IBM’s Watson Artificial Intelligence Aids Security Pros

After medical diagnostics and automobile research, Watson now helps defend against security threats

IBM said it has trained its Watson artificial intelligence platform to bolster companies’ network security efforts, and that such systems could help fill a skills gap as online attacks become more difficult to fend off.

The company has launched a Watson-based platform aimed at helping security operations centres (SOCs) sift through mountains of false positives, after testing the offering with customers including universities, systems integrators and IT security firms.

Natural language queries


The Cognitive SOC platform is based on IBM QRadar Advisor with Watson, which responds to natural language queries to search through more than one million security documents for relevant information.

IBM is offering the platform as a stand-alone product or as part of a SOC built by IBM Managed Security Services, either on a client’s premises or at a remote cloud facility.

It has been built into SOCs operated by IBM’s X-Force Command Centre network, with clients able to access information about their security situation or network configuration via a chatbot.

Under another trial IBM is training Watson-based security services to respond to verbal questions and commands.

False positives

The company said Watson can help make security staff more effective in dealing with the more than 200,000 security events they face each day on average, leading to 20,000 hours per year wasted on false positives.

The skills shortage is expected to worsen even as security incidents are anticipated to double over the next five years.

IBM acknowledged the use of artificial intelligence in security is at an early stage, with cognitive technologies currently used by only seven percent of professionals in the field.

Sean Valcamp, chief information security officer at Avnet, one of the companies using Watson, said the tool can help spot threats that attack on multiple fronts to conceal their activities.

“Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing it with the latest security attack intelligence to provide a more complete picture of the threat,” he stated.

Other companies with artificial intelligence-based security offerings include Darktrace, a Cambridge start-up that uses cognitive systems to block attacks by automated systems.

Google has also heavily invested in cognitive-learning technologies, including the acquisition of UK-based DeepMind.

IBM has been adapting Watson to applications ranging from medical diagnostics to car research.

Put your knowledge of Artificial Intelligence (AI) to the test. Try our quiz!