(Page 2 of 3)
What we hear loud and clear from our clients is they're locked in an intelligence arms race and they're looking for tools that can bridge the silos of information. It's not just about getting more data to find these threats; it's about what you can do with the data and how you can apply intelligence to ferret out the risks that matter from the ones that don't.
Q: Who are you targeting with this security platform? Enterprises? Small businesses? Both?
The need for this kind of solution it exists everywhere. The challenge might differ a little from a small business to large enterprises in that small businesses are going to have much fewer resources to address these challenges. On the other hand, large enterprises while they might have more resources, are likely facing a much greater volume and variety of attacks. We very much serve both ends of the market.
Q: What's next with QRadar? How will it evolve?
There are two major areas we're going to continue to invest in heavily from an R&D standpoint. One of them is the broader set of integrations with other IBM and non-IBM security products and network products. We're going to continue with an aggressive roadmap of integrations that we'll be delivering quarter after quarter. Beyond that, we'll continue to expand the platform in terms of its capabilities across what we call the security intelligence spectrum.
QRadar has primarily served the SIEM (security information and event management) market. But we've broadened beyond SIEM into other areas including a complementary space like configuration monitoring. The other piece customers are wrestling with is "How can I predict and prevent breaches and compromises before they happen at all?"
Part of that is analyzing the state of the network environment and identifying and prioritizing vulnerabilities and security gaps that might exist. Configuration monitoring does that by looking at the state of the network and identifying errors in how it's configured. So, for example, looking at firewalls and understanding if there are ports inadvertently opened that could expose the internal network to public Internet traffic inappropriately and then expose valuable systems.
You need to pair both the detection and the prevention elements here. That's an example of how we've built out a broader security intelligence platform and you'll see us continue to bring new functional capabilities to market that further broaden that platform. (continued...)