Security teams can use the XFTM services to identify, track and manage threats across IoT and OT environments, according to IBM. They also can use the services to gain insights into IoT and OT network devices and secure them accordingly.
XFTM services use a five-step process to help security teams protect IoT and OT environments:
- Insight: Automatically identifies and profiles network devices in real time.
- Protection: Automatically blocks traffic or quarantines a compromised device.
- Detection: Leverages X-Force experts and artificial intelligence (AI) tools to monitor device behaviors for indicators of compromise.
- Response: Automatically contains a data breach if malicious activity is identified.
- Recovery: Initiates breach remediation and analysis performed by disaster recovery experts.
XFTM services help security teams quickly identify compromised or risky IoT and OT devices based on their behaviors, IBM stated. In doing so, security teams can use the services to understand cyber risks and protect network devices against cyberattacks.
Introducing Cloud Pak for Security
The XFTM services for IoT and OT release comes after IBM in November launched the Cloud Pak for Security open-source cyber threat detection and response platform.
Cloud Pak for Security allows security teams to search for and translate security data from a variety of sources and orchestrate and automate threat response based on hundreds of common security scenarios, IBM stated. That way, Cloud Pak for Security helps security teams eliminate silos and streamline operating processes.