IBM announced the launch of Cloud Pak for Security, featuring open-source technology for hunting threats, automation capabilities to speed response to cyber-attacks, and the ability to run in cloud or on-premise system.
IBM said the Cloud Pak for Security platform can search and translate security data from a variety of sources, bringing together security insights from across a company’s multi-cloud IT environment. CIOs can add additional tools and applications over time to the extensible platform.
More than half of security teams surveyed said they struggle to integrate data with disparate security and analytic tools and combine that data across their cloud environments to spot advanced threats, according to a recent SANS Institute report, sponsored by IBM Security.
IBM Cloud Pak for Security installs easily in any environment – on premises, private cloud or public cloud. It is comprised of containerized software pre-integrated with the Red Hat OpenShift. IBM has partnerships with dozens of companies to promote interoperability and help reduce vendor lock-in across the security community through co-developed open source technologies.
IBM Cloud Pak for Security can connect data sources to uncover hidden threats and make better risk-based decisions. Clients can access IBM and third-party tools to search for threat indicators across any cloud or on-premise location.
IBM Cloud Pak for Security connects security workflows with a unified interface to help teams respond faster to security incidents.
According to IBM Security estimates, security teams have to manage an average of 200,000 potential security events per day, and coordinate responses across dozens of tools. IBM Cloud Pak for Security allows clients to orchestrate and automate their security response assisting them in better prioritizing their team’s time.
The platform allows companies to orchestrate their response to hundreds of common security scenarios, guiding users through the process and providing quick access to security data and tools.
IBM’s Security Orchestration, Automation and Response capability integrates with Red Hat Ansible for additional automation playbooks. By formalizing security processes and activities across the enterprise, companies can react quickly and efficiently, while arming themselves with information to help address regulatory requirements.
As businesses move mission-critical workloads to hybrid multicloud environments, security data is spread across different tools, clouds and IT infrastructure. This can create gaps that allow threats to be missed, leading security teams to build and maintain costly, complex integrations and manual response plans, said Mary O’Brien, general manager, IBM Security.
The Cloud Pak for Security includes connectors for pre-built integrations with security tools from IBM, Carbon Black, Tenable, Elastic, BigFix, Splunk, as well as public cloud providers including IBM Cloud, Amazon Web Services and Microsoft Azure.
