IBM is one of the growing number of companies that is turning to cognitive security to develop solutions that can help organizations use the power of machine learning and natural language to solve security problems. The idea is to enable computers to mimic human functions so that they “learn” with each interaction and get better at analyzing and stopping threats proactively.
On Monday, IBM announced the availability of Watson for Cyber Security. The offering uses the company’s super computing platform and augmented intelligence technology to power cognitive security operations centres (SOCs).
Watson for Cyber Security will be integrated into IBM’s new Cognitive SOC platform, bringing together advanced cognitive technologies with security operations and providing the ability to respond to threats across endpoints, networks, users, and cloud.
The centerpiece of this platform is IBM QRadar Advisor with Watson, the first tool that taps into Watson’s cybersecurity insights. This new app is already being used by Avnet, University of New Brunswick, Sopra Steria and 40 other customers globally to augment security analysts’ investigations into security incidents.
“Today’s sophisticated cybersecurity threats attack multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data,” said Sean Valcamp, chief information security officer at Avnet. “Watson makes concealment efforts more difficult by quickly analyzing multiple streams of data and comparing them with the latest security attack intelligence to provide a complete picture of the threat. Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team’s ability to respond accordingly.”
IBM Security also is announcing a new endpoint detection and response (EDR) solution called IBM BigFix Detect. The solution helps organizations gain full visibility into the constantly changing endpoint threat landscape while bridging the gap between malicious behavior detection and remediation. BigFix Detect is making EDR accessible and actionable, providing security analysts with the ability to see, understand and act on threats across their endpoints through a single platform, and delivers targeted remediation on impacted endpoints enterprise-wide in minutes.
Over the past year, IBM had trained Watson on the language of cybersecurity, ingesting over 1 million security documents. This enables Watson to help security analysts parse thousands of natural language research reports that have never before been accessible to modern security tools.
According to IBM research, security teams sift through more than 200,000 security events per day on average, leading to over 20,000 hours per year wasted chasing false positives.
Jason Corbin, director of product management for security intelligence for IBM Security, says that cognitive security will uncover new insights, patterns and a security context which were previously unseen by security teams.
“Think about the more than 100,000 documented software vulnerabilities in the IBM X-Force Exchange database, as well as the 10,000 security research papers and 700,000 security blogs published each year,” he said in a recent blog. “Now security analysts can quickly interpret this unstructured data — created by humans, for humans — and integrate it with structured data from countless sources and locations.”
With cognitive security, security teams can more rapidly evolve their tactics and strategies for dealing with cybercrime and help them keep pace with the today’s rapidly evolving threats, according to IBM
The use of cognitive technology in security is at its early stages.
According to a recent IBM research, only seven per cent of security professionals is using cognitive tools. However, the use of cognitive technology in security is expected to triple in the next two to three years.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…