2 min Security

Palo Alto Networks acquires SIEM tool IBM QRadar

Palo Alto Networks acquires SIEM tool IBM QRadar

QRadar users will be migrated to Palo Alto Networks’ Cortex XSIAM platform, which should offer security operations centers (SOCs) a much broader approach than traditional SIEM tooling.

Palo Alto introduced XSIAM in 2022 but was active in the SOC domain before that. XSIAM, short for extended security intelligence and automation management, should replace traditional SIEM and specialized products by combining broad functionality in a larger platform. In XSIAM, the capabilities and processes of a SOC are integrated and automated. For example, it includes data centralization, intelligent stitching, analytics for detection, incident management, threat intelligence, automation and attack surface management.

The Palo Alto product is already said to be generating tens of millions in revenue and taking market share from everyone else, CEO Nikesh Arora stated to CNBC. In the area of SIEM, however, it was competing with IBM. This while the two tech companies have been trying to work together more and more in recent months. In strengthening cooperation, SIEM got in the way. Or, as Arora himself says, “We used to get stuck there.”

Route to XSIAM

A solution has now been found through the acquisition of QRadar, the financial details of which are not known. For customers open to the migration, the easiest way is via the SaaS version of QRadar. Qualified customers —it is unclear what the conditions are for this— can count on free migration support. According to Arora, a migration normally takes three months at most.

The company assures that on-premises QRadar users may continue to count on IBM features and support. These include security, usage, and bug fixes, updates to existing connectors, and the ability to extend consumption. And if on-premises QRadar users do want to migrate, Palo Alto Networks is funding IBM to help with the transition.

The move by Palo Alto Networks and IBM shows that the security market continues to consolidate. There has been a lot of movement lately, especially in the field of SIEM. Earlier this week, it was announced that LogRhythm is to acquire Exabeam. Again, the two parties are working toward a larger platform for SOC.

Tip: LogRhythm and Exabeam merger is step towards larger SOC platform