QRADAR

The intelligent SIEM solution

QRadar in a few words…
IBM QRadar Security Information and Event Management (SIEM) helps security teams to accurately detect and prioritize threats across the enterprise.
QRadar provides Cyber Security teams with intelligent lighting enabling them to react quickly to an incident or threat.
In addition to consolidate logging events and network flow data from thousands of devices, QRadar correlates all this information and aggregates related events into single alerts to accelerate problem analysis and resolution.

Abakus Sécurité – IBM GOLD partner – is an expert in the areas of “Threat Management” and “Digital Trust” and allows you to make the best use of the intelligence of IBM QRadar to help you resist possible security threats and data breaches.

2020 Gartner Magic Quadrant for SIEM Systems
Gartner named IBM a leader in the latest Gartner Magic Quadrant for Security Information and Event Management (SIEM) for the 11th consecutive time.
Feel free to ask for a free demonstration or PoC (Proof of Concept)
Contact our team for a free demonstration or to assist you in a proof of concept (PoC) process of the solution to discover the advantages of the IBM QRadar platform.
Pricing

The price of the QRadar solution depends mainly on two metrics:

  • EPS (Events per second)
  • FPM (Flux per minute)

Our team – as a GOLD IBM Security partner – will be happy to provide you with a quote after a personalized analysis of your real needs.

Our range of services

Consulting & coaching

Abakus Sécurité’s QRadar certified team offers consulting and coaching services around the QRadar SIEM. We can assist you throughout your project cycle regardless of the Cyber Security maturity of your teams to align the capabilities of the platform with your infrastructure and your needs.
In order to facilitate the introduction of QRadar in your business, we can support assist you on the following aspects:

  • Methodology of implementation
  • Architecture and dimensioning
  • Construction (build) of your platform
  • Operation (run) of your platform
  • Supervision of your platform
  • Enrichment of use cases
  • Implementation / coupling of “Threat Intelligence” with QRadar (Misp, et al.)
  • Definition of roles and responsibilities (governance) associated with the platform

Our teams are certified and have a background in terms of their operational and functional experiences to assist you and share their experiences with competence and confidence!

Audit & Analysis

Beyond QRadar technical certifications, we have IBM Security Champion recognition for fiscal year 2019 (the only French nominees in 2019) and 2020.
Do you want to know the condition of your platform, its level of maturity or simply have an action plan with some recommendations? Feel free to contact us for an audit.
Our service is organized along the following areas:

  • Human, via an interview and a questionnaire
  • Technical, via a survey and collection of information
  • Analytical, analysis and its summary report
  • Educational, via exposed scenarios and recommendations

We consider human interactions to be very important. This is why the first step is to present our approach followed by a few interviews to better understand your expectations.

Integration & deployment

Exceptionally, we have the “Proficiency in QRadar SIEM Deployment” certification.
This certification is awarded by an IBM World Expert Jury after submission and validation of a successful deployment accompanied by a customer testimonial.
This guarantees the quality of our services and allows us to display our expertise to plan, install, configure, optimize, adjust, debug and operate the system of an IBM QRadar SIEM deployment. Our approach is divided into 3 main steps:

  • Workshops (network hierarchy, assets, dashboard – Pulse, report, methodology use cases)
  • Integration (installation, deployment, logs, use cases, governance, performance)
  • Validation (software infrastructure)

It also demonstrates that we have practical field experience to successfully implement an IBM QRadar SIEM deployment.

Migration

Full support for the QRadar platform from the vendor is for version N and N-1. In order to benefit from this coverag you must always remain within these version levels at least for a secure and up-to-date overall compliance policy.
We can help you with your QRadar migrations or updates. This operation can be completely carried out in support or in coaching / transfer your teams to help them to become autonomous and to develop skills. To this end, we have a methodology already implemented for our customers, with supporting chronogram and complete validation sheets to make sure that the operation went well.

Maintenance, Repair, and Operations

Free yourself from the maintenance of QRadar: thanks to our QRadar certified teams, relieve your teams of administrative and technical operational tasks in order to focus them on their real Cyber Security business.
Our consultants have the latest QRadar certifications with operational field experience allowing you to benefit from our experience.
Thanks to this offer, we provide a specific support portal. Assurance and Simplification are the two guidelines that guide us to get you the most out of QRadar.

Development (DSM)

Our teams are experienced in the development of personalized DSM (Device Support Module) for our customers as well as for recognized market editors.
We have true references in this area with mainly French publishers in supporting the creation of the recognition of their products in QRadar until the publication in the “IBM Market Place” of their DSM.
We can accompany you or provide this service as a package.
Training

Abakus Sécurité also has training accreditation.
Our SIEM field consultants run a series of hands-on training sessions to share their knowledge of managing QRadar with your security team.
We offer remote training sessions (Webex and remote labs), on your site or at our partner Global Knowledge.
Our courses and our QRadar exercises are in French, developed and improved based on our feedback. They strongly contribute to the success of your teams for the QRadar certification.
We have also written a specific course (in French) to complement the SOC analyst course.
Do not hesitate to contact us to discuss this subject!

Certified experts for quality services

Working with Abakus Sécurité

Abakus Sécurité and its QRadar certified Blue Team are available to help you with any implementation, training or support projects around the QRadar platform.

Examples of achievements

(Gov) Deployment of QRadar for a SOC

Implementation of a SIEM as part of a strengthening and a rationalization of infringement alerts within the SOC. Consulting, architecture validation, expertise, integration of distributed deployment (> 10 devices) and integration of logs and flows (Napatech). This service was followed by integration and implementation of the base and incident response tools, then by L3 expertise.

(GOV) Implementation of a SIEM as part of the strengthening and centralization of the security of several sensitive sites in HA (High availability) and DR (Disaster Revovery)
Expertise, definition of the architecture, validation of different implementation scenarios, QRadar training for teams and roadmaps for production.
Brainstorming with client teams on the implementation of inter-site governance as well as specific business use cases.
(Third Party Host 3) Implementation of a QRadar SIEM in multi-tenant mode to manage the operator’s customers
Expertise, implementation, support in the construction of the managed service offer and QRadar training for the teams.
(Industry) Implementation of the multi-country QRadar SIEM and support for Cyber Security
Expertise, implementation, support, DSM development and use cases in relation to the industrial market and QRadar training for teams.
(Real estate) MRO of the QRadar platform
Maintenance, Repair, and Operations and support for teams of the solution including a SIEM QRadar, QVM, Risk Manager, EP, EC deployment as well as devices in Amazon AWS and Microsoft Azur Cloud environments (> 20K EPS).

(Software publisher) Development of the QRadar DSM until it is made available on the QRadar marketplace

Brainstorming, sharing and study for the development of a QRadar connector for this sovereign software until validation with IBM teams for acceptance on the IBM “market place”.