In today’s threat environment, given the sophistication and increase in cyber-attacks, security analysts must investigate and accurately identify threats on a daily basis to detect and stop threats in time before damage is caused. During an investigation, analysts need to pivot on multiple data sources such as threat feeds, security blogs, research articles, talking to peers and more. It can quickly become overwhelming when an analyst needs to investigate each incident in 20 minutes or less just to keep up with current alerts. Inaccuracies can creep in while they are simultaneously navigating and correlating information from multiple sources.
With the cognitive power of Watson for Cyber Security, analysts can now use QRadar Advisor with Watson to investigate incidents compiled by the QRadar security analytics platform and provide key insights to qualify and identify root cause of the incident.
Watch this webinar to see how a Tier 1 and Tier 2 SOC analyst uses QRadar Advisor with Watson to accurately identify and understand threats at speed and scale. See the complete lifecycle of an investigation in the SOC from when an offense is compiled by QRadarsecurity analytics platform to how you can use the results from the investigation from Watson to shutdown threats.
Carlos Aguilera, Global Security Solutions Architect
At IBM, Carlos helped create and shape the Manage SIEM service practice. In his current role as a Global Security Solutions Architect, he is responsible for communicating, shaping, and developing the services to best answer enterprise client needs. Carlos applies creative thinking and lessons learned through his tenure at IBM to offer solutions to complex problems for his clients. Recently Carlos devotes most of his time working on cognitive technologies such as QRadar Advisor Watson for Cyber Security or Havyn (cognitive security assistant).
Chris Hankins, CISSP, is the Offering Manager for Cognitive Security within the IBM Security Business Unit
Chris leads the IBM North America technical practice for cognitive security. Using his experience as a security analyst and architect, he leverages his expertise in cyber operations, forensics, threat intelligence, incident response and cognitive security to help organizations address strategic and operational initiatives within their security program, address sophisticated threats, and improve the overall risk posture of the business.