Catching Data Loss with Application Monitoring

Every day, a company can expose sensitive information through applications like email, file transfer, web applications and more. The 2011 CyberSecurity Watch Survey conducted by CSO magazine and sponsored by Deloitte found that 33 percent viewed inside attacks as more costly, an increase of 8 percent over last year. Application-aware network monitoring provides IT and security professionals with the ability to gain deep information about all conversations at the application layer and provides a more thorough understanding of complex applications including voice over IP (VoIP), Multimedia, ERP and database.

Since virtual servers are just as susceptible to security vulnerabilities as physical servers, organizations most also define and implement appropriate precautionary measures to protect their applications and data that reside within the virtual data center.

QRadar monitors applications by gathering data directly from the application and underlying application platform as well as monitoring application traffic and behavior as it traverses the network through detailed layer 7 traffic analysis. Integrating these approaches provides more complete context relative to application usage, performance and health.

With increased visibility into the vast amount of business application activity appearing across their corporate and virtual networks, QRadar can help organizations identify security gaps and out of policy activity in critical business services and applications such as ERP, VoIP, databases and other networked applications. QRadar identifies and detects:

• Unauthorized Applications usage or access
• Data Loss such as sensitive data being transmitted to unauthorized destinations, or relative to VoIP even toll fraud.
• Application Configuration Issues such as privileged access exceptions
• Application Misuse.
• Passive detection of application performance issues such as loss of service, or over usage.