CrowdStrike Update Causes BSOD Issues Globally – Audit Available 🛡️ Learn more

TRY NOW

IBM QRadar Integration

Automatically enrich offense notes, save time and effort while gaining the insights they need to rapidly isolate affected assets, accelerate remediation and minimize potential damage.

  • SIEM solutions aggregate event data produced by security devices, network infrastructure, systems, and applications, and while the primary data source is log data, SIEM technology can also process other forms of data, such as IT Asset data from Lansweeper. With Lansweeper data delivered automatically along with QRadar alerts, users save time and effort while gaining the insights they need to rapidly isolate affected assets, accelerate remediation and minimize potential damage.
  • Lansweeper App for QRadar is freely available to the security community through IBM Security App Exchange, a marketplace where developers across the industry can share applications based on IBM Security technologies. By downloading the app, users will gain the option to configure QRadar to establish connectivity with Lansweeper, enabling up-to-the-minute, complete, and accurate IT asset data to flow effortlessly into the QRadar solution and automatically enrich offense notes. 
  • Lansweeper App for QRadar enables event data to be combined with contextual information from Lansweeper about users, assets, and vulnerabilities, which can be analyzed for insights that enhance network security event monitoring, user activity monitoring, and compliance reporting. It uses the IP/MAC address to fetch Lansweeper enrichment data and populate the information in SIEM alerts. This enables security analysts to access contextual data right from within their SIEM solution, eliminating the need to spend time and effort chasing that information down.  

 

Key Integration Features

Lansweeper App For QRadar – QRadar v7.4.1FP2+ allows users to fetch the context information from the Lansweeper platform for IP and MAC addresses that exist in offenses
generated from event logs associated with different log sources.

Notes in the offenses will be populated by the context information of IP and MAC addresses from Lansweeper which will give insightful information to SOC analysts to take further actions.

Requirements

Lansweeper App for QRadar – QRadar v7.4.1FP2+ (v1.0.0)

QRadar version: 7.4.1 FP2+

Lansweeper License, Cloud-enabled

Lansweeper API Version – v2

Documentation

Download IBM QRadar Integration

Support

NO CREDIT CARD REQUIRED

Ready to get started?
You’ll be up and running in no time.

Explore all our features, free for 14 days.