[ad_1]
A recent study shows that the cyber security sector is facing a global shortage of nearly 3 million skilled people. This reflects the fact that companies today struggle to find the capacity and skills to effectively analyze and respond to a significant number of cyber security incidents and alerts. Artificial intelligence and machine learning technologies that can provide analysts with the knowledge and automation to help them deal with critical threats faster and more effectively are therefore welcome to have an abundant qualified supply of professionals. cybersecurity.
IBM Security offers a solution of this kind known asIBM QRadar Advisor with Watson. It is a cognitive security analysis platform that can identify and react quickly to threats. It enhances the ability of security analysts to identify and understand sophisticated threats by accessing unstructured data (eg, blogs, websites, research articles) and correlating with local security breaches.
IBM Security announced on Wednesday, November 28 new features for its AI-based security platform that, according to the company, allow QRadar Advisor with Watson to better understand cybercriminal behavior and to learn from security response activities within an organization.
As part of its latest release, IBM has developed new analytics and learning models that allow QRadar Advisor to identify slow and slow attack patterns and adapt to the local customer environment. This AI becomes smarter over time based on additional interactions and engagement of analysts, allowing the tool to provide more specific recommendations on how to respond to an incident, as well as confidence ratings based on in which incidents align with historical data.
IBM Security has also adopted the open source framework MITER ATT & CK, a knowledge base on cybercriminal behavior, based on real examples and information from industry experts in cybersecurity. It defines schemas and step-by-step actions that a threat can take if it flies. According to IBM, using the ATT & CK framework, QRadar Advisor with Watson goes beyond the identification of the threat and the realization of external research on it. It also helps to better understand the progression of external attacks and internal threats within the client infrastructure – for example, if malicious software has just arrived within the organization or if it has already collected such data. as passwords or credit card information.
By helping analysts visualize the evolution of an attack, this feature allows them to immediately understand where an incident in the threat cycle is and what could happen thereafter, thereby dramatically improving the timing of an attack. and the effectiveness of responses.
Standards such as MITER ATT & CK, which leverage the collective knowledge of the security community, are essential to change the industry and help security teams deal with increasingly sophisticated threats, said Chris Meenan, director of the Security Intelligence Offering Management and Strategy division of IBM Security. Still according to IBM, this additional information provided by QRadar Advisor can help analysts improve their skills and link different elements together to see the scale of an attack in the same way as a top-level analyst or threat hunter. .
Learn more about IBM QRadar Advisor with Watson or test the solution
Learn more about IBM Cloud services
[ad_2]
Source link
