IBM advances its security intelligence portfolio with new analytics

The move will form part of the linking together of IBM's various security services and facilities under a new ISS banner from the first quarter of 2012 onwards, Infosecurity understands.

To assist its clients in this electronic crystal ball gazing, Big Blue's software will analyze data from multiple sources across the enterprise and determine how to enhance their security profile and so ensure that both security and business needs are aligned using new intelligence tools and services.

The new analytics tools and services include a new desktop dashboard to provide real-time identification of advanced threats; a new IP intelligence report; an enhanced automated intelligence correlation engine; a new IP center dashboard; and managed SIEM (security information and event management) facilities.

According to IBM, the data analytics will allow clients to more clearly map their security, risk and compliance requirements to business needs while allowing for growth and innovation.

“IBM recognizes clients need get ahead of the threats in today’s complex security landscape”, said Marisa S. Viveros, vice president of IBM Security Services. “We are applying our nearly five decades of security experience to help clients move from a reactive position to a proactive one, using analytics to anticipate threats as they appear instead of after the fact”, she said.

A key feature of the new six-part subscription security analytics service will be an enhanced AI (automated intelligence) correlation engine that allows IBM to chain together alerts from multiple service offerings to identify sequences of activity that equate to higher severity security incidents.

These correlated alerts, says the firm, validate the severity of threats by lowering the rate of false positives and streamlining the identification of advanced threats that target individual customers or attack activities across the entire managed security services customer data set.

A new IP center dashboard, meanwhile, is billed as providing IBM threat analysts enhanced query capabilities across the MSS customer data set – enabling faster profiling of suspected attackers, returning a breakdown of the customers and industries affected, the attacks delivered as well as a threat score.

“Just as the police can check a driver's license number for information including prior arrests and felony convictions, IBM threat analysts can perform checks to validate the severity of circumstances, streamlining the prioritization of remediation activities”, says the computing giant.

What’s Hot on Infosecurity Magazine?