad range AWS services include advanced rules, reports, saved searches, and cloud dashboards for visibility across hybrid cloud environments. Here are a few examples.

QRadar Device Support Module (DSM) for AWS Network Firewall

The new AWS Network Firewall service enables users to define firewall rules for threat centric visibility which is embedded into QRadar’s advanced analytics to trigger offenses around malicious activity.


The QRadar content extension with AWS CloudTrail extends visibility into AWS account activity including policy changes, high-risk misconfigurations and potential data exfiltration from cloud resources.

Full demo here.


Learn More

  1. QRadar on AWS marketplace
  2. QRadar apps and content extensions for AWS
  3. Cloud Pak for Security Quick Start on AWS