MDR, Threat Hunting, Threat Management, Threat Intelligence

IBM Delivers AI-Powered Threat Detection

Credit: Getty Images

IBM, a Top 40 managed detection and response (MDR) security company, is offering threat detection and response (TDR) services that "provide 24x7 monitoring, investigation and automated remediation of security alerts" across clients' hybrid cloud environments, according to the company.

The TDR services are delivered via IBM's advanced security services platform, which applies artificial intelligence (AI) and contextual threat intelligence from the business' global security network to escalate critical threats, the company said.

IBM Offers Security Alert Monitoring, Investigation and Remediation

The TDR services use insights from IBM's threat management engagements and AI to assess and auto-recommend the most effective detection rules, the company noted. This helps organizations improve their alert quality and speed up their response to alerts.

Furthermore, organizations can use IBM's TDR services to see how their environments are covering MITRE ATT&CK framework tactics, techniques and procedures (TTPs) as compared to their industry and geography peers, the business said. The services also provide insights into how to detect threats and assess gaps to update within the MITRE ATT&CK framework.

IBM's End-to-End Integration

The TDR services can be used in conjunction with an organization's on-premises and cloud security assets, IBM noted. They allow an organization to access its security ecosystem and define its response playbooks through a co-managed portal.

In addition, the TDR services provide organizations with access to more than 6,000 IBM Cybersecurity Services professionals.

IBM Accelerates Threat Detection and Response

The TDR services announcement comes after IBM in April 2023 released the IBM Security QRadar Suite, which "represents a major evolution and expansion of the QRadar brand, spanning all core threat detection, investigation and response technologies," the company indicated.

This suite offers several security capabilities, including:

  • Endpoint detection and response (EDR)/eXtended detection and response (XDR)
  • Log management
  • Security information and event management (SIEM)
  • Security orchestration, automation and response (SOAR)

The suite features AI and automation capabilities and innovations developed in collaboration with IBM Research and the open-source security community, the company said.

IBM provides organizations security products and services that they can use to predict threats, protect their data and respond to security incidents. The company monitors more than 150 billion security events per day globally.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.