IBM Security achieves AWS Security Technology Competency Partner Status
I’m pleased to announce that IBM Security has achieved Amazon Web Services (AWS) Security Technology Competency Partner status via IBM Security QRadar in the AWS logging, monitoring, threat detection, and analytics category. This is a significant milestone that recognizes AWS Partner Network Partners (“APN Partners”) who have demonstrated technical proficiency and proven customer success.
The AWS Security Technology Competency complements our IBM Security Services designation as a Premier Consulting Security Competency Partner; an endorsement that is based on deep expertise in cloud native security to advise on cloud security, integrate hybrid environments and operate with confidence.
Both competencies reinforce announcements we made late last year to expand technology initiatives with AWS to secure hybrid cloud environments. This includes helping clients securely migrate and modernize to AWS Cloud by offering a unique combination of security technology products and services.
As organization accelerate their move to cloud, security teams need to drive an open and unified approach across hybrid environments; one which connects disparate threat telemetry sources and cloud native services with advanced analytics to break down the silos between teams and tools. The ability to drive visibility across distributed workloads and enable flexible deployment models are foundational elements.
QRadar Visibility into AWS
QRadar provides deep integrations with a broad range of AWS services including advanced rules, reports, saved searches, and cloud dashboards so that teams can easily visualize and prioritize offenses. These integrations extend visibility into AWS environments by collecting, parsing and analyzing event logs and flows with several mechanisms for AWS data ingestion.
QRadar leverages AWS transport services (ex. Kinesis) to send event logs and flows from AWS services (ex. CloudTrail) to AWS data collectors (ex. S3 buckets) which are then sent to QRadar. The QRadar S3 Protocol for example supports multi-account, multi-region and VPC Flow Logs for visibility into network traffic in AWS.
Flexible Deployment Models
QRadar is built on a flexible, scalable architecture that provides organizations with a range of deployment models to meet diverse business and security needs. QRadar includes the following components: event collectors, event processors, flow collectors, flow processors, data nodes and a central console. All components are available as hardware, software or virtual appliances. Software and virtual appliance options can be deployed on-premises, in IaaS environments or distributed across hybrid environments.
There are 4 primary deployment models that customers can implement to secure resources across the enterprise, including AWS environments: On Premises, Hybrid, Cloud, SaaS. Below we showcase the Hybrid and Cloud deployment models.