Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Archive for the ‘qradar’ Category

IBM Watson for Cyber Security Powers Smarttech Security Ops

leave a comment »

IBM Security today announced Smarttech, a security services provider based in Ireland, is leveraging IBM Watson for Cyber Security in their Security Operations Center (SOC).

The new tool is enabling the company’s analysts to investigate and respond to three times as many security incidents with greater speed and accuracy. Smarttech was one of 40 companies around the world to participate in the IBM Watson for Cyber Security Beta Program, and is now a customer.

Powered by IBM QRadar Advisor with Watson, Smarttech’s SOC now takes advantage of the cognitive capabilities of Watson along with industry leading IBM Security QRadar Security Analytics Platform to uncover hidden threats and automate insights.

IBM has trained Watson on the language of cyber security, with the system ingesting over one million security documents, and can now help security analysts with insights from hundreds of thousands of natural language research sources that have never before been accessible to modern security tools.

Smarttech was looking for an intuitive solution to better manage an industry-wide workforce shortage of security analysts, and sought to augment the skills of its security team to stay ahead of ever evolving cyber threats targeting customers.

As part of its roll out of IBM QRadar Advisor with Watson, Smarttech found that the tool provided valuable additional perspective beyond what their analysts had initially discovered, highlighting new observations that the analysts had overlooked in about 20 percent of incidents.

“It’s not man versus machine—they very much work hand and hand,” said Ronan Murphy, CEO, Smarttech. “Our analysts continue to play a critical role in evaluating a cyber security incident, while Watson for Cyber Security enforces their decisions and validates what they are sharing with the customer at risk. It enables security analysts to deliver faster and more accurate details on a breach, so we may better protect our customers.”

IBM QRadar Advisor with Watson can help security teams respond to threats through the following:

  • Visibility into elements of a security incident – while investigating an incident, QRadar Advisor first gathers greater context about that incident by mining local data available in QRadar.​
  • Formulate a threat research strategy – QRadar Advisor formulates a threat query to send to Watson for Cyber Security, to perform external knowledge and threat discovery on discrete observations from the incident.
  • Threat research – Watson for Cyber Security taps its knowledge base of unstructured data and uses cognitive reasoning to discover additional insights and other threat entities related to the original incident.
  • Apply intelligence to understand the threat – QRadar Advisor refines information it receives from Watson, to zero in on the key insights relevant to the current incident. It validates the source of the offense and provides additional context to identify and understand the threat.

For more information on Watson for Cyber Security and the IBM Cognitive SOC, visit: http://www-03.ibm.com/security/cognitive/

Written by turbotodd

May 11, 2017 at 8:31 am

Over 90 Custom Apps Now ON IBM Security App Exchange

leave a comment »

The IBM Security App Exchange has now grown to over 90 custom applications from IBM and Business Partners.

Over 30,000 apps, content packs and tools have been downloaded since the launch of the App Exchange, allowing users to extend the capabilities of IBM’s Security technologies with custom apps and integrations.

Launched in December 2015, the IBM Security App Exchange is a community marketplace for customers, Business Partners and other developers to build and share applications which build upon and integrate with IBM Security products.

The IBM Security App Exchange has been populated with new applications from more than 30 Business Partners, including Trend Micro, Recorded Future, BluVector and Ziften.

Through this collaboration, customers now have access to new solutions which can help them streamline their security operations, potentially saving valuable resources and allowing their security teams to remain focused on the latest threats rather than technology management and integration.

Combining these partner applications with innovative new security apps developed within IBM Security, the App Exchange is now home to 92 applications which extend across the IBM Security portfolio, including IBM QRadar security intelligence platform,BigFix endpoint management, Guardium data protection, MaaS360 mobile device management, Resilient incident response platform, and IBM’s open source threat intelligence platform, X-Force Exchange.

“As threats are evolving faster than ever, collaborative development amongst the security community will help organizations adapt quickly and speed innovation in the fight against cybercrime,” said Sandeep Mukherjee, Marketing Manager, IBM Security. “The rapid growth of the IBM Security App Exchange shows the value that this collaboration is providing to partners and customers.”

You can visit the IBM Security App Exchange here.

Written by turbotodd

April 20, 2017 at 8:47 am

%d bloggers like this: