Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

IBM Adds Intelligence to Incident Response, Threat Management

IBM has added intelligent orchestration capabilities to its Resilient incident response platform, and launched new threat and vulnerability management services as part of its X-Force offering.

The latest announcements are what IBM has described as efforts to combine human and machine intelligence for more efficiently managing cybersecurity incidents.

IBM has added intelligent orchestration capabilities to its Resilient incident response platform, and launched new threat and vulnerability management services as part of its X-Force offering.

The latest announcements are what IBM has described as efforts to combine human and machine intelligence for more efficiently managing cybersecurity incidents.

The company says it has spent nearly 200,000 hours on the research and development of its new Resilient Incident Response Platform with Intelligent Orchestration, which is a result of IBM’s acquisition of Resilient Systems back in 2016.

The new orchestration capabilities allow security analysts to manage and automate hundreds of repetitive, time-consuming, and complicated response actions that until now required significant manual intervention.

IBM says the new platform provides out-of-the-box integrations and a drag-and-drop business process management notation (BPMN) workflow engine that makes it easier for security teams to investigate incidents. Integrations cover products from several major firms, including Cisco, Carbon Black, McAfee, Splunk and Symantec.

“The Resilient IRP automatically initiates activities across these partner technologies spanning monitoring and escalation, identification and enrichment, communication and coordination, and containment, response, and recovery,” IBM said.

As for the new X-Force Threat Management Services, they rely on a patented artificial intelligence engine that, according to IBM, will change the way analysts and technologies interact.

The goal is to allow analysts to more easily and efficiently investigate potential threats. Threat Management Services is powered by the new IBM X-Force Protection Platform, which combines tools from IBM and its partners with machine learning and AI algorithms to guide analysts through the threat management process and automate simple functions that previously required human intervention.

The new platform uses AI to compare an incident with real-time and historical data in order to help triage events. This includes eliminating false positives and duplicates, setting up quarantines, and escalating an incident to a higher-level analyst.

The new threat management product can be combined with the Resilient platform for more complex incident response activities.

Related: IBM Adds New Service to Cloud Identity Offering

Related: IBM Starts Patching Spectre, Meltdown Vulnerabilities

Related: IBM Helps Banks Prevent New Account Fraud

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Threat Intelligence

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...