• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Q1 Labs Adds IBM i, Social Media Monitoring to SIEM

    September 29, 2010 Alex Woodie

    An updated security information and event management (SIEM) product from Q1 Labs promises to help businesses crack down on the leakage of sensitive information to social media websites like Facebook, Twitter, and LinkedIn. With qRadar 7.0, the SIEM gains new capabilities for correlating the social media activity of users with their access to company records–including DB2/400 access–thereby putting the kibosh on data leaks before they cause damage.

    Businesses are caught between a rock and a hard spot when it comes to social media and social networking websites. On the one hand, businesses don’t want to isolate themselves from the social media, which has a huge potential for attracting new customers and driving revenue growth. The adept use of social media will separate the winners from the losers in the next business cycle. For this very reason, many businesses encourage their employees to participate with social media and be a part of the social networking scene.

    But the social media infrastructure also poses a unique security challenge to businesses. As the world’s most popular website, Facebook is constantly under attack from bad people wishing to do bad things to the site’s 400 million users–maybe even you or your business. Hackers last week exploited a cross-site scripting flaw in Twitter that allowed a series of worms that spread malware and pornography to users. The reported cause of the flaw: JavaScript (the Web 2.0 lover’s dream, and the security officer’s nightmare) had been accidentally enabled in tweets. Whoops.

    Then there’s the potential for data leakage with social media–the larger internal threat, if you will, compared to the smaller external threat posed by hackers and malware. Overeager employees may get a little too enthusiastic with sharing sensitive information about themselves or their companies with their Facebook or Twitter posts. What may seem to an employee to be a perfectly appropriate post at the moment may later cause a PCI auditor to double over in sheer cringe-worthy joy. (You don’t want to give an auditor that kind of satisfaction, do you?)

    In short, if you invite Twitter or Facebook into your business, you are accepting a certain amount of risk, whether you’re aware of it or not. With the forthcoming release of qRadar 7.0, Q1 Labs says it can help companies mitigate that risk, while allowing them to maintain a social media presence.

    qRadar 7.0 introduces several new social media monitoring capabilities. For starters, the software’s use of deep packet inspection (DPI) technology helps it to spot malware that social media websites may be trying to introduce to the business environment. That’s the easy part.

    The hard part is handling employee access to social media. With qRadar 7.0, Q1 Labs says it can track which users are accessing which social media services, and how much they use them. With a baseline of activity established, qRadar can detect anomalous behavior, such as accessing social media sites at odd times or excessive use of the sites.

    The newly released qRadar 7.0 SIEM software from Q1Labs can track users social media activity and correlate it with use of back office applications and databases.

    The software can also use correlation–the most powerful tool of any SIEM–to determine whether a post to a social media website is likely to be inappropriate. For example, if a user attempts a post to a social media site right after accessing a sensitive internal resource, such as payroll data, qRadar can detect it. It could also potentially block the posting, if the customer has it configured that way.

    The new version of qRadar can establish a safer zone for organizations that are facing new avenues of attack, says Sandy Bird, co-founder and CTO of Q1 Labs. “They are also faced with keeping productivity up, due to the ‘always-connected’ mentality of employees that want to be constantly connected to their social networks,” he says in a press release. “Leveraging our native capabilities for DPI and content capture, the new version of qRadar allows companies to see into what social media applications are being used on their networks, and determine what types of threats come to light if these types of applications are allowed.”

    Q1Labs has done some work recently to boost its support for IBM i and i5/OS environments, according to senior product manager Matt Ward.

    “We have included support for AS/400 auditing for over four years, initially through integration with Patrick Townsend and PowerTech Interact agents,” Ward writes in an e-mail. “Last year Q1Labs released our native integration capability to gather and categorize Audit Journal messages as well as QHST/CPF logs. Our integrations with the two above partners provide real-time event streams including their value added capabilities for customers of those agents while our native agent provides very effective, efficient and configurable scheduled gathering at no additional cost.”

    Q1 Labs touts itself as the leading provider of SIEM solutions, a position it is now claiming since Arcsight was snapped up by HP. The privately held company, which is based in Waltham, Massachusetts, claims to have 1,250 customers around the world. For more information, see www.q1labs.com.

    This article has been corrected. Arcsight was acquired by Hewlett-Packard, not IBM. IT Jungle regrets the error.



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    Maxava

    Migrate IBM i with Confidence

    Tired of costly and risky migrations? Maxava Migrate Live minimizes disruption with seamless transitions.

    Upgrading to Power10, Power11, or cloud hosted system, Maxava has you covered!

    Book A Consultation Today

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    PowerTech:  FREE Webinar! Reduce the Cost and Effort of IBM i Auditing. Sept. 29, 10 a.m. CT
    LANSA:  2010 iPulse Survey. Taking the pulse of the IBM i market. Get a chance to win an iPad!
    COMMON:  Join us at the Fall 2010 Conference & Expo, Oct. 4 - 6, in San Antonio, Texas

    IT Jungle Store Top Book Picks

    Easy Steps to Internet Programming for AS/400, iSeries, and System i: List Price, $49.95
    The iSeries Express Web Implementer's Guide: List Price, $49.95
    The System i RPG & RPG IV Tutorial and Lab Exercises: List Price, $59.95
    The System i Pocket RPG & RPG IV Guide: List Price, $69.95
    The iSeries Pocket Database Guide: List Price, $59.00
    The iSeries Pocket SQL Guide: List Price, $59.00
    The iSeries Pocket Query Guide: List Price, $49.00
    The iSeries Pocket WebFacing Primer: List Price, $39.00
    Migrating to WebSphere Express for iSeries: List Price, $49.00
    Getting Started With WebSphere Development Studio Client for iSeries: List Price, $89.00
    Getting Started with WebSphere Express for iSeries: List Price, $49.00
    Can the AS/400 Survive IBM?: List Price, $49.00
    Chip Wars: List Price, $29.95

    Q Software to Widen Market for Security Tools The Little Power7 Engines That Could–And Those That Won’t

    Leave a Reply Cancel reply

Volume 10, Number 34 -- September 28, 2010
THIS ISSUE SPONSORED BY:

PowerTech
Help/Systems
iSeries DevCon2010
VAULT400
Connectria Hosting

Table of Contents

  • Q1 Labs Adds IBM i, Social Media Monitoring to SIEM
  • Software Vendors Adapt to the Social Media
  • JDE Fulfillment App Efficiently Allocates Constrained Supply
  • Big Blue and Brown: Varsity and UPS Join SAP in Partnership
  • ASG Revs Job Scheduler, Which Supports IBM i
  • IBM Updates Optim Data Archiving Software
  • Safestone Goes AIX with Log Management and Compliance
  • Connectria to Run IBM i Servers for Ansell Healthcare
  • Infor Bolsters Hotel Software Business with Acquisition
  • Q Software to Widen Market for Security Tools

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • With Power11, Power Systems “Go To Eleven”
  • With Subscription Price, IBM i P20 And P30 Tiers Get Bigger Bundles
  • Izzi Buys CNX, Eyes Valence Port To System Z
  • IBM i Shops “Attacking” Security Concerns, Study Shows
  • IBM i PTF Guide, Volume 27, Number 26
  • Liam Allan Shares What’s Coming Next With Code For IBM i
  • From Stable To Scalable: Visual LANSA 16 Powers IBM i Growth – Launching July 8
  • VS Code Will Be The Heart Of The Modern IBM i Platform
  • The AS/400: A 37-Year-Old Dog That Loves To Learn New Tricks
  • IBM i PTF Guide, Volume 27, Number 25

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle