IBM has announced plans to acquire Resilient Systems to add incident response capabilities to its services.
The Resilient incident response platform automates and orchestrates the processes needed when dealing with cyber incidents – from breaches to lost devices. This will enables users to respond and mitigate cyber incidents more quickly while helping minimize their exposure. Financial terms were not disclosed. The transaction is expected to close later this year, subject to any required regulatory reviews.
Upon acquisition of Resilient Systems, IBM Security will offer an integrated end-to-end security operation and incident response platform offering. The platform will bring together security analytics, forensics and vulnerability management along with incident response into a coordinated approach for enterprise threat protection, detection and response.
John Bruce, Resilient Systems Co-Founder and CEO, said: “By combining, the market now has access to the leading prevention, detection and response technologies available in the same portfolio – the security trifecta.”
IBM has also launched new X-Force Incident Response Services, further expanding its capabilities to help clients plan for, manage and respond to cyber-attacks, utilising the knowledge of 3,000 consultants and security researchers globally. New services include a remote incident response capability to help clients map how a breach occurred and take action to shut it down.
IBM X-Force security experts will help clients develop response strategies, including Computer Incident Response Team playbooks, and a means to more effectively discover, track, respond to and report on security incidents. These new capabilities will be further enhanced through the planned acquisition of Resilient Systems.
The new services will also include a new remote incident response service, which actively hunts for threats and allows IBM security experts to remotely manage active attacks via the cloud. Part of this capability will be enhanced via technology from Carbon Black, which will enable IBM security analysts to conduct security forensics on compromised endpoint devices, determine where a breach first occurred, map it across other devices, contain it quickly and take action to shut it down.
“By adding Resilient Systems’ technology and expertise, IBM will have an industry-leading range of capabilities to help clients respond to cyber breaches, across consulting, services, and products,” said Marc van Zadelhoff, General Manager, IBM Security.
“With our intent to acquire Resilient Systems, and our other announcements today, we are doubling down on the incident response market. Cybersecurity needs to function like an immune system, both in preventing breaches, but also in quickly eradicating those that do occur.”
In an email to Infosecurity, Scott Crawford, research director at 451 Research, said: “IBM had incident response services before, but it was part of the overall Professional Security Services organization. This announcement appears to be a more formal, front-and-center positioning of incident response services to be more directly competitive with FireEye-Mandiant et al, which had also recently acquired security automation capabilities with Invotas.
“Resilient is more specifically focused on incident response processes, however, so I would see both IBM announcements as being more directly competitive with FireEye-Mandiant.”