IBM unveils security forensics software

Searching for software clues

IBM has lifted the lid on new security forensics software aimed at protecting critical enterprise data.

The new product, QRadar Incident Forensics, is designed to help security professionals retrace the steps of cyber criminals, helping identify how breaches were made or where vulnerabilities lie.

The software records all activity on a network, alerting security of any suspicious activity or potential risks, and allows admins to test for conditions related to observed attack patterns identified by X-Force.

The result is a more efficient way to search network data and traffic, compared to existing manual detection methods.

Growing threats

There were more than half a billion stolen personal data records in 2013, according to the latest IBM X-Force Threat Intelligence Quarterly, due for release next week. That number is likely to rise in 2014, making it more important for new measures to battle cybercrime.

"Every breach is a race against time. This new forensics module further expands the breadth and depth of IBM's security intelligence capabilities," said Brendan Hannigan, GM of IBM Security Systems. "QRadar Incident Forensics further helps IT staff prevent emerging threats and better determine the impact of any intrusion."

IBM is also working on additional security solutions this year, including the Advanced Cyberthreat Intelligence Service, which will provide businesses with IBM's research on threats, attacker tools, and tactics used by hackers.

QRadar Incident Forensics launches in the second quarter. A beta will be available for existing QRadar clients.