Ingests and analyzes security data from an extensive ecosystem of technologies and vendors; Offers 24/7 monitoring, investigation and automated remediation of security alerts
IBM recently unveiled the next evolution of its managed detection and response service offerings with new AI technologies, including the ability to automatically escalate or close up to 85% of alerts, helping to accelerate security response timelines for clients.
The new Threat Detection and Response Services (TDR) provide 24×7 monitoring, investigation, and automated remediation of security alerts from all relevant technologies across client’s hybrid cloud environments – including existing security tools and investments, as well as cloud, on-premise, and operational technologies (OT). The managed services are delivered by IBM Consulting’s global team of security analysts via IBM’s advanced security services platform, which applies multiple layers of AI and contextual threat intelligence from the company’s vast global security network – helping automate away the noise while quickly escalating critical threats.
“Security teams today are not just outnumbered by attackers, but also by the number of vulnerabilities, alerts and security tools and systems they’re tasked with managing on a day-to-day basis,” said Chris McCurdy, General Manager, Worldwide IBM Consulting Cybersecurity Services. “By combining advanced analytics and real-time threat intelligence with human expertise, IBM’s new Threat Detection and Response Services can augment organization’s security defenses with a capability that is scalable, continuously improving and strong enough for tomorrow’s threats.”
Intelligently Adapting Threat Defenses
The new TDR Services are underpinned by a set of AI-powered security technologies that support thousands of clients across the world, monitoring billions of potential security events per day. It leverages AI models that continuously learn from real-world client data, including security analyst responses, engineered to automatically close low priority and false positive alerts based on a client-defined confidence level. This capability also automatically escalates high risk alerts that require immediate action by security teams and provides investigation context.
