contact@scnsoft.com en flag +1 214 306 68 37
en flag +1 214 306 68 37
Contact us
IBM Security QRadar SIEM Integration for a Digital Identity Services Company

IBM Security QRadar SIEM Integration for a Digital Identity Services Company

Industry
Information Technology
Technologies
QRadar

Customer

The Customer is a US-based company that provides digital identity services by enabling its partners to access personal information of clients who want to get individual services and discounts.

Challenge

Aiming to launch its digital identity service, the Customer was aware of a large amount of sensitive data it would have to process and protect from potential intruders. That’s why the Customer was looking for a reliable SIEM solution that could ensure a proper level of data protection. Among multiple tools, the Customer chose IBM Security QRadar SIEM (QRadar), a unified platform consolidating log events and network flow data from multiple endpoints and applications.  

The Customer required additional QRadar configuration and fine-tuning to leverage the system’s out-of-the-box functionality, as well as to enable the collection and processing of log events received from custom applications.

Solution

In search for professional QRadar configuration, the Customer turned to ScienceSoft, as our company has 13+ years of experience in SIEM and a solid portfolio of QRadar implementations for customers from healthcare, banking and finance, public sector, telecommunications and other industries.

ScienceSoft’s experts started from the analysis of the Customer’s solution logic and its IT infrastructure, which allowed them to assess the accuracy of QRadar’s initial deployment. The analysis also helped the SIEM team to focus on two major points: first of all, they configured standard device security modules (DSMs) to parse events received from multiple log sources and to convert them to a standard taxonomy format. After that, the experts developed custom log source extensions (LSXs) to integrate the platform with unsupported network objects represented by the Customer’s proprietary applications.

Additionally, ScienceSoft’s specialists carried out data normalization to ensure a proper correlation of log events after their primary collection.

At the final stage, the SIEM team monitored the QRadar environment by activating a QRadar SIEM health check tool QLean, ScienceSoft's proprietary tool developed to reveal performance issues and functional deviations of QRadar deployments. The monitoring allowed SIEM experts to verify if the system processed logs from all the connected log sources accurately, if data quality corresponded to the established standards, if the system correlated events into offenses correctly and more.

Results

Professional QRadar configuration by ScienceSoft’s SIEM experts, enabled the Customer to collect and process log data coming from unsupported applications, thus to ensure log events visibility and detect potential breaches. The final monitoring of the QRadar environment with QLean guaranteed the system's proper performance, thus minimizing risks of overlooking critical security events.

Technologies and Tools

IBM Security QRadar SIEM, QRadar API, Regex, Bold.

Have a question to our team or need help with your project?

Our team is ready to provide client references, estimate your project, or answer any other question related to your IT initiative.

Upload file

Drag and drop or to upload your file(s)

?

Max file size 10MB, up to 5 files and 20MB total

Supported formats:

doc, docx, xls, xlsx, ppt, pptx, pps, ppsx, odp, jpeg, jpg, png, psd, webp, svg, mp3, mp4, webm, odt, ods, pdf, rtf, txt, csv, log

Get in touch instantly

Call us Live chat WhatsApp Email us

More Case Studies

Share:

facebook twitter linkedin