With the advances of technology and the reoccurrence of data leaks, cyber security is a bigger challenge than ever before. Cyber attacks evolve as quickly as the technology itself, and hackers are finding more innovative ways to break security controls to access confidential data and to interrupt services. Hackers reinvent themselves using new technology features as a tool to expose companies and individuals. Therefore, cyber security cannot be reactive but must go a step further by implementing proactive security controls that protect one of the most important assets of every organization: the company’s information.

This IBM® Redbooks® publication provides information about implementing IBM QRadar® for Security Intelligence and Event Monitoring (SIEM) and protecting an organization’s networks through a sophisticated technology, which permits a proactive security posture. It is divided in to the following major sections to facilitate the integration of QRadar with any network architecture:

QRadar is an IBM Security prime product that is designed to be integrated with corporate network devices to keep a real-time monitoring of security events through a centralized console. Through this book, any network or security administrator can understand the product’s features and benefits.

This book was produced by group of specialists with previous experience working on different cybersecurity areas. These six engineers work for IBM Security in the XForce Command Center located in Heredia, Costa Rica.

Elias Carabaguiaz is a Security Intelligence Analyst at IBM Security in Costa Rica. He is a graduated computer engineer with more than 4 years of experience working as a Security Specialist. His technical skills include QRadar, Proventia IPS/IDS, Snort, FireEye, and SourceFire, and he also holds a Project Management Diploma. His previous experience includes Datacenter and Virtualization Engineer, Computer Engineer Teacher, and Security Consultant. Elias is an active contributor in Tecnología Vital Magazine.

Fabian Alfaro has been working with IBM Security for almost 3 years as a QRadar Administrator for the Managed SIEM team in Heredia, Costa Rica. He has more than 6 years of experience in IT and 4 of them working in security technologies. He has broad experience in Juniper firewalling solutions and holds certifications like JNCSP-SEC, JNCIP-SEC, and JNCIS-ENT. He is also certified Associate Analyst in QRadar. His skills include providing technical support of routing, switching, and security solutions. Fabian used to work as a Program Ready Trainer for new engineers while he worked at Juniper Technical Assistance Center in Costa Rica.

Francisco Villalobos is part of the Managed SIEM Security Analysts team located in Heredia, Costa Rica. He has been working for this team since 2015, and holds 6 years of experience working with IT technologies. His areas of expertise include customer services and problem solving. Francisco is a certified Associate Analyst in QRadar.

Jeffry Arias is an information systems engineer with more than 8 years of experience in IT. His background includes activities such as Windows and Linux servers administration, VMware and vCenter management, software development (C++, Java, CSS, HTML, and so on), database administration (Oracle and MySQL), and network administration focused on Cisco and Dell devices. Jeffry is certified as Associate Administrator on QRadar V7.2.8 and an Associate Analyst on QRadar v7.2.6.

Kenneth Gonzalez has more than 10 years of experience on IT services. He used to work as Project Manager and Consultant for telecommunication and security projects to implement Business Continuity and Disaster Recovery plans, improve process controls, and monitor systems, such as IPS, Firewalls, UTMs, Management Servers, and so forth. Kenneth’s qualifications include Certified Ethical Hacking V9, Certified Information Security Manager QRadar V7.2.6, CISA, CISSP, ITILv3, SSCP, among others.

Warren Perez has been working as a SIEM Administrator for the last 2 years in IBM Security. His skills on QRadar include user access management, verifying availability, monitoring database loads, installing and monitoring system patches and upgrades, and so on. Warren has previous experience working as an administrator of Active Directory systems, Linux, and Windows servers and load balancing applications.

Here’s an opportunity to spotlight your skills, grow your career, and become a published author—all at the same time! Join an ITSO residency project and help write a book in your area of expertise, while honing your experience using leading-edge technologies. Your efforts will help to increase product acceptance and customer satisfaction, as you expand your network of technical contacts and relationships. Residencies run from two to six weeks in length, and you can participate either in person or as a remote resident working from your home base.

Find out more about the residency program, browse the residency index, and apply online at:

Your comments are important to us!

We want our books to be as helpful as possible. Send us your comments about this book or other IBM Redbooks publications in one of the following ways:

IBM Corporation, International Technical Support Organization
Dept. HYTD Mail Station P099
2455 South Road
Poughkeepsie, NY 12601-5400