Last Updated on April 30, 2022
International Business Machines Corporation (IBM) is an American multinational technology corporation headquartered in Armonk, New York. They sell computer hardware, middleware and software employing over 370,000 people.
IBM acquired Red Hat in 2019. But you can trace IBM’s history of open source far further back. They were one of the earliest champions of open source, backing influential communities like Linux, Apache, and Eclipse, advocating open licenses, open governance, and open standards.
IBM also collaborates with Linux organisations. For example, IBM works with Ubuntu in areas like containers, virtualization, Infrastructure-as-a-Service, big data analytics and DevOps to provide reference architectures, support solutions and cloud offerings, both for enterprise data centres and cloud service providers.
The company is involved in many open source projects. For example, they helped to create the Apache Software Foundation, and were also a founder member of the OpenJS Foundation, responsible for the development of the Node.js platform, Appium, Dojo, jQuery and many other products.
There are also many IBM software products published under a proprietary license. This series looks at free and open source alternatives to IBM’s products.
QRadar Security Information and Event Management (SIEM) helps security teams detect, prioritize and respond to threats across the enterprise. It automatically analyses and aggregates log and flow data from thousands of devices, endpoints and apps across your network, providing single alerts to speed incident analysis and remediation.
QRadar SIEM is proprietary software. What are the best free and open source alternatives?
1. OSSIM
OSSIM provides a unified platform with many of the essential security capabilities including: asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, and SIEM event correlation.
It provides various self-developed tools and integrates many independent open source projects:
- PRADS, used to identify hosts and services by passively monitoring network traffic.
- Snort, used as a popular network intrusion detection system (IDS), and also used for cross correlation with OpenVAS.
- Suricata, used as an IDS. Suricata also offers intrusion prevention, network security monitoring and PCAP processing.
- Nagios, used to monitor hosts and specified ports for asset availability as well as full local system monitoring.
- Tcptrack, used for session data information which can grant useful information for attack correlation.
- Munin, for traffic analysis and service watchdogging.
- NFSen/NFDump, used to collect and analyze NetFlow information.
- FProbe, used to generate NetFlow data from captured traffic.
- OpenVas, is used for vulnerability assessment and associated to assets.
2. OSSEC
OSSEC has a powerful correlation and analysis engine, integrating log analysis, file integrity monitoring, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Alternatives to IBM's Products | |
---|---|
Db2 Database - Db2 is a family of data management products, including the Db2 relational database. The products feature AI-powered capabilities. | |
Maximo Application Suite is a single, integrated cloud-based platform that uses AI, IoT and analytics to optimize performance, extend asset lifecycles and reduce operational downtime and costs. | |
QRadar SIEM detects, prioritizes and responds to threats. Analyse and aggregate log and flow data from thousands of devices, endpoints and apps across your network. | |
Rational DOORS is a requirements management tool that makes it easy to capture, trace, analyze, and manage changes to information. | |
Robotic Process Automation helps automate business and IT processes at scale. Software robots, or bots, can act on AI insights to complete tasks with no lag time. | |
SPSS is a statistical software suite for data management, advanced analytics, multivariate analysis, business intelligence, and criminal investigation. | |
SPSS Modeler is a data mining and text analytics software application. The program is used to build predictive models and conduct other analytic tasks. | |
Watson is a data analytics processor that uses natural language processing, a technology that analyzes human speech for meaning and syntax. |