IBM launches new threat analytics
Dubai, April 29, 2012
IBM has unveiled new analytics using advanced security intelligence that can flag suspicious behaviour in network activities to help better defend against hidden threats facing organisations.
As organisations open up their networks to smartphones and increased social media access, traditional security defenses alone such as firewalls and antivirus software can’t adequately protect an organization, said a statement.
According to the 2011 IBM X-Force Trend and Risk Report, adversaries ramped up social engineering attacks and X-Force witnessed mobile exploits increased by 19 percent in 2011. Firewalls and traditional security products do little against advanced threats that use unreported techniques or that have already invaded an organisation.
To address this, IBM has announced the QRadar Network Anomaly Detection appliance that analyses complex network activity in real-time, detecting and reporting activity that falls outside normal baseline behavior.
The analytics not only can look at inbound attacks but also can detect outbound network abnormalities where malware may have already infected a “zombie” system to send data outside the organization, it said.
“Advanced attackers are both patient and clever, leaving just a whisper of their presence, and evading many network protection and detection approaches,” said Marc van Zadelhoff, vice president of strategy and product management, IBM Security Systems. “Most organisations don’t even know they have been infected by malware. An advantage of IBM analytics is that it can detect the harbingers of new attacks from the outside or reveal covert malicious activity from the inside.”
Using advanced behavioral algorithms, the QRadar Network Anomaly Detection appliance analyses disparate data that can collectively indicate an attack – network and traffic flows, intrusion prevention system (IPS) alerts, system and application vulnerabilities, and user activity. It quantifies several risk factors to help evaluate the significance and credibility of a reported threat, such as the business value and vulnerabilities of targeted resources.
By applying behavioral analytics and anomaly detection, the application can flag abnormal events such as:
•Outbound network traffic detected to countries where the company does not have business affairs;
•FTP traffic observed in a department that doesn’t regularly use FTP services; and
•A known application running on a non-standard port or in areas where it is not allowed (e.g. unencrypted traffic running in secure areas of the network). – TradeArabia News Service
More IT & Telecommunications Stories
- Batelco unveils new business broadband package
- Mobily seals Bharti Airtel partnership deal
- VIVA launches exclusive rewards program
- US govt to shed control of net addresses
- Etisalat sets ultimatum for SIM card registration
- Acer targets double digit growth in Saudi
- UAE mobile radiation levels below global standards
- Arpu's T-Pay gateway draws top game vendors
- SAP unveils new cloud platform
- Zain launches smartphone insurance
- Windows XP users warned on usage risks
- Tecom units welcome 181 new companies
- Ooredoo chairman joins WB gender equality council
- Mobily, Jasper start wireless M2M service
- Telecom Egypt expects mobile licence in Mar or Apr
- Sandvine wins big Etisalat follow-on order
- Aveva software for engineering plant design
- Nawras to upgrade VSat services across Oman
- Mobily, Huawei sign smart network contract
- Etisalat, Tata launch video connect service
- Talia seals new partnership with Thuraya
- 4-pillar approach for telecom operators to boost growth
- Dubai mobile emissions below global standards
- Nawras signs capacity contract with SES
- Etisalat showcases satellite solutions at Cabsat
- Batelco launches 4G LTE roaming
- Gulf Air clinches best innovation award
- Viva inks Pepsi partnership deal
- Du offers free smarphones on tablet purchase
- Batelco launches double credit promotion