Categories: Security

IBM Launches X-Force Red Pen Testing Task Force

IBM has created a new security squadron composed of ethical hackers and cybersecurity professionals with the goal of testing weaknesses in enterprise security before cybercriminals can attack.

The group is called X-Force Red, an apt amalgamation that true American patriots and X-Wing pilot Luke Skywalker would be proud of.

The team, part of IBM Security Services, will also examine human security vulnerabilities in daily processes and procedures that attackers often use to get around security.

Global network

X-Force Red will be led by IBM’s Charles Henderson, a penetration testing expert. The team will also draw on a global network of hundreds of security professionals based in dozens of locations around the world, including the United States, the United Kingdom, Australia and Japan.

“Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked,” said Henderson.

“Elite human testers can learn how an environment works and create unique attacks using techniques even more sophisticated than what the criminals have. IBM X-Force Red gives organizations the freedom to stay agile without creating blind spots in their security posture.”

X-Force Red will have four focus areas, according to IBM: application, network, hardware and human.

The application aspect will carry out penetration testing and source code review to find vulnerabilities in web, mobile, terminal, mainframe and middleware platforms. On networks, X-Force Red will conduct penetration testing of internal, external, wireless and other radio frequencies.

In hardware, IBM will look at verifying the security between the digital and physical realms by testing IoT, PoS systems, ATMs and wearable devices. X-Force Red will also perform simulations of phishing campaigns, social engineering, ransomware and physical security violations to determine the risks of human behaviour.

IBM X-Force Red provides security testing services in three models: individual projects, subscription-based testing, and managed testing programs. The subscription model offers significant costflexibility by pre-allocating testing funds without defining specific testing targets or even test types, claims IBM.

IBM said that the managed testing programs are ideal for customers without the security staff to determine testing priorities, document remediation requirements, and enforce policies.

Take our cybersecurity in 2016 quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

Microsoft’s Hiring Of Inflection AI Staff Does Not Meet EU Merger Thresholds

European Commission says Microsoft's hiring of Inflection AI's staff will not be investigated under EU…

11 hours ago

Google Urges London Tribunal To Dismiss Mass Lawsuit

Alphabet urges Competition Appeal Tribunal to dismiss mass lawsuit seeking up to £7bn ($9.3bn) for…

12 hours ago

US To Host International Network of AI Safety Institutes In November

The US will host the first meeting of the International Network of AI Safety Institutes,…

12 hours ago

Qualcomm Loses Appeal Over EU Antitrust Fine

EU General Court upholds European Commission €242m antitrust fine against Qualcomm, after it allegedly forced…

15 hours ago

EU Court Rules Google’s €1.49bn Fine Should Be Annulled

Google wins court challenge. Europe's second highest court rules EC's €1.49bn antitrust fine should be…

17 hours ago

Meta Bans Russian State Media Networks

Russian state media networks including RT, Rossiya Segodnya etc banned by Meta Platforms for “foreign…

18 hours ago