Today at AWS re:Inforce 2023, IBM Security is announcing expanded integrations with Amazon Web Services (AWS) intended to help customers simplify and enhance cloud security by bringing together...
Today at AWS re:Inforce 2023, IBM Security is announcing expanded integrations with Amazon Web Services (AWS) intended to help customers simplify and enhance cloud security by bringing together native AWS Cloud Foundational Services with IBM Security QRadar Log Insights and IBM Security QRadar SIEM. IBM Security has also recently made strategic investments to strengthen its Guardium family of data security products, extending data visibility and control into leading cloud service providers such as AWS.
Today, security teams are struggling with protecting an increasingly diverse and complex IT landscape in today’s hybrid cloud world. This has created the need for streamlined security solutions that help enhance overall security posture. In fact, according to an Enterprise Strategy Group and Information Systems Security Association (ISSA) survey 84% of cybersecurity professionals surveyed see integration among products as important. (1)
IBM Announces AWS Built-in Solution
As part of the AWS built-in partner solutions introduced at AWS re:Inforce 2023, IBM worked with AWS to develop a new AWS built-in solution. AWS built-in solutions integrate automatically with AWS foundational services to simplify and streamline the deployment experience. Automatically installed, configured and integrated, this new solution brings together IBM Security QRadar Log Insights—a cloud-native management platform—with several AWS native services.
Roles and permissions are programmatically set-up within the AWS Identity and Access Management (IAM) Identity Center, and AWS Control Tower configures Log Insights, which are designed to help shorten time-to-value and reduce cloud misconfigurations. This integrated solution offers the following key benefits to customers:
- Simplified search-based investigations. AWS CloudTrail tracks all activity occurring in on AWS– and now these audit logs can be integrated with IBM Security QRadar Log Insights. This integration can make it easier to search events across AWS and hybrid cloud environments to identify potential malicious behavior or misconfigurations.
- Enhanced security data visualization. Amazon GuardDuty is a threat detection service that continuously monitors AWS accounts and workloads for malicious activity and delivers security findings for visibility and remediation. By bringing Amazon GuardDuty together with IBM Security QRadar Log Insights, customers can ingest data sources from other clouds and on-premises – providing access to data quickly and in one place to deliver efficient detection, investigation, and response to threats.
IBM Security QRadar Suite Support for Amazon Security Lake
To help customers further advance hybrid cloud visibility and simplify threat detection and response, IBM Security’s QRadar Suite supports Amazon Security Lake. Recently made generally available, Amazon Security Lake centralizes disparate log and event data from a customer’s AWS environment into a purpose-built data lake for a more complete, organization-wide understanding of their security related data. Amazon Security Lake customers can leverage IBM Security QRadar SIEM and IBM Security QRadar Log Insights for comprehensive hybrid cloud visibility.
Advancing Cloud Data Security
In the era of cloud computing, surveyed organizations that possess the most advanced security capabilities witnessed a remarkable 43% higher revenue growth compared to their least advanced peers over a span of five years, as revealed by research conducted by the IBM Institute for Business Value. IBM has made several strategic investments to bolster its Guardium portfolio of data security products, aiming to help customers better protect and manage the ever-expanding realm of cloud data:
- New Guardium Insights SaaS editions available in AWS Marketplace. IBM’s data security platform, Guardium Insights, has three new SaaS editions designed to meet the needs of small, mid and large enterprises. These new editions are designed to help organizations address their data compliance regulation requirements and protect data spread across multiple cloud platforms. All three SaaS options are anticipated to be available in the AWS Marketplace in Q2 2023.
- Enhancing Guardium with Data Security Posture Management (DSPM). IBM recently announced that it acquired Polar Security, a DSPM pioneer. Polar’s agentless solution automatically finds unknown and sensitive data across the cloud, including structured and unstructured assets, SaaS apps, and within cloud service providers such as AWS. Once discovered, Polar classifies the data, maps the potential and actual flow of that data, and identifies vulnerabilities, such as misconfigurations, over-entitlements, and behavior that violates policy or regulations. IBM intends to integrate Polar’s DSPM technology into IBM Security’s Guardium family of data security products.
IBM Security Services to Support AWS Global Partner Security Initiative
IBM Security Services, part of IBM Consulting, is announcing support for the AWS Global Partner Security Initiative. This new initiative will provide the opportunity for IBM and AWS to provide transformational security and compliance services with actionable security data that leverages the power of generative artificial intelligence (AI). The AWS Global Partner Security Initiative is comprised of four security pillars: Managed Detection and Response (MDR); Cyber Resilience Emergency Recovery; Security-led Cloud Migrations; and Continuous Regulatory Compliance. Through this initiative, IBM initially intends to focus on helping customers migrate, modernize, and operate critical business workloads in the cloud. This also builds on the dedicated resources and deep expertise within IBM Consulting to work with shared AWS customers to bring secured, automated solutions to hybrid cloud environments.
Today’s news is another example of the strong history of collaboration and interoperability between IBM Security and AWS. In addition to the over 1,000 integrations with third-party hybrid security products and infrastructure available across the IBM QRadar Suite, IBM QRadar SIEM customers can integrate natively with 9 AWS services delivered via a variety of AWS data collectors such as Amazon Kinesis or Amazon CloudWatch Events.
AWS consultancies, systems integrators, and MSPs interested in learning how to drive accelerated growth of their security business powered by IBM can submit their interest here.
To learn more about how IBM Security helps protect the hybrid cloud, visit the IBM Security booth #640 at AWS re:Inforce 2023 or visit: https://www.ibm.com/security/partners/aws.
Statements regarding IBM's future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.
- Source: Enterprise Strategy Group and Information Systems Security Association (ISSA), “ESG Research Report: Technology Perspectives from Cybersecurity Professionals” [July 2022]
- Source: IBM Institute for Business Value, “Data security as business accelerator?” [June 2023]