IBM Security is expanding integrations with Amazon Web Services (AWS), helping customers simplify and enhance cloud security by bringing together native AWS Cloud Foundational Services with IBM Security QRadar Log Insights and IBM Security QRadar SIEM.
IBM Security has also recently made strategic investments to strengthen its Guardium family of data security products, extending data visibility and control into leading cloud service providers such as AWS.
AWS built-in solutions integrate automatically with AWS foundational services to simplify and streamline the deployment experience. Automatically installed, configured, and integrated, this new solution brings together IBM Security QRadar Log Insights—a cloud-native management platform—with several AWS native services.
Roles and permissions are programmatically set-up within the AWS Identity and Access Management (IAM) Identity Center, and AWS Control Tower configures Log Insights, which are designed to help shorten time-to-value and reduce cloud misconfigurations.
This integrated solution offers the following key benefits to customers:
- Simplified search-based investigations. AWS CloudTrail tracks all activity occurring in on AWS– and now these audit logs can be integrated with IBM Security QRadar Log Insights. This integration can make it easier to search events across AWS and hybrid cloud environments to identify potential malicious behavior or misconfigurations.
- Enhanced security data visualization. Amazon GuardDuty is a threat detection service that continuously monitors AWS accounts and workloads for malicious activity and delivers security findings for visibility and remediation. By bringing Amazon GuardDuty together with IBM Security QRadar Log Insights, customers can ingest data sources from other clouds and on-premises – providing access to data quickly and in one place to deliver efficient detection, investigation, and response to threats.
To help customers further advance hybrid cloud visibility and simplify threat detection and response, IBM Security’s QRadar Suite supports Amazon Security Lake.
Recently made generally available, Amazon Security Lake centralizes disparate log and event data from a customer’s AWS environment into a purpose-built data lake for a more complete, organization-wide understanding of their security related data. Amazon Security Lake customers can leverage IBM Security QRadar SIEM and IBM Security QRadar Log Insights for comprehensive hybrid cloud visibility.
IBM has made several strategic investments to bolster its Guardium portfolio of data security products, aiming to help customers better protect and manage the ever-expanding realm of cloud data:
- New Guardium Insights SaaS editions available in AWS Marketplace. IBM’s data security platform, Guardium Insights, has three new SaaS editions designed to meet the needs of small, mid and large enterprises. These new editions are designed to help organizations address their data compliance regulation requirements and protect data spread across multiple cloud platforms. All three SaaS options are anticipated to be available in the AWS Marketplace in Q2 2023.
- Enhancing Guardium with Data Security Posture Management (DSPM). IBM recently announced that it acquired Polar Security, a DSPM pioneer. Polar’s agentless solution automatically finds unknown and sensitive data across the cloud, including structured and unstructured assets, SaaS apps, and within cloud service providers such as AWS. Once discovered, Polar classifies the data, maps the potential and actual flow of that data, and identifies vulnerabilities, such as misconfigurations, over-entitlements, and behavior that violates policy or regulations. IBM intends to integrate Polar’s DSPM technology into IBM Security’s Guardium family of data security products.
IBM Security Services, part of IBM Consulting, is announcing support for the AWS Global Partner Security Initiative. This new initiative will provide the opportunity for IBM and AWS to provide transformational security and compliance services with actionable security data that leverages the power of generative artificial intelligence (AI).
The AWS Global Partner Security Initiative is comprised of four security pillars: Managed Detection and Response (MDR); Cyber Resilience Emergency Recovery; Security-led Cloud Migrations; and Continuous Regulatory Compliance.
Through this initiative, IBM initially intends to focus on helping customers migrate, modernize, and operate critical business workloads in the cloud. This also builds on the dedicated resources and deep expertise within IBM Consulting to work with shared AWS customers to bring secured, automated solutions to hybrid cloud environments.
For more information about this news, visit www.ibm.com.