IBM unveiled enhancements to its security services portfolio, promising customers improved data analytics and deeper real-time analysis of security threats.
Customers can analyse data from multiple sources across the enterprise and determine how to tweak their security strategies and make sure security and business needs are aligned using new intelligence tools and services, IBM said. The new services are designed to help organisations make rapid decisions and prevent security breaches from impacting business, the company said.
The analytics tools and services include a new dashboard to provide real-time identification of advanced threats, an IP intelligence report, enhanced automated intelligence correlation engine, an IP centre dashboard, and managed security information and event management (SIEM) capabilities, according to Latha Maripuri, director if IBM Security Services.
IBM created the new Security Systems Division in October after acquiring security intelligence and SIEM vendor Q1 Labs. The new tools and services under the Security Systems umbrella would expand IBM’s existing security analytics capabilities, Marisa Viveros, vice-president of IBM Security Services, said at the same event.
Business intelligence is the “future of security”, Viveros said, noting that IBM is pulling together all its recent security and analytics acquisitions to provide customers with deep analysis of threat data. With BI capabilities, organisations can present security insights to business and to the board of directors to justify security expenditures and policies, she said.
These tools and services will be offered as part of six subscription services that feed results from firewall logs, intrusion detection and prevention events and vulnerability scans into the X-Force Protection System and its cloud-based analytic engine, IBM said. The data sets from the subscription services provide IBM analysts with “superior visibility” into an IT environment, strengthen enterprise security and allow security teams to remediate threats more rapidly, according to the company.
The host dashboard will use inbound and outbound firewall logs, threat intelligence feeds, intrusion detection and prevention events and geographic IP location data to identify and prioritise threats, such as botnets. The ability to combine all the information into a single dashboard was essential because “no one wants multiple dashboards”, Viveros said.
The IP intelligence report is a one page report that analyses threats, vulnerabilities and remediation activities under way. The report would give organisations insight in all the IP addresses that are hitting their servers and be able to identify which may be malicious and which ones to keep an eye on for now, according to Maripuri.
The IP centre dashboard provides IBM threat analysts with enhanced query capabilities across the managed security services customer data set. Analysts can profile suspected attackers faster, identify the number of affected customers and industries and understand the type of threats delivered. Threat analysts can perform checks to validate the severity of circumstances, streamlining the prioritisation of remediation activities, according to IBM.
The managed SIEM offering, using IBM Tivoli and Q1 Labs technology, would provide around-the-clock security monitoring and reporting to effectively identify and respond to threats and enhance existing SIEM deployments.
IBM already operates nine security operations centres, nine IBM Research centres, 11 software security development labs and three Institutes for Advanced Security around the world, according to Maripuri. The company employs thousands of security experts globally and monitors 12 billion security events per day in more than 130 countries, she said.
Rights group argues ChatGPT tendency to generate false information on individuals violates GDPR data protection…
European Commission says Apple's iPadOS is 'gatekeeper' due to large number of businesses 'locked in'…
As the cloud continues to be an essential asset for all businesses, developing and maintaining…
Internatinal conference in Vienna calls for controls on AI-powered autonomous weapons to ensure humans remain…
Major Taiwan chip assembly and test firm KYEC to sell Jiangsu subsidiary, exit mainland China…
As deepfake technology continues to blur the lines between reality and deception, businesses and individuals…
View Comments
[ Begging for helps ] Complaint about Human Rights Violations by IBM China on Centennial
Please Google:
Tragedy of Labor Rights Repression in IBM China
or
How Much IBM Can Get Away with is the Responsibility of the Media
or
IBM detained mother of ex-employee on the day of centennial