Light Dark
March 3, 2015 By Vijay Dheap 2 min read
Intelligence & Analytics
Threat Intelligence

Time is of the essence, but pressures abound and skills and resources are limited. How is a security team supposed to cope with attackers’ increased sophistication and focus? The answer may lie in cyber forensics.

Imagine if the analysts on your security team could be empowered to use their human intuition and logical deduction to retrace the activities of an attacker. The legacy of cyber forensics is that of a specialized few only being called upon when a situation was dire. Now, cyber forensics approaches are becoming crucial when it comes to determining the type, size and scope of a breach or attack. This growing significance means the practice has to evolve. Security teams must become more self-sufficient in order to identify and remediate gaps in their organization’s security posture.

With this in mind, IBM introduced its IBM Security QRadar Incident Forensics™ solution. It allows for a broader set of the security team — not just data scientists or trained forensics investigators — to retrace an attacker’s steps, visualize frequency-based entity-to-entity relationships and identify suspicious activities based on built-in rules that operate on the content of the conversation, such as document text or email content, rather than just the metadata. For big data analytics, this solution also does the following:

  • Performs the most prevalent use case — search-driven ad hoc investigative analysis — with no additional implementation overhead;
  • Provides a robust indexing solution to look at data in the context of a security incident and quickly develop an understanding that will enable a data scientist to build custom algorithms that operate across the wider data set to become more proactive.

Download: Ponemon Institute Study on Network Forensic Investigations

This approach to helping address incident response requirements provides a single platform in which organizations can encapsulate the core set of forensics tools and apply the QRadar principle of delivering security intelligence. The tools sift through data, perform analyses and visualize different perspectives, while the intelligence improves enterprise-wide productivity by planting guideposts in the data and automating crucial elements of the forensics.

Image Source: iStock

 |  |  |  |  | 
Vijay Dheap
Big Data Security Intelligence & Mobile Security, IBM Security

More from Intelligence & Analytics
February 6, 2025

Hacking the mind: Why psychology matters to cybersecurity

4 min read - In cybersecurity, too often, the emphasis is placed on advanced technology meant to shield digital infrastructure from external threats. Yet, an equally crucial — and underestimated — factor lies at the heart of all digital interactions: the human mind. Behind every breach is a calculated manipulation, and behind every defense, a strategic response. The psychology of cyber crime, the resilience of security professionals and the behaviors of everyday users combine to form the human element of cybersecurity. Arguably, it's the…

November 27, 2024

What makes a trailblazer? Inspired by John Mulaney’s Dreamforce roast

4 min read - When you bring a comedian to offer a keynote address, you need to expect the unexpected.But it is a good bet that no one in the crowd at Salesforce’s Dreamforce conference expected John Mulaney to tell a crowd of thousands of tech trailblazers that they were, in fact, not trailblazers at all.“The fact that there are 45,000 ‘trailblazers’ here couldn’t devalue the title anymore,” Mulaney told the audience.Maybe it was meant as nothing more than a punch line, but Mulaney’s…

September 5, 2024

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature