Vormetric, a provider of enterprise data security for physical, virtual and cloud environments, announced on March 13 integration with IBM’s QRadar Security Information and Event Management (SIEM), an automated analytics tool for correlating events across entire enterprise environments to identify threats.
After recently announcing integration with SIEM solutions HP ArcSight and Splunk, Vormetric continues to strengthen its data security offerings with integration of IBM QRadar into the Vormetric Data Security Platform.
The integration feeds detailed data access information from the Vormetric Data Security platform directly into IBM QRadar, and provides implementation tools as well as pre-built dashboards, reports and displays that enable organizations to get up and running quickly. The resulting combined solution rapidly identifies unauthorized data access attempts — indicating accounts that represent a possible threat — and includes capabilities to monitor and alert on data access patterns that may indicate the presence of an Advanced Persistent Threat (APT) or a malicious insider attack.
“Data can’t defend itself: it’s Vormetric’s mission to enable our customers to solve data security compliance problems and avoid data breaches across both enterprise and cloud environments,” said Derek Tumulak, vice president of product management. “The integration of Vormetric with IBM QRadar delivers the type of advanced security intelligence that every organization needs to safeguard critical data. By combining our capabilities, organizations can enhance their data protection stance with automated data access pattern analysis, enabling them to identify potential threats to sensitive data at the source.”
In addition to “out-of-the-box” security intelligence reports, dashboards and displays, search operations can immediately extract information from the log streams produced by Vormetric Transparent Encryption and the Vormetric Data Security Manager (DSM).
A second level of security is included, the capability to “watch the watcher,” detecting attacks against not only the data, but also against data security management infrastructure and accounts. Organizations can identify unusual and anomalous access patterns by security administrators that may indicate a malicious insider within the security organization, or a security administrative account that has been compromised.
“The final result is a real win for our joint customers,” said Tumulak. “These customers can now easily make use of all the security intelligence data supplied by the Vormetric Data Platform with IBM QRadar, taking their data protection efforts to the next level with detailed views of who, when, where and how critical data is accessed.”