Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy:
The focus of this Blueprint publication is to highlight the early threat detection capabilities of IBM® QRadar® and to show how to proactively start a cyber-resilience workflow in response to a cyberattack or malicious user actions. The workflow uses IBM's Copy Services Manager as orchestration...
Gespeichert in:
| Körperschaft: | |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | Englisch |
| Veröffentlicht: |
[Place of publication not identified]
IBM
2022
|
| Ausgabe: | [First edition]. |
| Schriftenreihe: | IBM Redbooks
|
| Schlagwörter: | |
| Links: | https://learning.oreilly.com/library/view/-/9780738460628/?ar |
| Zusammenfassung: | The focus of this Blueprint publication is to highlight the early threat detection capabilities of IBM® QRadar® and to show how to proactively start a cyber-resilience workflow in response to a cyberattack or malicious user actions. The workflow uses IBM's Copy Services Manager as orchestration software to start IBM Spectrum Virtualize for Public Cloud (SV4PC) Safeguarded Copy functions. The IBM SV4PC Safeguarded Copy function creates an immutable copy of the data in an air-gapped form on the same IBM SV4PC on Azure for isolation and eventual quick recovery. This document describes the steps that are involved to enable and forward IBM SV4PC audit logs to IBM QRadar. It also describes how to create various rules to determine a threat, and configure and start a suitable response to the detected threat in IBM QRadar. This document also explains how to register a storage system and create a scheduled task by using IBM Copy Services Manager. Finally, this document also describes deploying IBM QRadar and SV4PC on Azure. A use case for protecting the MS SQL database (DB) volume that was created on IBM SV4PC is included. Upon threat detection on a database volume, Safeguarded Copy is started for IBM SV4PC volume. The Safeguarded Copy creates an immutable copy of the data. The same data volume can be recovered or restored by using IBM's Copy Services Manager. |
| Umfang: | 1 Online-Ressource (50 Seiten) illustrations |
| ISBN: | 9780738460628 0738460621 |
Internformat
MARC
| LEADER | 00000cam a22000002 4500 | ||
|---|---|---|---|
| 001 | ZDB-30-ORH-081562268 | ||
| 003 | DE-627-1 | ||
| 005 | 20240228121736.0 | ||
| 007 | cr uuu---uuuuu | ||
| 008 | 220815s2022 xx |||||o 00| ||eng c | ||
| 020 | |a 9780738460628 |c electronic bk. |9 978-0-7384-6062-8 | ||
| 020 | |a 0738460621 |c electronic bk. |9 0-7384-6062-1 | ||
| 035 | |a (DE-627-1)081562268 | ||
| 035 | |a (DE-599)KEP081562268 | ||
| 035 | |a (ORHE)9780738460628 | ||
| 035 | |a (DE-627-1)081562268 | ||
| 040 | |a DE-627 |b ger |c DE-627 |e rda | ||
| 041 | |a eng | ||
| 082 | 0 | |a 005.8 |2 23/eng/20220719 | |
| 245 | 1 | 0 | |a Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy |c IBM |
| 250 | |a [First edition]. | ||
| 264 | 1 | |a [Place of publication not identified] |b IBM |c 2022 | |
| 300 | |a 1 Online-Ressource (50 Seiten) |b illustrations | ||
| 336 | |a Text |b txt |2 rdacontent | ||
| 337 | |a Computermedien |b c |2 rdamedia | ||
| 338 | |a Online-Ressource |b cr |2 rdacarrier | ||
| 490 | 0 | |a IBM Redbooks | |
| 520 | |a The focus of this Blueprint publication is to highlight the early threat detection capabilities of IBM® QRadar® and to show how to proactively start a cyber-resilience workflow in response to a cyberattack or malicious user actions. The workflow uses IBM's Copy Services Manager as orchestration software to start IBM Spectrum Virtualize for Public Cloud (SV4PC) Safeguarded Copy functions. The IBM SV4PC Safeguarded Copy function creates an immutable copy of the data in an air-gapped form on the same IBM SV4PC on Azure for isolation and eventual quick recovery. This document describes the steps that are involved to enable and forward IBM SV4PC audit logs to IBM QRadar. It also describes how to create various rules to determine a threat, and configure and start a suitable response to the detected threat in IBM QRadar. This document also explains how to register a storage system and create a scheduled task by using IBM Copy Services Manager. Finally, this document also describes deploying IBM QRadar and SV4PC on Azure. A use case for protecting the MS SQL database (DB) volume that was created on IBM SV4PC is included. Upon threat detection on a database volume, Safeguarded Copy is started for IBM SV4PC volume. The Safeguarded Copy creates an immutable copy of the data. The same data volume can be recovered or restored by using IBM's Copy Services Manager. | ||
| 650 | 0 | |a Cyber intelligence (Computer security) | |
| 650 | 0 | |a Computer networks |x Security measures | |
| 650 | 0 | |a Internet |x Security measures | |
| 650 | 4 | |a Surveillance des menaces informatiques | |
| 650 | 4 | |a Réseaux d'ordinateurs ; Sécurité ; Mesures | |
| 650 | 4 | |a Internet ; Sécurité ; Mesures | |
| 650 | 4 | |a Computer networks ; Security measures | |
| 650 | 4 | |a Cyber intelligence (Computer security) | |
| 650 | 4 | |a Internet ; Security measures | |
| 710 | 2 | |a International Business Machines Corporation, |e MitwirkendeR |4 ctb | |
| 966 | 4 | 0 | |l DE-91 |p ZDB-30-ORH |q TUM_PDA_ORH |u https://learning.oreilly.com/library/view/-/9780738460628/?ar |m X:ORHE |x Aggregator |z lizenzpflichtig |3 Volltext |
| 912 | |a ZDB-30-ORH | ||
| 912 | |a ZDB-30-ORH | ||
| 951 | |a BO | ||
| 912 | |a ZDB-30-ORH | ||
| 049 | |a DE-91 | ||
Datensatz im Suchindex
| DE-BY-TUM_katkey | ZDB-30-ORH-081562268 |
|---|---|
| _version_ | 1821494819789209600 |
| adam_text | |
| any_adam_object | |
| author_corporate | International Business Machines Corporation |
| author_corporate_role | ctb |
| author_facet | International Business Machines Corporation |
| building | Verbundindex |
| bvnumber | localTUM |
| collection | ZDB-30-ORH |
| ctrlnum | (DE-627-1)081562268 (DE-599)KEP081562268 (ORHE)9780738460628 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| edition | [First edition]. |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>03161cam a22004692 4500</leader><controlfield tag="001">ZDB-30-ORH-081562268</controlfield><controlfield tag="003">DE-627-1</controlfield><controlfield tag="005">20240228121736.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">220815s2022 xx |||||o 00| ||eng c</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780738460628</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">978-0-7384-6062-8</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0738460621</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">0-7384-6062-1</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627-1)081562268</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)KEP081562268</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(ORHE)9780738460628</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627-1)081562268</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rda</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23/eng/20220719</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy</subfield><subfield code="c">IBM</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">[First edition].</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">[Place of publication not identified]</subfield><subfield code="b">IBM</subfield><subfield code="c">2022</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (50 Seiten)</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">IBM Redbooks</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">The focus of this Blueprint publication is to highlight the early threat detection capabilities of IBM® QRadar® and to show how to proactively start a cyber-resilience workflow in response to a cyberattack or malicious user actions. The workflow uses IBM's Copy Services Manager as orchestration software to start IBM Spectrum Virtualize for Public Cloud (SV4PC) Safeguarded Copy functions. The IBM SV4PC Safeguarded Copy function creates an immutable copy of the data in an air-gapped form on the same IBM SV4PC on Azure for isolation and eventual quick recovery. This document describes the steps that are involved to enable and forward IBM SV4PC audit logs to IBM QRadar. It also describes how to create various rules to determine a threat, and configure and start a suitable response to the detected threat in IBM QRadar. This document also explains how to register a storage system and create a scheduled task by using IBM Copy Services Manager. Finally, this document also describes deploying IBM QRadar and SV4PC on Azure. A use case for protecting the MS SQL database (DB) volume that was created on IBM SV4PC is included. Upon threat detection on a database volume, Safeguarded Copy is started for IBM SV4PC volume. The Safeguarded Copy creates an immutable copy of the data. The same data volume can be recovered or restored by using IBM's Copy Services Manager.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Cyber intelligence (Computer security)</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Internet</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Surveillance des menaces informatiques</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Réseaux d'ordinateurs ; Sécurité ; Mesures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Internet ; Sécurité ; Mesures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks ; Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cyber intelligence (Computer security)</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Internet ; Security measures</subfield></datafield><datafield tag="710" ind1="2" ind2=" "><subfield code="a">International Business Machines Corporation,</subfield><subfield code="e">MitwirkendeR</subfield><subfield code="4">ctb</subfield></datafield><datafield tag="966" ind1="4" ind2="0"><subfield code="l">DE-91</subfield><subfield code="p">ZDB-30-ORH</subfield><subfield code="q">TUM_PDA_ORH</subfield><subfield code="u">https://learning.oreilly.com/library/view/-/9780738460628/?ar</subfield><subfield code="m">X:ORHE</subfield><subfield code="x">Aggregator</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">BO</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-30-ORH</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-91</subfield></datafield></record></collection> |
| id | ZDB-30-ORH-081562268 |
| illustrated | Illustrated |
| indexdate | 2025-01-17T11:20:27Z |
| institution | BVB |
| isbn | 9780738460628 0738460621 |
| language | English |
| open_access_boolean | |
| owner | DE-91 DE-BY-TUM |
| owner_facet | DE-91 DE-BY-TUM |
| physical | 1 Online-Ressource (50 Seiten) illustrations |
| psigel | ZDB-30-ORH TUM_PDA_ORH ZDB-30-ORH |
| publishDate | 2022 |
| publishDateSearch | 2022 |
| publishDateSort | 2022 |
| publisher | IBM |
| record_format | marc |
| series2 | IBM Redbooks |
| spelling | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy IBM [First edition]. [Place of publication not identified] IBM 2022 1 Online-Ressource (50 Seiten) illustrations Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier IBM Redbooks The focus of this Blueprint publication is to highlight the early threat detection capabilities of IBM® QRadar® and to show how to proactively start a cyber-resilience workflow in response to a cyberattack or malicious user actions. The workflow uses IBM's Copy Services Manager as orchestration software to start IBM Spectrum Virtualize for Public Cloud (SV4PC) Safeguarded Copy functions. The IBM SV4PC Safeguarded Copy function creates an immutable copy of the data in an air-gapped form on the same IBM SV4PC on Azure for isolation and eventual quick recovery. This document describes the steps that are involved to enable and forward IBM SV4PC audit logs to IBM QRadar. It also describes how to create various rules to determine a threat, and configure and start a suitable response to the detected threat in IBM QRadar. This document also explains how to register a storage system and create a scheduled task by using IBM Copy Services Manager. Finally, this document also describes deploying IBM QRadar and SV4PC on Azure. A use case for protecting the MS SQL database (DB) volume that was created on IBM SV4PC is included. Upon threat detection on a database volume, Safeguarded Copy is started for IBM SV4PC volume. The Safeguarded Copy creates an immutable copy of the data. The same data volume can be recovered or restored by using IBM's Copy Services Manager. Cyber intelligence (Computer security) Computer networks Security measures Internet Security measures Surveillance des menaces informatiques Réseaux d'ordinateurs ; Sécurité ; Mesures Internet ; Sécurité ; Mesures Computer networks ; Security measures Internet ; Security measures International Business Machines Corporation, MitwirkendeR ctb |
| spellingShingle | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy Cyber intelligence (Computer security) Computer networks Security measures Internet Security measures Surveillance des menaces informatiques Réseaux d'ordinateurs ; Sécurité ; Mesures Internet ; Sécurité ; Mesures Computer networks ; Security measures Internet ; Security measures |
| title | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy |
| title_auth | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy |
| title_exact_search | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy |
| title_full | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy IBM |
| title_fullStr | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy IBM |
| title_full_unstemmed | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy IBM |
| title_short | Cyber resiliency with IBM QRadar and IBM Spectrum Virtualize for Public Cloud on Azure with IBM Copy Services Manager for Safeguarded Copy |
| title_sort | cyber resiliency with ibm qradar and ibm spectrum virtualize for public cloud on azure with ibm copy services manager for safeguarded copy |
| topic | Cyber intelligence (Computer security) Computer networks Security measures Internet Security measures Surveillance des menaces informatiques Réseaux d'ordinateurs ; Sécurité ; Mesures Internet ; Sécurité ; Mesures Computer networks ; Security measures Internet ; Security measures |
| topic_facet | Cyber intelligence (Computer security) Computer networks Security measures Internet Security measures Surveillance des menaces informatiques Réseaux d'ordinateurs ; Sécurité ; Mesures Internet ; Sécurité ; Mesures Computer networks ; Security measures Internet ; Security measures |
| work_keys_str_mv | AT internationalbusinessmachinescorporation cyberresiliencywithibmqradarandibmspectrumvirtualizeforpubliccloudonazurewithibmcopyservicesmanagerforsafeguardedcopy |