Security analytics and security operations center (SOC) managers who have continuous access to a breadth of data throughout an operation is a key indicator of an organization’s good security posture. The IBM BigFix App Team prides itself in helping security analysts and SOC managers meet that goal with the release of the IBM BigFix App for QRadar v1.0.0 in May 2017, providing them continuous visibility and insights into their endpoint security status from a single panel on the QRadar Console.
IBM BigFix App for QRadar fully integrates QRadar and BigFix to retrieve a variety of endpoint security data such as vulnerabilities discovered, patches to be applied, anti-virus deployment status, and software installation and processes running status. The deep and wide-scoped endpoint security data enables QRadar security analysts to increase their awareness on endpoint status and perform incident investigation more effectively. It also delivers to SOC managers a comprehensive endpoint security posture across the organization to help identify critical areas that need attention.
With IBM Security’s continued dedication to combat advanced cybersecurity threats, the IBM BigFix team is releasing IBM BigFix App for QRadar v1.5.0 to provide more security threat data, enhanced data visualization, and usability improvement.
What’s included in version 1.5.0
- Attack alerts generated based on IOC and IOA analysis
- Anchored header showing the Endpoint, Vulnerability, and Patch summary throughout the Overview or Endpoint pages
- Improved data visualization involving color and contrast enhancements and element location refinements
- More configuration options for data source connection verification
- Improved download logs functionality
- Additional solution collaterals:
- Solution Brief: Making Security Analytics More Effective with Deep Insight into Endpoints (http://ibm.biz/BigFixAppSolutionBrief_WGS03113USEN-20170711)
- Solution Demo Video (http://secureyourendpoints.com/BigFixforQRadar.html)
Where to get the app
To download the app, go to the app download page on IBM Security App Exchange, a marketplace for the security community to share apps based on advanced security technologies.
Want to learn more?
- Unapplied Knowledge: Using Endpoint Intelligence to Earn an A-Plus in Security by I-Lung Kao, IBM Product Manager for IBM BigFix endpoint security solutions.
- A Perfect Match: How to Correlate Security Events to Your Endpoint Vulnerabilities webcast available on demand from IBM Security Webinar.
- Making Security Analytics More Effective with Deep Insight into Endpoints article highlights what the app can do for you.
- IBM BigFix App for QRadar community allows you to provide your feedback directly to the developers of the BigFix app.
- Videos
- Solution Demo Video
- Technical function demo videos available on YouTube:
We want to hear from you
Tell us what you think of the app and post your feedback at https://ibm.biz/BigFixQRadarApp. We want to hear your thoughts – no matter whether it is good or bad. Your feedback will help us make this app better than it already is!
We hope you find the app useful and effective.
Thank you!
IBM BigFix App Team