For one year, IBM's Watson machine learning technology has digested tens of thousands of cybersecurity documents. It is now integrated into the Cognitive SOC platform to enable security teams to speed up the processing of cyber threats.
IBM now leverages its Watson cognitive technology within its SOC offering for security management and supervision centers. It has just incorporated it into its new Cognitive SOC platform after having given Watson, for one year, more than one million documents on cybersecurity. This learning will help security analysts to explore the thousands of natural language research reports that have not been exploited by specialized tools until now, IBM said in a statement. According to its studies, cyber-risk teams have to sort out more than 200,000 events a day to distinguish between real threats and false alarms, which would lead each year to lose more than 20,000 hours and about 1,3$ million on false positives. However, the incidents to be dealt with should double in the next 5 years, said IBM Research. For now, only 7% of professionals engaged in this field use cognitive tools, but this figure should triple within 2 to 3 years, estimates the supplier.
The cognitive SOC platform is designed to address threats to endpoints, networks, users, and the cloud. It integrates QRadar Watson Advisor, an app available on the IBM Security App Exchange marketplace. It is the first tool to exploit Watson's corpus of cyber security analyzes. It will combine its natural language processing capabilities, which allow it to explore blogs, websites, research documents and other sources, with QRadar's data on threats. According to IBM, this will reduce to a few minutes some cybersecurity surveys that took several days or weeks.
The solution is also complemented by BigFix Detect, EDR (Endpoint Dectection and Response) software designed to deal with threats on equipment at the end of the network. Associate with Resilient's Dynamic Playbook tool, it will enable organizations to orchestrate and automate threat responses across their organization. The cognitive SOC platform also provides access to the X-Force Exchange information sharing platform for peer collaboration on security threats.
IBM leverages its machine learning technologies on its global X-Force Command Center network. Customers of its managed security services will now be able to interact with a conversational robot using Watson. A research project with code name Havyn also tests a security vocal assistant that uses the cognitive technology's conversational capabilities to respond to commands made aloud and in natural language by security analysts.
No comments:
Post a Comment