IBM has updated its cybersecurity technology QRadar SIEM, introducing a series of significant innovations. The first key aspect is the redesign of the architecture, which is now entirely cloud-native, ensuring scalability, flexibility, and speed in any situation. This is just the first step: starting from 2024, the solution will be enhanced with new generative AI functionalities.
IBM redesigns the architecture of QRadar SIEM
IBM’s QRadar SIEM is not a novelty: it is a threat detection & incident response platform that has been around for 13 years. However, IBM has decided to renew this solution significantly by redesigning it, starting with the architecture, which is now entirely cloud-native. The new architecture will debut in the fourth quarter of 2023, at least in its SaaS version. In 2024, on-premise versions (always with a cloud-native approach) and multi-cloud will also be available.
QRadar SIEM is a solution for the analysis and correlation of system logs based on Red Hat OpenShift and designed to be open and connect with security and analysis solutions from other providers. There are already 700 integrations available.
Among its features, the adoption of the SIGMA detection rule system, allowing users to quickly import new rules developed by security communities based on evolving threats; the ability to perform federated searches, allowing analysts to proactively search and analyze threats across cloud and on-premise data sources regardless of technology, without moving data from their original source.
Generative AI arrives in 2024
Starting next year, IBM will further empower QRadar by adding new features based on watsonx, Big Blue’s artificial intelligence platform. With these innovations, users will be able to automate report creation, speed up threat search, get support in data interpretation, and enhance threat intelligence data.
«Our new cloud-native SIEM is a key element of IBM’s strategy to evolve its entire security platform towards the use of hybrid cloud models and full exploitation of AI algorithms,» says Kevin Skapinetz, Vice President, Strategy and Product Management at IBM Security. «Instead of forcing analysts to navigate the complexity of security technologies, we are designing technology to remove complexity, eliminate noise, simplify the user experience, and enable analysts to address urgent threats with greater speed and confidence.»
