cart

Members

Join Login

Membership and collaboration facilitated by Member 365.

Members

Join Login

Membership and collaboration facilitated by Member 365.

22nd Colloquium

Qradar Advisor with Watson: A cognitive solution for SIEM Analyst

  • Concluded
  • June 11, 2018
  • 2:45 PM to 4:00 PM
  • Pelican I

An average size organization typically generates millions of events daily, ranging from firewall incidents to intrusion prevention system alerts. These events are sent to a security information and event management (SIEM) system such as IBM’s QRadar for real time analysis of threats. These incidents have a lot of false positives. Moreover, organizations have limited man hours, and cannot afford to spend time investigating false positives. There may also be shortage of skillsets to effectively investigate an incident in a timely manner. To overcome these challenges IBM utilizes the artificial intelligence, machine learning and cognitive computing capabilities of QRadar Advisor with Watson. In this breakout session, we will demonstrate how Qradar advisor facilitates security analysts in their daily tasks, talk about the underlying machine learning and cognitive infrastructure, and discuss the importance of introducing cognitive capabilities into cybersecurity education.


Moazzam Khan

Moazzam Khan has been a security researcher with Watson for Cyber Security group. His research interests involve big data analytics, security intelligence, machine learning. He has authored several collections on recent threats on IBM's threat intelligence platform XFE. Prior to joining Watson for cyber security group Moazzam had worked with L3 engineering team with GX and XGS suite of intrusion prevention systems, Proventia M series and Enterprise Scanner. Moazzam holds a doctorate from Georgia Institute of Technologies in Electrical and Computer Engineering and teaches network communication, security and data science courses as adjunct faculty.

Last modified on Thursday, 31 May 2018 15:11

The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's goal is to work together to define current and emerging requirements for information assurance education and to influence and encourage the development and expansion of information assurance curricula, especially at the graduate and undergraduate levels.


giving

Save money and support the Colloquium for Information Systems Security Education.


Recent Posts