IBM has officially announced the launch of new generative AI capabilities to support its managed Threat Detection and Response Services that are utilized by IBM Consulting analysts to advance and streamline security operations for clients. According to certain reports, the development in question is headlined by the introduction of a new IBM Consulting Cybersecurity Assistant, who happens to be built upon the company’s watsonx data and AI platform, In essence, this assistant is designed to accelerate and improve the identification, investigation, and response against critical security threats. More on the same would reveal how the solution leverages IBM’s TDR Services to correlate alerts, while simultaneously enhancing insights from SIEM, network, EDR, vulnerability, and telemetry to provide a holistic and integrative threat management approach. On top of that, it further comes decked up with an ability to analyze patterns of historical, client-specific threat activity to help security analysts achieve better positioning in regards to being proactive and precise. There is also a facility to access timeline view of attack sequences, a facility which is going to help security analysts better comprehend critical threats. Joining the same is IBM Assistant’s knowhow when it comes to auto-recommending actions based on the historical patterns of analyzed activity and pre-set confidence levels. Such a skill, like you can guess, greatly speeds up response times for clients, and at the same time, allows them to reduce attackers’ dwell time. In case that wasn’t quite enough, then we must mention how the solution will also continuously learn from investigations to become even faster and more accurate over time.
“As cyber incidents evolve from immediate crises to multi-dimensional and months-long events, security teams are facing the enduring challenge of too many attacks and not enough time or people to defend against them,” said Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM Consulting. “By enhancing our Threat Detection and Response services with generative AI, we can reduce manual investigations and operational tasks for security analysts, empowering them to respond more proactively and precisely to critical threats, and helping to improve overall security posture for clients.”
Among other details, we must mention that the AI Assistant packs together for you a generative AI conversational engine that provides real-time insights and support on operational tasks to both clients and IBM security analysts. Alongside the promise to provide real-time insights and support on operational tasks to both clients and IBM security analysts, this engine further helps you automatically trigger relevant actions, including running queries, pulling logs, command explanations or enriching threat intelligence. Hence, by explaining complex security events and commands, IBM’s TDR (Threat Detection and Response) Service can help reduce noise and boost overall SOC efficiency for clients.
As for IBM’s TDR Services, they can automatically escalate or close up to 85% of alerts. Now, further empowered by the facility to bring together existing AI and automation capabilities with the new generative AI technologies, these services have proved themselves, for one client, to reduce alert investigation times by more than 48%.
“With IBM’s advancements to its managed security services, businesses can gain a new level of insight into critical threats and benefit from technology that continuously learns from actions taken within their specific environment. This helps drive a cycle of increasingly accurate and rapid threat investigations, which is especially crucial today as businesses face a shortage of security resources and surplus in security risks and vulnerabilities,” said Craig Robinson, a Research Vice President for IDC’s Security Services Research Practice.
