IBM Introduces New Cyber ​​Attack Solution

IBM has announced that its extensive data security information archive is now available on the IBM X-Force Exchange cloud platform. This collective collaboration platform for dealing with cybercrime contains enormous amounts of generalized information about threats, recommendations that are practically implemented in IBM and other companies around the world, as well as indicators of real-time attacks.

Today, there is a particularly lack of reliable information on threats, since 80% of cyber attacks are carried out by organized criminal groups, which have all the necessary information, tools and practical experience to carry out such actions. Despite the fact that hackers have become more mobile, the behavior of their victims has not changed. Currently, the majority (65%) of established cybersecurity departments use a variety of independent reliable and unreliable sources of information to combat cyber attacks.
The X-Force Exchange platform has a huge amount of IBM security information in its possession, including the most comprehensive portfolio of research data and technologies, such as QRadar, the experience of thousands of global customers, and the knowledge and skills of analysts and experts from IBM Managed Security Services .

Thanks to an open and highly efficient cloud infrastructure, users will be able to interact with each other and get access to many sources of information, including:
')

• one of the largest and most comprehensive vulnerability catalogs in the world;
• threat information based on monitoring results, in which 15 billion security events are monitored daily;
• generalized information about viruses from 270 million endpoint computing devices;
• generalized information on threats based on more than 25 billion sites and images;
• fundamental knowledge of 8 million spam and phishing attacks;
• information on nearly 1 million malicious IP addresses.

Today, X-Force Exchange is 700 TB of raw data provided by IBM. At the same time, the volume of information will continue to grow, be updated and shared due to the fact that the platform will add up to 1 thousand new indicators about possible threats every hour. Such real-time data is crucial for combating cybercrime.

“The IBM X-Force Exchange platform will help develop cooperation to counter the growing number of cyber threats of high complexity that companies are facing today,” said Brendan Hannigan, head of IBM Security. - “We are initiating the launch of our own global network to combat cyber threats with access to research data, customer experience, technology and the expert community. In addition, we encourage other companies to join our platform and share their accumulated knowledge, as we strive to accelerate the process of building the connections and partnerships needed to counter hackers. ”

An open, automated and convenient platform for sharing information on information security threats

The new IBM X-Force Exchange cloud platform, created by IBM Security, will allow organizations to easily share data related to security incidents, as well as access to articles from IBM experts and other platform partners. Since the launch of the beta version of X-Force Exchange, many of its developers have joined the community.

By freely acquiring and exchanging real-time aggregated information about threats from IBM’s own networks or database, users can easily detect and prevent threats by:

• convenient interface with which you can easily communicate or check the accuracy of information from colleagues, analysts and researchers;
• a large amount of generalized information on threats provided by third parties, the quantity and quality of which will only grow in the future due to an increase in the user base;
• a toolkit for easy collection and classification of results, where the most important information is in the foreground;
• open access via the Internet for information security analysts and researchers;
• libraries of software interfaces to facilitate requests between platforms, devices and applications, which will allow enterprises to quickly use aggregated information and take measures to combat threats.
• Within the platform, IBM will provide support for STIX and TAXII, which are gradually becoming the benchmark for automated information gathering about threats, for easier retrieval and exchange of information, and full integration into existing security systems.

Cyber ​​attacks in the context of information security

For the first time, organizations can directly interact with information security analysts and IBM developers, as well as their industry peers through a platform on which they can verify detected threats, as well as share their findings with other companies fighting cybercrime.

For example, a programmer may detect a new virus program, marking it on the platform as “malicious”. After that, a security analyst from another company will find this domain in his network and consult with colleagues and experts to confirm its danger. Then, he can block this program for all digital materials of his company, stopping malicious traffic, and at the same time notify other members of the platform of the threat. The head of the Information Security Administration will add this malicious source of traffic to a publicly available base on the platform so that his industry colleagues can quickly contain and prevent the threat before it hits other companies' systems.

For more information, please click here .