IBM announced on November 20 Cloud Pak for Security, presenting innovations that are a first in the industry to connect with any security tool, cloud or locally installed system (on-premise), without moving data from its original source. The new platform includes open technology to detect threats, automation capabilities to help accelerate the response to cybersecurity attacks and the ability to run in any environment.
Cloud Pak for Security is the first platform in the industry based on open technologies that can search and translate security data from a variety of sources, gathering critical information from the company's entire multi-cloud IT environment. The platform is extensible, so additional tools and applications can be added over time.
In a statement, IBM notes that as companies move forward in cloud adoption, applications and data extend across multiple public and private clouds, as well as on-premise resources. Attempts to protect this fragmented IT environment require security teams to perform complex integrations and continually switch between different screens and specific products. More than half of security teams say they have difficulty integrating data with disparate analytical and security tools and combining that data in their cloud environments to detect advanced threats.
Three initial capabilities include:
- Obtain security information without moving data.Transferring data for analysis generates additional complexity. IBM Cloud Pak for Security can connect all data sources to discover hidden threats and make better risk-based decisions, leaving the data where they reside. Through the Cloud Pak for Security's Data Explorer application, security analysts can expedite their search for threats through any security tool or cloud. Without this capability, security teams are forced to manually search for the same threat indicators (such as a malware signature or a malicious IP address) within each individual environment. Cloud Pak for Security is the first tool that allows this type of search without moving that data to the platform for analysis.
- Respond faster to security incidents with automation.IBM Cloud Pak for Security connects security workflows with a unified interface and automation playbooks so teams can respond faster to incidents. The platform allows companies to organize their response to hundreds of common security scenarios, guiding users through the process and providing quick access to adequate security data and tools. The Orchestration, Automation and Response capability of IBM Security integrates with additional Red Hat Ansible automation playbooks. By formalizing security processes and activities throughout the company, companies can react more quickly and efficiently, while arming with the necessary information to increase regulatory scrutiny.
- Run anywhere. Connect security openly. IBM Cloud Pak for Security is easily installed in any environment: on-premise, private cloud or public cloud. It provides a unified interface to simplify operations, consisting of pre-integrated container software with Red Hat OpenShift, the industry's most complete Kubernetes business platform.
“As companies move mission-critical workloads to multicloud hybrid environments, security data is distributed among different tools, clouds and IT infrastructure. This creates gaps that make threat detection difficult, so security teams must resort to costly and complex integrations or manual response plans, ”said Mary O'Brien, General Manager of IBM Security. "With Cloud Pak for Security, we are laying the foundation for a more connected security ecosystem, designed for the hybrid and multicloud world."
IBM collaborated with dozens of customers and service providers during the design process, developing a solution to address the critical interoperability challenges that permeate the security industry. Cloud Pak for Security includes initial connectors for pre-built integrations with popular security tools from IBM, Carbon Black, Tenable, Elastic, BigFix, Splunk, as well as public cloud providers, including IBM Cloud, Amazon Web Services [2] and Microsoft Azure. The solution is based on open standards so that you can connect additional security tools and data from the entire infrastructure of a company.
To further accelerate the industry's migration to open security, IBM also leads open source projects to make security tools work together natively across the security ecosystem. As a founding member of the Open Cybersecurity Alliance, IBM and more than 20 organizations are working together on open standards and open source technologies that enable product interoperability and reduce vendor blockage across the security community.
Designed for the hybrid and multicloud world
76% of organizations report that they are already using between two and fifteen hybrid clouds, and 98% predict that they will use multiple hybrid clouds within three years. [3] IBM Cloud Pak for Security relies on open source technologies that are critical to a company's cloud environment, including Red Hat OpenShift.
The creation of Cloud Pak for Security in these open and flexible building blocks allows easy implementation "in containers" in any cloud or in a local environment. As companies continue to add new cloud implementations and migrations, Cloud Pak for Security can easily adapt and scale to these new environments, allowing customers to carry even sensitive and mission-critical workloads to the cloud, while maintaining visibility and control from a centralized security platform.
Cloud Pak for Security also provides a model for managed security service providers (MSSP) to operate efficiently at scale, connect security silos and streamline their security processes. Organizations can also take advantage of a wide range of IBM security services, such as on-demand consulting, custom development and incident response.
Source: https://diarioti.com/
Comments
Post a Comment