IBM Security QRadar

 View Only

#BeyondTheDSMGuide QRadar and Amazon Inspector Launch

By Wendy Willner posted Mon November 29, 2021 01:54 PM

  

Hi QRadar Community!

Just stopping by with some very exciting news! In continued support of our AWS strategic partnership, IBM Security is pleased to announce that we are a launch partner for Amazon Inspector. We continue to expand our partnership to bring even more value to our users. For the latest roundup of IBM Security solutions on the AWS Marketplace, please check out this (blog) from my teammate Jamie Hughes.

 

Amazon Inspector is a newly launched service that will continuously assess EC2 instances and container images pushed to the Elastic Container Registry (ECR) for software vulnerabilities. If Inspector detects software vulnerabilities or open network paths to your compute resources, it creates security findings.  

 AWS Security Hub provides a comprehensive view of your security state in AWS and helps you check your environment against security industry standards and best practices. QRadar has integrated data from Security Hub for several years and now supports the ingestion of Amazon Inspector Findings via our existing Security Hub Integration. 

 To leverage the joint intelligence of QRadar and Security Hub, check out the integration documentation which can be found (here). Inspector’s findings can be sent to QRadar via Security Hub and ingested via our Amazon Web Services Protocol. 


This integration complements many of  QRadar’s other analytics and workflows. Those tools include our Hybrid Cloud Content Extension (here) that provides additional detections for finding anomalies in your compute resources as well as QRadar’s Network Threat Analytics App which detects anomalies in your AWS VPC Flow Traffic. QRadar will then correlate findings from across your AWS environment (and other cloud or on-prem) environments to shed light on your most significant security incidents and reduce your mean time to detection and response! Once these findings are correlated, they can easily be escalated to a SOAR for a speedy response.

Don’t forget that IBM also has deep expertise in AWS security services and provides both managed and consulting services regardless of where you are on your cloud journey. Check out this success story (blog) that highlights our integrated solutions for AWS. 

 

We look forward to continuing to support our joint customers as they accelerate their journey to cloud. Finally, a big thanks to Mike Richards from IBM Security Development for championing this effort and to the Amazon team for including us. 


Will you try it out? Let me know?  
 

Thanks,  

Wendy Willner 

 

 

 

 

0 comments
15 views

Permalink