Gem Security, the Cloud Detection and Response (CDR) company, announced its new integration with IBM Security QRadar, designed to help customers modernize their security operations and incident response processes for the vast scale and complexity of the cloud, while continuing to leverage existing SOC workflows.
Gem’s integration with QRadar provides consolidated detection, alerting, and response functionality within QRadar’s leading Security Information and Event Management (SIEM) technology.
Gem’s integration with QRadar’s leading Security Information and Event Management (SIEM) technology provides consolidated real-time, “right of boom” visibility into suspicious and unauthorized cloud events across an organization’s entire cloud estate (AWS, Azure, GCP, Okta, etc.), helping SecOps teams to efficiently and effectively detect, forensically investigate, and contain cloud breaches.
Built upon a modern data lake architecture, Gem’s agentless platform integrates in minutes with all major cloud providers via their native APIs, requiring just read-only access to continuously ingest logs and correlate events across the entire cloud attack surface (control, identity, data, network, compute, containers, etc.).
Leveraging the world’s first cloud-specific behavioral analytics model, or cloud UEBA, Gem dramatically reduces cloud alert noise and automatically builds investigation timelines enabling analysts to understand the full story of multi-stage cloud attacks in minutes, versus hours or days using traditional manual approaches. SecOps teams can then launch automated, pre-built containment actions to quickly stop attacks before they have a material impact on the business, such as isolating instances and rotating access keys, as well collect forensic snapshots for root cause analysis and compliance.
The new application, Gem DSM for QRadar, is available to the security community for no charge through IBM Security App Exchange, a marketplace where developers across the industry can share applications based on IBM Security technologies. As threats are evolving faster than ever, collaborative development amongst the security community can help organizations adapt quickly and speed innovation in the fight against cybercrime.
“Collaborating with IBM allows our joint customers to get the best of both worlds,” said Arie Zilberstein, Co-Founder & CEO of Gem Security. “IBM QRadar provides them with leading SIEM technology that fuses their security data and alerts into a single location for threat management and incident response. Gem brings cloud-specific context to that equation, enabling teams to transform their SecOps and incident response processes for the cloud era.”
SOURCE: PRNewswire