SECURITY SYSTEMS
IBM introduces new Gen AI powered cybersecurity assistant
New advancements built on watsonx empower IBM Consulting security analysts to help clients accelerate alert investigation .
IBM has introduced new Gen AI capabilities to its managed Threat Detection and Response Services utilised by IBM Consulting analysts to advance and streamline security operations for clients .
Built on IBM ’ s watsonx data and AI platform , the new IBM Consulting Cybersecurity Assistant is designed to accelerate and improve the identification , investigation and response to critical security threats .
In addition to being included in IBM Consulting ’ s threat detection and response practice , the Cybersecurity Assistant will be part of IBM Consulting Advantage – the AI services platform with purpose-built AI assets designed to empower IBM consultants to deliver value for clients with consistency , repeatability , quality and speed .
“ As cyber-incidents evolve from immediate crises to multidimensional and months-long events , security teams are facing the enduring challenge of too many attacks and not enough time or people to defend against them ,” said Mark Hughes , Global Managing Partner of Cybersecurity Services , IBM Consulting .
“ By enhancing our Threat Detection and Response services with Generative AI , we can reduce manual investigations and operational tasks for security analysts , empowering them to respond more proactively and precisely to critical threats and helping to improve overall security posture for clients .”
IBM ’ s Threat Detection and Response ( TDR ) Services can automatically escalate or close up to 85 % of alerts ; and now , by bringing together existing AI and automation capabilities with the new Generative AI technologies , IBM ’ s global security analysts can speed the investigation of the remaining alerts requiring action .
Specifically , the new capabilities helped reduce alert investigation times by 48 % for one client .
The new Cybersecurity Assistant can accelerate threat investigations and remediation with historical correlation analysis – being designed to help speed up complex threat investigations via historical correlation analysis of similar threats .
Built into IBM ’ s TDR Services , the new capability cross-correlates alerts and enhances insights from SIEM , network , EDR , vulnerability and telemetry to provide a holistic and integrative threat management approach .
By analysing patterns of historical , client-specific threat activity , security analysts will be equipped to be more proactive and precise .
To help them better comprehend critical threats , analysts will have access to a timeline view of attack sequences , helping them to better comprehend the issue and provide more context to investigations .
The assistant will also auto-recommend actions based on the historical patterns of analysed activity and pre-set confidence levels , speeding response times for clients and helping to reduce attackers ’ dwell time .
With the ability to continuously learn from investigations , the Cybersecurity Assistant ’ s speed and accuracy is expected to improve over time .
The Cybersecurity Assistant also includes a Generative AI conversational engine that provides real-time insights and support on operational tasks to both clients and IBM security analysts .
In addition to responding to requests such as opening or summarising tickets , the conversational feature can automatically trigger relevant actions , including running queries , pulling logs , command explanations or enriching threat intelligence .
By explaining complex security events and commands , the TDR Service can help reduce noise and boost overall SOC efficiency for clients . �
58 www . intelligentbuild . tech