IBM unveiled a new security suite, IBM Security QRadar Suite, to unify and accelerate the security analyst experience. IBM describes the server as a major evolution and expansion of the QRadar brand, spanning all core threat detection, investigation and response technologies, with significant investment in innovations across the portfolio. It includes EDR/XDR, SIEM, SOAR, and a new cloud-native log management capability that uses a common user interface, shared insights, and connected workflows.

Streamlines analyst response across full attack lifecycle

IBM Security QRadar Suite is delivered as a service and built on an open foundation. The solution is designed specifically for the demands of a hybrid cloud. The service comes with a single, modernized user interface across all products, which is embedded with advanced AI and automation.

IBM has rearchitected its threat detection and response portfolio to maximize speed and efficiency and respond to security analysts’ needs. Core design elements of the service are:

Refined in collaboration with hundreds of real-world users, the suite features a common, modernized user interface across all products: designed to dramatically increase analyst speed and efficiency across the entire attack chain. It is embedded with enterprise-grade AI and automation capabilities that have been shown to speed alert investigation and triage by 55% in the first year, on average. Cloud Delivery, Speed & Scale: Delivered as a service on Amazon Web Services (AWS), QRadar Suite products allow for simplified deployment, visibility and integration across cloud environments and data sources. The suite also includes a new, cloud-native log management capability optimized for highly efficient data ingestion, rapid search and analytics at scale.

QRadar Suite is capable of contextualizing and prioritizing alerts automatically, displaying data in a visual format, and providing shares insights and automated workflows between products. With this approach, the service reduces the number of steps and screens required to investigate and respond to threats. Examples include:

Automatically prioritizes or closes alerts based on AI-driven risk analysis, using AI models trained on prior analyst response patterns, along with external threat intelligence from IBM X-Force and broader contextual insights from across detection toolsets. Automated Threat Investigation: Identifies high-priority incidents that may warrant investigation, and automatically initiates investigation by fetching associated artifacts and gathering evidence via data mining across environments. The system uses these results to generate a timeline and attack graph of the incident based on MITRE ATT&CK framework and recommends actions to speed response.

Mary O’Brien, General Manager of IBM Security said,

« In the face of a growing attack surface and shrinking attack timelines, speed and efficiency are fundamental to the success of resource-constrained security teams. IBM has engineered the new QRadar Suite around a singular, modernized user experience, embedded with sophisticated AI and automation to maximize security analysts’ productivity and accelerate their response across each step of the attack chain. »