Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Building a Next-Gen SOC with IBM QRadar

You're reading from   Building a Next-Gen SOC with IBM QRadar Accelerate your security operations and detect cyber threats effectively

Arrow left icon
Product type Paperback
Published in Jun 2023
Publisher Packt
ISBN-13 9781801076029
Length 198 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Ashish Kothekar Ashish Kothekar
Author Profile Icon Ashish Kothekar
Ashish Kothekar
Arrow right icon
View More author details
Toc

Table of Contents (18) Chapters Close

Preface 1. Part 1: Understanding Different QRadar Components and Architecture
2. Chapter 1: QRadar Components FREE CHAPTER 3. Chapter 2: How QRadar Components Fit Together 4. Chapter 3: Managing QRadar Deployments 5. Part 2: QRadar Features and Deployment
6. Chapter 4: Integrating Logs and Flows in QRadar 7. Chapter 5: Leaving No Data Behind 8. Chapter 6: QRadar Searches 9. Chapter 7: QRadar Rules and Offenses 10. Part 3: Understanding QRadar Apps, Extensions, and Their Deployment
11. Chapter 8: The Insider Threat – Detection and Mitigation 12. Chapter 9: Integrating AI into Threat Management 13. Chapter 10: Re-Designing User Experience 14. Chapter 11: WinCollect – the Agent for Windows 15. Chapter 12: Troubleshooting QRadar 16. Index 17. Other Books You May Enjoy

Integrating AI into Threat Management

When we look at the challenges surrounding threat management, one that stands out is the prioritization of security alerts. In the process of threat management, we have terabytes of data being analyzed in our local environments and it creates hundreds of security alerts. It is impossible to fully understand the impact of all of these security alerts as well as to prioritize which alerts should be dealt with first in a timely manner. Statistically, it has often taken days to find out a breach has happened, and substantial additional time after that to contain it.

Per IBM’s Data Breach Report from 2022, it takes about 277 days on average to identify and stop a data breach. From a security point of view, such a delay in detection and resolution can cause irreversible damage to the organization. So, as the volumes of data and security alerts have increased, so too has the technology become more mature. The introduction of Artificial Intelligence...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime