Connect with us

Hi, what are you looking for?


Network Security

IBM Unveils “X-Force Red” Pen Testing Group

IBM this week unveiled a new penetration testing group that will operate under its security services division to help customers uncover security gaps in their networks.

IBM this week unveiled a new penetration testing group that will operate under its security services division to help customers uncover security gaps in their networks.

The new “IBM X-Force Red” team is a group of ethical hackers that will pound the virtual walls of companies in an effort to discover vulnerabilities in their networks, hardware, and applications.

Led by pen testing guru Charles Henderson, who previously served as VP of Managed Security Testing at Trustwave, the X-Force Red team consists of hundreds of security professionals scattered across dozens of locations around the world.

In addition to searching for software vulnerabilities and misconfigurations, the team will help test the human element, by performing phishing and social media attack simulations, along with physical security tests to determine the risks associated with in-person interactions. 

“Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked,” said Henderson. 

IBM says X-Force Red can engage with customers via three different billing models: individual projects, subscriptions, and managed testing programs—all which include vulnerability analytics to help measure the impact of the security testing programs.

In May, IBM announced Watson for Security, an initiative to leverage IBM’s cognitive computing technology to help analysts develop and maintain maximum network security. 

In 2015, IBM’s security business reached $2 billion in revenue and added 1,000 employees.

Advertisement. Scroll to continue reading.
Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...