Janrain, a provider of customer identity and access management (CIAM) solutions, has integrated with major security information and event management (SIEM) systems, such as IBM QRadar and others, to provide security operations center (SOC) analysts with early detection and response to a wider swath of suspicious activities and possible security threats.
Janrain is now making its event data available in a format that SIEM programs can consume and analyze. By combining Janrain’s data with the network traffic, server logs, and other data ingested by their SIEM or log analysis platforms, clients see a higher signal-to-noise ratio and can look in real time at user activities related to registration, login/logout, and profile modifications, such as password resets, password and email changes, and back-end configuration changes.
“Customer identity should be a central pillar in any security conversation since user accounts are often what’s hijacked by hackers to gain access to customer data,” said Tim Gasper, director of product management for data and analytics at Janrain, in a statement. “While the Janrain Identity Cloud already monitors for threats in real time with a wide variety of security and compliance-ready features, Janrain’s SIEM integration gives customers the ability to bring a wider variety of event data points into their own SIEM platform for a much more holistic approach to cybersecurity and risk management.”
With Janrain SIEM Integration, clients can track registration and login events associated with their metadata, including IP addresses, registration, login, authorization, user behavior analytics, and other Janrain data across all Janrain-connected web sites, mobile applications, and identity integrations. The event data Janrain provides is streamed to the SIEM system in real time or, optionally, in batch mode, and can be processed through data visualization and other tools.
“Adding real-time CIAM login data into IBM QRadar gives our clients another critical data source for their security intelligence platform,” said Chris Meenan, director of strategy at IBM Security, in a statement. “With Janrain’s data included in our consolidated log event and network flow information, security operations center analysts can save time with a single streamlined view that separates false positives from real security offenses as they occur.”