IBM Adds Incident Forensics To QRadar
IBM unveiled IBM Security QRadar Incident Forensics, adding a new way to diagnose potential threats, probe external attacks and investigate unauthorized insider activities. The module can be added to the QRadar Security Intelligence Platform, the company’s security information event management system. The forensics tool provides a record of activity on the network so incident responders can trace the actions of potential cybercriminal activity. It also can alert on suspicious activity. Existing QRadar clients can test the new module as part of a beta program. The product will be generally available in the second quarter of 2014.