Vormetric, a provider of enterprise data security for physical, virtual and cloud environments, has announced integration with IBM's QRadar Security Information and Event Management (SIEM), an automated analytics tool for correlating events across enterprise environments to identify threats.
According to the companies, the integration feeds detailed data access information from the Vormetric Data Security platform into IBM QRadar, and provides implementation tools as well as pre-built dashboards, reports and displays. The combined solution identifies unauthorized data access attempts – indicating accounts that represent a possible threat – and includes capabilities to monitor and alert on data access patterns that may indicate the presence of an Advanced Persistent Threat (APT) or a malicious insider attack.
In addition to "out-of-the-box" security intelligence reports, dashboards and displays, search operations can immediately extract information from the log streams produced by Vormetric Transparent Encryption and the Vormetric Data Security Manager (DSM). In addition, a second level of security is included to offer the capability to "watch the watcher," detecting attacks against not only the data, but also against data security management infrastructure and accounts. Organizations can identify unusual and anomalous accesses patterns by security administrators that may indicate a malicious insider within the security organization, or a security administrative account that has been compromised.
"By combining our capabilities, organizations can enhance their data protection stance with automated data access pattern analysis, enabling them to identify potential threats to sensitive data at the source,” said Derek Tumulak, vice president of product management, Vormetric.
Vormetric’s new IBM's QRadar Security Information and Event Management integration follows the company’s recently announced integration with HP ArcSight and Splunk.