IBM's Watson

IBM brings cognitive to SOCs with Watson for cybersecurity

Pro
IBM's Watson. (Image: Wikipedia)

14 February 2017

After one year of research and the ingestion of more than one million cyber security documents, IBM has launched its cognitive computing service, Watson, for security operations centres (SOCs).

The new offering will be integrated into IBM’s Cognitive SOC platform, which the company said will bring together advanced cognitive technologies with security operations, and provide the ability to respond to threats across endpoints, networks, users and cloud.

The vendor said the centrepiece of its platform is IBM QRadar Advisor with Watson, an application used to access the platform’s cyber security insights. IBM added the app is already being used by more than 40 customers globally, including technology distributor, Avnet.

“Today’s sophisticated cyber security threats attack on multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data,” said Avnet CISO, Sean Valcamp.

“Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing them with the latest security attack intelligence to provide a more complete picture of the threat,” he said. “Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team’s ability to respond accordingly.”

Additionally, the vendor has invested in research to bring cognitive tools into its global X-Force Command Center network, including a Watson-powered chatbot currently being used to interact with IBM Managed Security Services customers.

IBM has also launched a new research project, Havyn, a voice-powered security assistant that leverages Watson conversation technology to respond to verbal commands and natural language from security analysts.

IBM said the solution assists in the investigation of potential threats by correlating Watson’s natural language processing capabilities across security blogs, websites, research papers, and other sources, with threat intelligence and security incident data from QRadar.

“The Cognitive SOC is now a reality for clients looking to find an advantage against the growing legions of cyber criminals and next generation threats,” said IBM Security VP of development and technology, Denis Kennelly.

“Our investments in Watson for Cyber Security have given birth to several innovations in just under a year. Combining the unique abilities of man and machine intelligence will be critical to the next stage in the fight against advanced cyber crime,” he said.

In addition, the vendor has also launched a new endpoint detection and response (EDR) solution it has named IBM BigFix Detect. The vendor said the solution helps partners and customers gain visibility in the endpoint threat landscape while “bridging the gap between malicious behaviour detection and remediation.”

IBM said it will help clients design, build and manage cognitive security operations centres globally through its IBM Managed Security Services reseller business. The company has built over 300 security operations centers in the last five years, across consumer packaged goods, retail, banking and education.

IBM said Watson is also currently engaging with clients daily via a new chatbot tool deployed in IBM’s X-Force Command Center network, which manages over 1 trillion security events per month.

IDG News Service

Read More:


Back to Top ↑

TechCentral.ie