QRadar brings to financial service organizations the transparency, accountability and measurability critical to the success of meeting regulatory mandates. QRadar’s unique correlation and integration of all surveillance feeds yields more accurate data for an operator (Transparency), more granular forensics for an incident response manager (Accountability), and more complete reporting for auditors (Measurability). Additionally, QRadar ships with thousands of report and rules templates, including specific requirements for SOX, GLBA, FFIEC, DFAS and PCI industry compliance mandates.
QRadar addresses many requirements of SOX, such as (SOX compliance rule indicated):
• SOX requirements (Sec 302 (a)(4)(C) and (D) - log-in/log-out monitoring): User accesses to the system be recorded and monitored for possible abuse.
QRadar provides:
- Out-of-the-box as well as customizable access and authentication rules allow for easy detection of threatening or invalid access attempts
- Deep forensic inspection views into all log data and network communications for monitoring/auditing all activity around an access offense.
- File integrity monitoring and notification through log analysis.
- Backup and Archival of access audit trails.
Protecting against cyber attacks, breaches, fraud and insider threats has heightened the need for financial services organizations looking to ensure compliance and manage costs and valuable personnel by automating resource-intensive security and compliance initiatives (SOX, GLBA, PCI, etc.).
QRadar’s automation of device discovery and data collection reduces time to value and by continuously identifying and profiling assets, both passively and actively, QRadar tunes the security system based on changes in services, vulnerabilities, systems, and identity. This automated updating of your security management results in reduced false positives and provides pinpoint identification of threats, prioritized by relevance, severity, and overall impact.
QRadar’s automation capabilities include:
• Auto Discovery provides constant detection and profiling of new assets (e.g. servers) that should be classified and assessed for regulatory compliance, reducing operational efforts and ensuring accurate threat identification of devices/services impacted.
• QRadar’s appliance based architecture delivers tightly integrated High Availability and, our extensible database is embedded in each appliance, negating the need for external relational databases that are expensive to deploy and maintain
• Hundreds of pre-defined rules that detect prominent threats like bot infections, data leakage, and compliance violations
• Over 3500 predefined reports to provide visibility at all levels of an organization and support financial services compliance initiatives (all rules and reports are provided free to Q1 Labs customers, including regular updates)
• Threat monitoring that includes automatic update of 3rd party threat data sources (including blacklisted networks, application detection, and geo-location data) as well as integration with IAMs to enabling improved recognition and resolution of threats.
With support for approximately 200 products from virtually every leading vendor deployed in financial services networks, including devices from Cisco, Juniper, Nortel, Checkpoint, Oracle, Sun, Enterasys, Symantec, ISS/IBM, McAfee, Sourcefire, RSA, and many more; QRadar provides collection, analysis and correlation across a broad spectrum of systems including networked solutions, security solutions, servers, hosts, operating systems, and applications. In addition, the QRadar solution is easily extended to support proprietary applications and new systems.
No comments:
Post a Comment