The proposed talk provides a practical introduction to the development of interactive security applications, using a specialized framework designed by IBM to help overcome the ever-growing number of cyber-attacks on commercial and government computer infrastructures.
The business problem – securing corporate networks. A typical corporate network contains thousands of devices and applications, a very large number of complex connections, and an undetermined number of unprotected vulnerabilities. Those networks are under constant attacks. To be successful, an attacker needs to exploit only one weakness. The defenders of the attacked network, however, must address them all. Thus, attackers essentially have an “asymmetrical advantage” in their favor, which they are exploiting it to their definite advantage. To counter this threat, security analysts need effective methods to detect security breaches and, equally importantly, to respond to security incidents.
In this talk, I will present a capability called QRadar App Framework, that is used to develop new application modules on top of IBM’s QRadar SIEM system. This framework enables easy development of new application modules that integrate with the existing SIEM user interface and expose new capabilities, thereby injecting new UI and workflow content to significantly expand the base platform. Moreover, by developing applications within the SIEM system, information from multiple sources can be integrated so as to add context to existing information stored in the therein. An added benefit of the QRadar App Framework is the ability to share GUI apps, through an App exchange, among other security analysis, even in different organizations, and across other systems.
Bar Haim is a research scientist at the IBM Cybersecurity Center of Excellence at Beet Sheva lab, where he is responsible for the Center’s UI design activities. Mr. Haim routinely supports IBM clients on developing applications on top of the QRadar App Framework, and has taken a key part in the development of IBM’s well-publicized User Behavior
Analytics product, which leverages the App Framework. A recent graduate of Ben- Gurion University, Bar is deeply involved with the Israeli programmer community and takes a special pleasure in promoting and contributing to rapid
prototyping through local hackathons.