IBM Security has announced new and upcoming capabilities for Cloud Pak for Security, including a data security solution that allows companies to detect, respond to, and protect against threats to their most sensitive data across hybrid cloud environments.
According to IBM, as cloud adoption and trend toward remote work have dispersed the traditional IT perimeter, security response teams can benefit from deeper insights into security across hybrid cloud environments. User behavior, identities, and data security have traditionally been siloed from threat management.
Designed to unify previously disconnected security technologies, IBM has expanded Cloud Pak for Security to include new data sources, integrations, and services that allow security operations teams to manage the full threat lifecycle from a single console.
With these upcoming capabilities, Cloud Pak for Security will include access to six threat intelligence feeds, 25 pre-built connections to IBM and third-party data sources, and 165 case management integrations—which are connected through advanced AI to prioritize threats, and automation playbooks to streamline response actions for security teams.
Cloud Pak for Security leverages open technologies to create an interoperable foundation and deeper connections between the IBM and third-party tools, and is built on Red Hat OpenShift, providing an open, containerized foundation that can be easily deployed across on-premise, public and private cloud environments.
This open approach allows Cloud Pak for Security to be more than simply a collection of security capabilities, but rather a platform to fully integrate security processes across tools and clouds. The platform uses advanced AI, analytics and automation to streamline the full lifecycle of threat management—including native capabilities for security information and event monitoring (SIEM), threat intelligence, user behavior analytics, data security and security orchestration automation and response.
With the upcoming new capabilities, Cloud Pak for Security will connect data-level insights and user behavior analytics with threat detection, investigation and response.
The new capabilities include:
- Coordinated Threat Response and Data Security:IBM has developed an approach to provide security teams with visibility into data activity, compliance, and risk, without needing to leave their primary response platform. The new built-in data security hub, scheduled for general availability in Q4, allows analysts to gain context into where their sensitive data resides across hybrid cloud environments, as well as who has access to it, how it is used, and the best way to protect it.
- Access to Threat Intelligence:Cloud Pak for Security is expanding its collection of threat intelligence, helping clients detect early warning signs of active threat campaigns impacting companies around the world. In addition to IBM's X-Force Threat Intelligence Feed, the platform will provide pre-built integrations for five additional threat intelligence feeds from third-party sources, including AlienVault OTX, Cisco Threatgrid, MaxMind Geolocation, SANS Internet StormCenter and Virustotal scheduled for general availability in Q4, and additional threat feeds expected to be added in 2021.
- Dedicated Services and Support: IBM is launching new security services to help organizations modernize their security operations with Cloud Pak for Security, leveraging a holistic approach connecting products and services. IBM experts can help clients deploy and manage Cloud Pak for Security across any environment, including end-to-end threat management, managed security services, as well as strategy, consulting and integration support.
For more information, go to www.ibm.com/security,