IBM gives developers access to a number of their services, helping to combat cybercrime

IBM recently decided to open access to its security analysis platform - IBM Security Radar. This step, according to company representatives, will help customers, company partners and ordinary developers to create custom applications using the capabilities of the platform and the corresponding archive of security data. Also launched an online platform for information security professionals IBM Security Exchange . Here, developers will be able to create and share applications based on IBM technologies.

Thus, the corporation is taking active steps to stimulate industry cooperation and promote innovation to combat cybercrime. Earlier in 2015, IBM published more than 700 TB of threat data on its IBM X-Force Exchange platform. In April alone, more than 2000 organizations joined the platform. Thanks to the open access to the analytical security platform and the data archive on threats, companies will be able to share important information that will allow them to more effectively counter cybercrime.

IBM and partners, including Bit9 + Carbon Black, BrightPoint Security, Exabeam and Resilient Systems, have already downloaded dozens of custom-designed applications to the IBM Security App Exchange. They help to complement the analytical data contained in IBM Security QRadar with tools for evaluating user behavior, information from end devices, and attack modeling. New applications take advantage of open source programming interfaces (APIs) for IBM QRadar. Data analysis and threat information available on the platform helps detect security breaches in thousands of security centers around the world, including half of the Fortune 100 companies.
')
“Today, thousands of customers are trying to meet the level of IBM security technology. Providing access to the platform contributes to closer cooperation with partners and customers, which changes the very mechanics of dealing with cybercrime, ”says Mark van Zadelhof, vice president of strategy and product promotion at IBM Security. “The exchange of experience among representatives of the security industry will allow us to more quickly implement innovations in order to provide permanent protection against new and more sophisticated attacks.”

New applications open up a wide range of analytical tools.

Open source development and collaboration with partners are prerequisites for accelerating innovative development in a dynamic and rapidly changing world of technology. More than 77% of managers believe that cooperation in developing solutions is only beneficial for business, as it reduces the time it takes to create and bring a product to market.

Dozens of organizations have already joined the IBM App Exchange, which made it possible for developers and partners to speed up the distribution and use of 14 new QRadar applications. In particular, among the active participants: Bit9 + Carbon Black, BrightPoint Security, Exabeam and Resilient Systems. In addition, other partners, such as STEALTHbits and iSIGHT Partners, have applications under development.

With the help of integration with third-party technologies, new applications offer users improved visual accessibility of a large amount of data of different types, new automated search and reporting functions. This helps security professionals concentrate on the most important threats. Applications are already available for free in the IBM Security App Exchange, where customers have a wide range of analytical tools that are closely interconnected with the IBM QRadar security information environment.

Examples of new applications include:
User Behavior - The Exabeam User Behavior Analytics application combines the analysis of a particular user’s behavior, creating a “psychological portrait” and risk prediction. All of this is available on the QRadar toolbar. A real-time view of potential risks allows companies to detect unobvious behavioral differences between a regular employee and a cracker who uses his account.

Threat Information - a new application developed by IBM, allows QRadar users to extract threat information from any system using the available standard STIX and TAXII formats and use this data to create personalized correlation, search, or reporting algorithms. For example, users will be able to publicize lists of dangerous IP addresses from the IBM X-Force Exchange and create an algorithm that will enhance system protection when attacking from specified IP addresses.

Threat detection on end devices - a new application from Bit9 + Carbon Black provides QRadar users with a deeper understanding of the threat on end devices: desktops, laptops and servers. By analyzing target data from touchscreen devices using the QRadar interface, the Carbon Black App for IBM QRadar allows users to quickly and efficiently detect and respond to attacks from end devices.

Attack Simulation - The new IBM Security QRadar Incident Overview allows users to better visualize all attacks in QRadar using circles, colors, and correlation lines. The size and color of the circles indicates the size of the incident, and the lines between them represent the common IP addresses among the related incidents. This type of intuitive visualization helps security analysts quickly identify common elements between incidents and prioritize them.

Applications run on the new QRadar platform, which allows the security community to quickly create new applications using open APIs and software development kits. IBM Security will thoroughly test each application before placing it on the App Exchange to check for compliance with community rules.

IBM Security QRadar improves detection and instant response to threats.

IBM also announced the release of a new version of IBM Security QRadar, which analyzes the company's IT infrastructure data and identifies potential security threats. IBM has been a leader in the market for SIEM systems (Security Incident and Event Management), according to 2014 software sales revenue, and has been at the forefront of Gartner's Magic Quadrant for SIEM for the past seven years.

For the first time in history, QRadar will allow users to create algorithms that automatically perform the necessary actions, barely specific threats will be detected. For example, the algorithm created using QRadar can automatically start blocking IP addresses and control user access based on a risk profile. In addition, applications developed using the new QRadar scheme can also use personalized algorithms to automatically respond to threats.

IBM is also continuing to integrate QRadar with IBM BigFix to help users more effectively deal with threats in order of priority and fix vulnerabilities on their devices. Now QRadar can also identify unprotected end devices in which BigFix is ​​not installed, and help users find crackers or unmanaged resources faster.