Careers

For journalists

email contact@scnsoft.com en flag +1 214 306 68 37
en flag +1 214 306 68 37
Contact us
IBM® Security QRadar® SIEM Integration with SMS Gateway for a Kenyan bank

IBM® Security QRadar® SIEM Integration with SMS Gateway for a Kenyan bank

Industry
BFSI, Banking
Technologies
QRadar

Customer

Financial Institution Global Award winner according to The Financial Times, the Customer ranks high in 2017 best performing banks in Kenya with assets totaling $3+ bn and constantly growing customer base of 6+ mln accounts.

Challenge

Adequate network protection is a 24/7 process, as it requires the ability to address security alerts promptly. For this reason, the Customer’s information security team was urged to implement IBM® Security QRadar® SIEM integration with SMS gateway.

The Customer needed a solution which would enable them to receive SMS notifications with offense details via SMS gateway on certain mobile number(s) configured within a correlation rule when an offense is generated.

Solution

ScienceSoft’s SIEM consultants had to design and develop a SOAP (simple object access protocol) solution based on Python programming language. Having analyzed the Customer’s requirements, they started the development and testing process following this algorithm:

  • Create an external application which monitors QRadar configuration database to spot new offenses.
  • When the SIEM system generates an offense, identify the rule that triggered the offence and extract the following information:
    • offense source from offense data,
    • offense details and associated rule data,
    • correlation rule description from rule data.
  • Parse the rule description.
  • Extract the phone number(s) and SMS message from the rule description. The number(s) and the message are set by the Customer’s security administrators.
  • Pass authorization and authentication procedure for SMS gateway.
  • Initialize connection to SMS gateway via SOAP.
  • Send SMS message to mobile numbers specified in the rule description

The Customer was able to integrate the solution with their QRadar console with the help of a detailed configuration manual provided by ScienceSoft’s SIEM consultants. The document gives instructions on the solution configuration and software support within QRadar system.

Results

The customer obtained a solution that facilitates QRadar offense management. The SIEM integration with SMS gateway allows easy input of any number(s) and SMS message per correlation rules. The Customer’s security administrators can configure the text of the message in the rule description, while the text can contain various offense details: offense category, source IP, username, etc.

The tool is a means of instant notification that works without access to the Internet, which is valuable in case of intermittent Internet connection.

Technologies and Tools

Python, SQL, SOAP, QRadar API

QRadar Case Studies Banking IT Case Studies Integration Case Studies SIEM Case Studies Cybersecurity Case Studies

Have a question to our team or need help with your project?

Our team is ready to provide client references, estimate your project, or answer any other question related to your IT initiative.

Upload file

Drag and drop or to upload your file(s)

?

Max file size 10MB, up to 5 files and 20MB total

Supported formats:

doc, docx, xls, xlsx, ppt, pptx, pps, ppsx, odp, jpeg, jpg, png, psd, webp, svg, mp3, mp4, webm, odt, ods, pdf, rtf, txt, csv, log

Get in touch instantly

Call us Email us WhatsApp Live chat

More Case Studies