IBM accelerates threat detection and response with new gen AI-powered cybersecurity assistant
In response to the escalating complexity and duration of cyber threats, IBM is revolutionizing its Threat Detection and Response (TDR) services with the integration of generative AI. This advanced technology aims to alleviate the burden on security analysts by minimizing manual tasks and enabling a more proactive and precise approach to threat management.
The new IBM Consulting Cybersecurity Assistant, powered by IBM’s watsonx data and AI platform, is designed to enhance the efficiency and effectiveness of security operations. This cutting-edge tool will be incorporated into IBM’s managed TDR services, which are utilized by IBM Consulting analysts to improve and streamline security measures for their clients.
The Cybersecurity Assistant leverages IBM’s extensive AI capabilities to expedite the identification, investigation, and response to critical security threats. By integrating generative AI with existing automation technologies, the new system aims to address the challenge of managing high volumes of security alerts.
According to IBM, the TDR Services can autonomously escalate or resolve up to 85% of alerts. With the integration of generative AI technologies, the remaining alerts that require human intervention can be addressed more efficiently.
Key features of the IBM Consulting Cybersecurity Assistant
Accelerated Threat Investigations: Utilizing historical correlation analysis, the Assistant accelerates the investigation process by cross-referencing alerts and enriching insights from various data sources, including SIEM, network, EDR, and telemetry. This holistic approach enables analysts to understand and respond to threats with greater accuracy and speed. The Assistant provides a timeline view of attack sequences and auto-recommends actions based on historical patterns, improving response times and reducing attackers’ dwell time.
Streamlined Operational Tasks: Equipped with an advanced generative AI conversational engine, the Assistant offers real-time support for operational tasks. It can automatically handle requests such as ticket management, log retrieval, and command explanations. This feature not only helps in managing complex security events but also boosts overall efficiency within the Security Operations Center (SOC).
Developed in collaboration with IBM Research and built on IBM’s Granite foundation models, the Cybersecurity Assistant benefits from IBM watsonx.ai and watsonx Assistant technologies. This new tool will be a key component of IBM Consulting Advantage, IBM’s AI services platform, delivering consistent, high-quality value to clients with enhanced speed and accuracy.
About Wire19
Wire19 is your one-stop IT news portal dedicated to the digital transformation brought about by cloud and advanced technologies like Artificial Intelligence, Machine Learning, Virtual Reality, the Internet of Things (IoT), and more.
Follow us on Twitter or Sign up for our Newsletter to stay updated on what's trending in the world of technology.