sb-as logo
Story image

IBM Security completes industry first with updates to Cloud Pak for Security solution

IBM Security has announced new capabilities for Cloud Pak for Security, including, notably, a data security solution that allows companies to detect, respond to and protect against threats to sensitive data across hybrid cloud environments.

According to the company, this brings an industry-first ability to connect threat management, data security and identity within a single platform.

In addition, the expansions include new data sources, integrations, and services that allow security operations teams to manage the full threat lifecycle from a single console.

With these upcoming capabilities, Cloud Pak for Security will include access to six threat intelligence feeds, 25 pre-built connections to IBM and third-party data sources, and 165 case management integrations which are connected through advanced AI to prioritise threats, and automation playbooks to streamline response actions for security teams.

More specifically, the added capabilities cover threat response, threat intelligence and dedicated services and support.

For threat response and data security, IBM has developed a new approach to provide security teams with visibility into data activity, compliance and risk, without needing to leave their primary response platform.

The new built-in data security hub, scheduled for general availability in Q4, allows analysts to gain context into where their sensitive data resides across hybrid cloud environments, as well as who has access to it, how it is used, and the best way to protect it, IBM Security states.

Cloud Pak for Security is also expanding its collection of threat intelligence, helping clients detect early warning signs of active threat campaigns impacting companies around the world.

In addition to IBM's X-Force Threat Intelligence Feed, the platform will provide pre-built integrations for five additional threat intelligence feeds from third-party sources, including AlienVault OTX, Cisco Threatgrid, MaxMind Geolocation, SANS Internet StormCenter and Virustotal scheduled for general availability in Q4, and additional threat feeds expected to be added in 2021.

Finally, IBM is launching new dedicated security services to help organisations modernise their security operations with Cloud Pak for Security, leveraging a holistic approach connecting products and services.

With a wide range of flexible service options, IBM experts can help clients deploy and manage Cloud Pak for Security across any environment, including end-to-end threat management, managed security services, as well as strategy, consulting and integration support, the company states.

According to IBM Security, with the upcoming new capabilities, Cloud Pak for Security will become the first platform in the industry to connect data-level insights and user behavior analytics with threat detection, investigation and response.

IBM Security vice president Justin Youngblood says, “Complexity is the greatest challenge facing our industry, forcing resource-strapped security teams to manually connect the dots between disparate tools and sources of security data.

“Cloud Pak for Security is built on open, cloud native technologies from the ground up to connect any tool within the security ecosystem.

"With these updates, we will be the first in the industry to bring together external threat intelligence and threat management alongside data security and identity, helping organisations to modernise their security operations and create the foundation for a zero trust security strategy.”

Cloud Pak for Security leverages open technologies to create an interoperable foundation and connections between the IBM and third-party tools.

For instance, the platform uses STIX-Shifter, an open-source library that allows security analysts to search for threat indicators across all connected data sources with a single query, IBM Security states.

Additionally, Cloud Pak for Security is built on Red Hat OpenShift, providing an open, containerised foundation that can be deployed across on-premise, public and private cloud environments.

Furthermore, the platform uses advanced AI, analytics and automation to streamline the full lifecycle of threat management including native capabilities for SIEM, threat intelligence, user behaviour analytics and more.

These capabilities are delivered through a unified user interface that connects the entire threat management process via end-to-end workflows, from detection through response.

The capabilities of Cloud Pak for Security can be supported by and integrated with other IBM Security Services, with unified offerings that connect technologies and services.

Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More
Story image
Video: 10 Minute IT Jams – A glimpse inside a ransomware cell
This is our second IT Jam with SonicWall senior manager of product marketing Brook Chelmo, and in this video Brook walks us through his one-on-one experience with a member of a ransomware cell. More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More
Story image
Research: Younger cybersecurity pros more fearful of being replaced by AI
According to the findings, 53% of respondents under 45 years old either agreed or strongly agreed that AI and ML are a threat to their job security, despite 89% of this demographic believing that it would improve their jobs.More
Story image
New project development inhibited by cybersecurity, Kaspersky research states
"There are still some practical steps that can be taken to make sure that an emerging technology or a product reaches its launch. Cybersecurity doesn’t have to be another corporate barrier, but it should be on an integral part of the project all long."More
Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More