Book description
The focus of this blueprint is to highlight early threat detection by IBM® QRadar® and to proactively start a cyber resilience workflow in response to a cyberattack or malicious user actions.
The workflow uses IBM Copy Services Manager (CSM) as orchestration software to start IBM DS8000® Safeguarded Copy functions. The Safeguarded Copy creates an immutable copy of the data in an air-gapped form on the same DS8000 system for isolation and eventual quick recovery.
This document also explains the steps that are involved to enable and forward IBM DS8000 audit logs to IBM QRadar.
It also discusses how to use create various rules to determine a threat, and configure and start a suitable response to the detected threat in IBM QRadar.
Finally, this document explains how to register a storage system and create a Scheduled Task by using CSM.
Product information
- Title: Early Threat Detection and Safeguarding Data with IBM QRadar and IBM Copy Services Manager on IBM DS8000
- Author(s):
- Release date: April 2022
- Publisher(s): IBM Redbooks
- ISBN: 9780738460406
You might also like
book
IBM QRadar Version 7.3 Planning and Installation Guide
Abstract With the advances of technology and the reoccurrence of data leaks, cyber security is a …
book
Winning with Underdogs: How Hiring the Least Likely Candidates Can Spark Creativity, Improve Service, and Boost Profits for Your Business
Hiring the least likely candidates and turning them into high-potential employees is not only a winning …
book
In the Line of Fire, 3rd Edition
In this fully-updated edition of his classic In the Line of Fire, the world’s #1 presentation …
book
Computation in BioInformatics
COMPUTATION IN BIOINFORMATICS Bioinformatics is a platform between the biology and information technology and this book …