Skip to content
WWT LogoWWT Logo Text
The ATC
Search...
Ctrl K
Top page results
See all search results
Featured Solutions
What's trending
Help Center
Log In
What we do
Our capabilities
AI & DataAutomationCloudConsulting & EngineeringData CenterDigitalSustainabilityImplementation ServicesLab HostingMobilityNetworkingSecurityStrategic ResourcingSupply Chain & Integration
Industries
EnergyFinancial ServicesGlobal Service ProviderHealthcareLife SciencesManufacturingPublic SectorRetailUtilities
Featured today
Learn from us
Hands on
AI Proving GroundCyber RangeLabs & Learning
Insights
ArticlesBlogCase StudiesPodcastsResearchWWT Presents
Come together
CommunitiesEvents
Featured learning path
Who we are
Our organization
About UsOur LeadershipLocationsSustainabilityNewsroom
Join the team
All CareersCareers in AmericaAsia Pacific CareersEMEA CareersInternship Program
WWT in the news
Our partners
Strategic partners
CiscoDell TechnologiesHewlett Packard EnterpriseNetAppF5IntelNVIDIAMicrosoftPalo Alto NetworksAWS
Partner spotlight
What we do
Our capabilities
AI & DataAutomationCloudConsulting & EngineeringData CenterDigitalSustainabilityImplementation ServicesLab HostingMobilityNetworkingSecurityStrategic ResourcingSupply Chain & Integration
Industries
EnergyFinancial ServicesGlobal Service ProviderHealthcareLife SciencesManufacturingPublic SectorRetailUtilities
Learn from us
Hands on
AI Proving GroundCyber RangeLabs & Learning
Insights
ArticlesBlogCase StudiesPodcastsResearchWWT Presents
Come together
CommunitiesEvents
Who we are
Our organization
About UsOur LeadershipLocationsSustainabilityNewsroom
Join the team
All CareersCareers in AmericaAsia Pacific CareersEMEA CareersInternship Program
Our partners
Strategic partners
CiscoDell TechnologiesHewlett Packard EnterpriseNetAppF5IntelNVIDIAMicrosoftPalo Alto NetworksAWS
The ATC
IBMSecurity OperationsSecurity
Video
•
39
views
•
41:24
•

April 14, 2023

QRadar XDR Live on CP4S SaaS Platform

See It - SOAR-XDRC- Ransomware Watch a video demonstration of the IBM QRadar Ransomware use case being delivered

The objective of this demo is to highlight how you can use QRadar SOAR and XDR Connect running on Cloud Pak for Security to detect and respond to a ransomware attack. Cloud Pak for Security can run on-prem or in the cloud. You can use it to integrate your existing infrastructure without ripping any part and leaving security data at the source. Thus, your current investments in EDR, SIEM, and other security tools are better seamlessly integrated, and your security analyst can do all work from the single the QRadar XDR console.

The Cloud Pak for Security platform can host multiple apps that security analysts can use in daily work. In this demo, we are focusing on Threat Intelligence Insight, Data Explorer, and SOAR app and leveraging the integrations with data from the following sources: - AWS - Guardium - Azure Sentinel - QRadar - Carbon Black - Splunk - Elastic Search The solution also leverages SOAR integration with Active Directory and Ansible scripts to integrate with endpoints. Those integrations can help to orchestrate a response to discovered security incidents. For this ransomware demo, we are using Ryuk ransomware which was very hot topic in 2020 and beyond.According to the securityintelligence.com1:The Ryuk ransomware operators continue to target critical infrastructure and extract high ransom payments from vulnerable groups, including an attack on a large health care organization. 

The victims are 90,000 employees and around 400 hospitals, outpatient clinics,and behavioural health centres. Other Ryuk ransomware victims include several oil and gas companies, a U.S. agency, a large engineering and construction services firm, city and county government, a financial software provider, a food and drink manufacturer, a newspaper. In June 2020, the FBI issued an alert warning that Ryuk ransomware operators were targeting K-12 educational institutions.The cybereason.com2 stated that according to federal investigations, since its inception, Ryuk has been used to target large organizations to great effect, having accumulated as much as$61.26 million in ransom payments.Let's show how the SOAR and XDR Connect on Cloud Pak for Security platform detects and responds to ransomware attacks.

Technologies

Contributors

Reginald Joseph
Technical Solutions Architect - Cyber Security
  • About
  • Careers
  • Locations
  • Help Center
  • Sustainability
  • Blog
  • News
  • Press Kit
  • Contact Us
© 2025 World Wide Technology. All Rights Reserved
  • Privacy Policy
  • Acceptable Use Policy
  • Information Security
  • Supplier Management
  • Quality
  • Cookies