With new AI technologies, IBM now introduced the newest version of its managed detection and response service offerings. This includes the capacity to automatically escalate or close up to 85% of alerts,1 which will shorten the time it takes for clients to respond to security threats.
The brand-new Threat Detection and Response Services (TDR) offer round-the-clock monitoring, analysis, and automated remediation of security alerts from all pertinent technologies across client hybrid cloud environments, including pre-existing security tools and investments, as well as cloud, on-premise, and operational technologies (OT). The managed services are provided by the global team of security analysts at IBM Consulting through the company’s advanced security services platform, which applies multiple layers of AI and contextual threat intelligence from its extensive global security network. This helps automate away the noise while quickly escalating critical threats.
The number of vulnerabilities, warnings, security tools, and systems that security teams are required to manage on a daily basis has surpassed that of attackers, according to Chris McCurdy, general manager of worldwide IBM Consulting Cybersecurity Services. “IBM’s new Threat Detection and Response Services can augment an organization’s security defenses with a capability that is scalable, constantly improving, and strong enough for tomorrow’s threats,” according to a press release from IBM.
Threat defenses that are proactively adjusted
A group of AI-powered security solutions that support thousands of clients worldwide and keep track of billions of potential threat events every day serve as the foundation for the new TDR Services. In order to automatically close low priority and false positive alarms based on a client-defined confidence level, it uses AI models that continuously learn from real-world client data, including security analyst answers. Additionally, this feature gives investigation context and automatically elevates high risk warnings that demand prompt action from security teams.
The purpose of IBM’s TDR Services is to offer:
Optimized notifications and crowdsourced detection rules. The new services employ AI to continuously review and auto-recommend the most effective detection rules, leveraging real-time information from IBM’s threat management engagements. This helps to increase the quality of alerts and shorten reaction times. By using this feature, low-value SIEM alarms were reduced by 45%, and high-value alerts that needed immediate attention were automatically escalated by 79% more. Through its co-managed interface, organizations may quickly accept and modify detection criteria.
Evaluation by MITRE ATT&CK. Organizations will be able to compare how well their environment complies with the MITRE ATT&CK framework tactics, techniques, and procedures to peers in their sector and geographical area, ensuring that they are prepared for ransomware and wipe-out assaults. The new services’ use of AI is intended to harmonize the many detection technologies and policies already in use at a business, offering an enterprise view on how to most effectively detect threats and evaluate gaps to fill within an ATT&CK framework.
Full integration from beginning to end. The new services’ open API architecture enables them to easily interact with a client’s on-premises or cloud-based enterprise-wide security assets. Organizations have the ability to connect, communicate, and design their own response playbooks through a co-managed portal while still having access to their ecosystem. This gives an integrated picture of the entire organization, accurate remedial tools, and uniform security policy enforcement across IT & OT.
Worldwide assistance available round-the-clock. More than 6,000 IBM Cybersecurity Services personnel will be available to organizations around the world, 24/7/365, to help bolster security strategies. The extensive worldwide network of IBM Consulting Cybersecurity Services supports more than 3,000 clients globally, managing more than 2 million endpoints and 150 billion security events each day.
Security leaders today are attempting to break free from the vicious cycle of staff shortages, mounting threats, and growing pressure from the C-Suite to develop their cyber program without breaking the bank. Since many enterprises cannot afford to write off prior SOC expenditures, the traditional strategy of switching out their tools for a vendor’s preferred platform does not apply to them, according to Craig Robinson, VP of Security Services at IDC Research. “Services like IBM’s Threat Detection and Response offering can provide an off-ramp to these concerns, without requiring a full rip-and-replace of their prior security investments and help shift their human capital in the SOC to more of a proactive mode,” according to the report.
IBM’s TDR Services, which are now available, include access to IBM’s X-Force Incident Response Services as well as the choice to include additional proactive security services from IBM X-Force, like penetration testing, adversary simulation, or vulnerability management. These services are designed to support continuous improvement for security operations capabilities. Based on the current threat landscape, the clients’ changing IT environment, and knowledge gained from engagements with hundreds of IBM Cybersecurity Services clients worldwide, X-Force will also offer advice to help clients enhance their security operations over time.
With IBM Security
With an integrated portfolio of security solutions and services that incorporates dynamic AI and automation capabilities, IBM Security assists in securing the largest businesses and governments in the world. The portfolio, which is backed by renowned IBM Security X-Force research, gives businesses the ability to anticipate attacks, safeguard moving data, and act swiftly and precisely all without impeding business innovation. Thousands of businesses trust IBM to assess, strategize, implement, and manage security changes on their behalf. More than 130 countries are monitored daily by IBM’s one of the largest security research, development, and delivery divisions, which also holds more than 10,000 security patents worldwide.
[…] to IBM Security’s “Threat Intelligence Index” research, healthcare was one of the top 10 most-attacked industries in 2023. The “Cost of a […]
[…] IBM and Amazon Web Service(AWS) announced a partnership to enable more clients operationalize and benefit from generative AI. IBM Consulting plans to train 10,000 consultants on AWS by 2024 to deepen and expand its generative AI expertise and deliver joint solutions and services with generative AI capabilities to help clients across critical use cases. […]
[…] now, I’m happy to announce a new achievement: through our collaboration with IBM, we will employ their state-of-the-art artificial intelligence (AI) technologies to personalise […]