Light Dark
October 16, 2018 By Marc van Zadelhoff 3 min read
Intelligence & Analytics
CISO
Cloud Security
Data Protection
Security Services

Today, IBM Security is putting a stake in the ground to dramatically improve its odds in the battle against cyberattacks with the announcement of IBM Security Connect, a first-of-its-kind cloud-based platform. Built on open technologies, IBM Security Connect is capable of analyzing federated security data across unconnected tools and environments.

Valuing Simplicity Over Complexity

One of the biggest challenges facing security professionals right now is the complexity that results from the use of disconnected, problem-specific tools from dozens of different vendors, almost none of which work together. Users are forced to switch between applications, move data between tools or integrate solutions to uncover meaningful insights. This creates undue inefficiency and ultimately requires more skilled resources than companies can hire. The complexity also hinders the level of collaboration needed to effectively combat threats.

It’s no wonder why the security industry is falling further and further behind.

Security must be more open, simple and connected to meet today’s challenges.

We at IBM recognized this problem early on and responded by building the IBM Security Immune System, which integrates solutions to enable security professionals to more quickly and accurately find and stop anomalies wherever they occur. We’ve been infusing our immune system with artificial intelligence (AI) to detect attacks more quickly, accurately and at scale, and we have led the industry in openness.

However, in the current threat landscape, this is no longer enough.

A Cloud-Based Platform That Is Open, Simple and Connected

Security must be more open, simple and connected to meet today’s challenges. With these challenges in mind, we have dramatically enhanced our approach, leveraging the cloud to make us more effective and better able to protect our clients at unprecedented scale and speed.

Open

Grounded in open standards and communities, organizations will derive more accurate insights with the ability to connect to and share all security data. Security vendors and partners will be able to leverage IBM Security Connect as a single point of integration for IBM Security’s entire portfolio of products, experts and services.

Simple

Until now, getting insight from data has meant moving all security data to one spot, a task made virtually impossible due to multiple security information and event management (SIEM) tools, data lakes, endpoint detection and response (EDR) solutions, and cloud object stores. IBM Security Connect solves this challenge. For the first time in our industry, we can connect or federate data where it is in its current tools and environments, on-premises or in multiple clouds, to improve security visibility and efficiency. The hassle of migrating data or integrating complicated products can be significantly reduced for many security use cases.

This federation of data enables our existing solutions, such as QRadar, Guardium and Resilient, to connect to currently disconnected data sources to search and analyze data for threats and risks.

For example, users of our new IBM Security Connect federated search app will be able to search data across their QRadar, Splunk, EDR platforms and data lakes to hunt for threats.

Connected

Collaboration, both within and among organizations, is a necessity. Security teams need to connect to a global community of other users, aggregate their insights and build on each other’s solutions to make everyone stronger.

IBM Security Connect brings customers the power of collective intelligence and the ability to connect insights from all parts of our security immune system and partner ecosystem. Insights about a device, IP address and user, as well as database vulnerabilities and threats, can easily be shared across all products and applications integrated with the platform, providing instantaneous context for security investigations.

Joining Forces to Protect Businesses and Society

The open, simple and connected nature of IBM Security Connect’s cloud-based platform will not only make it easier for organizations to build out and share their security solutions quickly and easily, but also to tap into just the capabilities they need.

IBM Security Connect is expected to be generally available early next year and will bring the ease of cloud scalability without the pain of data migration, increase efficiency through seamless workflows and enhance current security investments.

As an industry, we have come a long way in the fight to protect businesses and society, with ever more sophisticated and effective solutions. But we know that no one company can go it alone, and that to truly stop the spread of attacks, we need work to together, share our knowledge and collaborate on the answer.

We believe that IBM Security Connect will accelerate us all in the right direction.

Get connected

 |  |  |  |  |  |  |  |  |  |  |  | 
Marc van Zadelhoff
General Manager, IBM Security

More from Intelligence & Analytics
October 30, 2023

Hive0051’s large scale malicious operations enabled by synchronized multi-channel DNS fluxing

12 min read - For the last year and a half, IBM X-Force has actively monitored the evolution of Hive0051’s malware capabilities. This Russian threat actor has accelerated its development efforts to support expanding operations since the onset of the Ukraine conflict. Recent analysis identified three key changes to capabilities: an improved multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and the use of fileless PowerShell variants of the Gamma malware. As of October 2023, IBM X-Force has also observed a significant increase in…

September 12, 2023

Email campaigns leverage updated DBatLoader to deliver RATs, stealers

11 min read - IBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since late June leveraging the updated DBatLoader loader to deliver payloads such as Remcos, Warzone, Formbook, and AgentTesla. DBatLoader malware has been used since 2020 by cybercriminals to install commodity malware remote access Trojans (RATs) and infostealers, primarily via malicious spam (malspam). DBatLoader…

September 7, 2023

New Hive0117 phishing campaign imitates conscription summons to deliver DarkWatchman malware

8 min read - IBM X-Force uncovered a new phishing campaign likely conducted by Hive0117 delivering the fileless malware DarkWatchman, directed at individuals associated with major energy, finance, transport, and software security industries based in Russia, Kazakhstan, Latvia, and Estonia. DarkWatchman malware is capable of keylogging, collecting system information, and deploying secondary payloads. Imitating official correspondence from the Russian government in phishing emails aligns with previous Hive0117 campaigns delivering DarkWatchman malware, and shows a possible significant effort to induce a sense of urgency as…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature