IBM has announced Cloud Pak for Security, featuring industry-first innovations to connect with any security tool, cloud or on-premise system, without moving data from its original source. The platform includes open-source technology for hunting threats, automation capabilities to help speed response to cyberattacks, and the ability to run in any environment.
Cloud Pak for Security is the first platform to leverage new open-source technology pioneered by IBM, which can search and translate security data from a variety of sources, bringing together critical security insights from across a company’s multicloud IT environment. The platform is extensible, so that additional tools and applications can be added over time.
As businesses move further into cloud maturity, applications and data are frequently spread across multiple private and public clouds and on-premise resources. In a recent SANS Institute report, more than 50% of security teams surveyed said they struggle to integrate data with disparate security and analytic tools and combine that data across their cloud environments to spot advanced threats.
Three initial capabilities of Cloud Pak for Security include:
Run anywhere. Connect security openly – IBM Cloud Pak for Security installs easily in any environment – on premises, private cloud or public cloud. It is comprised of containerized software pre-integrated with the Red Hat OpenShift, the industry’s most comprehensive enterprise Kubernetes platform.
Through the OASIS Open Cybersecurity Alliance, IBM has also forged partnerships with dozens of companies to promote interoperability and help reduce vendor lock-in across the security community through co-developed open source technologies.
Gain security insights without moving data – Transferring data in order to analyze it creates additional complexity. IBM Cloud Pak for Security can connect data sources to uncover hidden threats and help make better risk-based decisions, while leaving the data where it resides. Via the Cloud Pak for Security’s Data Explorer application, security analysts can streamline their hunt for threats across security tools and clouds. Without this capability, security teams would have to manually search for the same threat indicators (such as a malware signature or malicious IP address) within each individual environment. Cloud Pak for Security is the first tool that allows this type of search without needing to move that data into the platform for analysis.
Respond faster to security incidents with automation – IBM Cloud Pak for Security connects security workflows with a unified interface to help teams respond faster to security incidents. IBM Cloud Pak for Security allows clients to orchestrate and automate their security response so they can better prioritize their team’s time. The platform allows companies to orchestrate their response to hundreds of common security scenarios, guiding users through the process and providing quick access to security data and tools
By formalizing security processes and activities across the enterprise, companies can react quickly and efficiently, while arming themselves with information to help address regulatory requirements.
Mary O’Brien, General Manager, IBM Security said “With Cloud Pak for Security, we’re helping to lay the foundation for a more connected security ecosystem designed for the hybrid, multicloud world.”
IBM’s Cloud Pak for Security is built on open source technologies that support companies’ cloud environments – including Red Hat OpenShift.
Creating Cloud Pak for Security on these open, flexible building blocks allows for easy “containerized” deployment across any cloud or on premise-environment. As companies continue adding new cloud deployments and migrations, Cloud Pak for Security can adapt and scale to these new environments – allowing clients to bring their sensitive and mission-critical workloads into the cloud while maintaining visibility and control from within a centralized security platform.
Cloud Pak for Security also provides a model to help Managed Security Services Providers (MSSP) efficiently operate at scale, connect security silos and streamline their security processes. Organizations can also hire IBM Security for a wide range of additional services, such as on-demand consulting, custom development and incident response.
(Image courtesy: www.betanews.com)