Skip to content

Cyber Resiliency Solutions with IBM QRadar, IBM Storage products and vendor products

License

Notifications You must be signed in to change notification settings

IBM/cyber-resiliency-solutions

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 

Repository files navigation

Cyber Resiliency Solutions with IBM QRadar

This repository contains links to solution blueprints, video demos and Python code published for all the cyber resiliency solutions for various IBM Storage Products and third party vendor products

Following solutions are currently published. Keep watching this space for new additions.

  • IBM Spectrum CDM + FlashSystem Safeguarded copy for SQL database

  • IBM DS8000 Safeguarded Copy

  • Brocade SAN FOS

IBM Spectrum CDM + FlashSystem Safeguarded copy for SQL database

The focus of this solution is to highlight early threat detection by IBM® QRadar® and to proactively start a cyber resilience workflow in response to a malicious uer actions.

The workflow uses IBM Spectrum Copy Data Management (SCDM) as orchestration software and initiates restore from last Safeguarded Copy backup to a clean environment.

The resources published for this solution are as following.

Type Reference Comment
GitHub Repository ibm-qradar-cdm-fs-safeguarded-copy Use the link to visit the GitHub repository containing Python code
Document Blueprint Solution blueprint

IBM DS8000 Safeguarded Copy

The focus of this solution is to highlight early threat detection by IBM® QRadar® and to proactively start a cyber resilience workflow in response to a cyberattack or malicious user actions.

The workflow uses IBM Copy Services Manager (CSM) as orchestration software to start IBM DS8000® Safeguarded Copy functions. The Safeguarded Copy creates an immutable copy of the data in an air-gapped form on the same DS8000 system for isolation and eventual quick recovery.

The resources published for this solution are provided below.

Type Reference Comment
GitHub Repository ibm-qradar-ds8k-sgc-csm Use the link to visit the GitHub repository containing Python code written to invoke Copy Services Manager pre-configured scheduled task to invoke SafeguardedCopy on DS8000
Document Blueprint Solution blueprint
Video Video demo Video demo of the solution

Brocade SAN FOS

Enterprise networks are large and rely on numerous connected endpoints to ensure smooth operational efficiency. However, they also present a challenge from a security perspective.

The focus this solution is to demonstrate an early threat detection using IBM QRadar, against network fabcic powered by Brocade SAN FOS.

The resources published for this solution are provided below.

Type Reference Comment
GitHub Repository ibm-qradar-brocade Use the link to visit the GitHub repository containing Python code written to bridge the gap between IBM QRadar and Brocade SAN FOS.
Document Blueprint Solution blueprint
Video Video demo Video demo of the solution

About

Cyber Resiliency Solutions with IBM QRadar, IBM Storage products and vendor products

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published