IBM has announced Cloud Pak for Security, featuring innovations to connect with any security tool, cloud or on-premise system, without moving data from its original source. The new platform includes open source technology for hunting threats, automation capabilities to help speed response to cyberattacks, and the ability to run in any environment.
According to IBM, Cloud Pak for Security is the first platform to leverage new open source technology pioneered by IBM, which can search and translate security data from a variety of sources, bringing together critical security insights from across a company's multicloud IT environment. The platform is extensible, so that additional tools and applications can be added over time.
IBM says that as businesses move further into cloud maturity, applications and data are frequently spread across multiple private and public clouds and on-premise resources. Attempts to protect this fragmented IT environment often require security teams to undertake complex integrations and continuously switch between different screens and point products. A recent survey sponsored by IBM found that more than half of security teams struggle to integrate data with disparate security and analytic tools and combine that data across their cloud environments to spot advanced threats.
According to IBM, Cloud Pak for Security installs easily in any environment – on premise, private cloud, or public cloud, and is comprised of containerized software pre-integrated with the Red Hat OpenShift, the enterprise Kubernetes platform. Through the OASIS Open Cybersecurity Alliance, IBM has also forged partnerships with additional companies to promote interoperability and help reduce vendor lock-in across the security community through co-developed open source technologies.
IBM Cloud Pak for Security can also connect data sources to uncover hidden threats and help make better risk-based decisions, while leaving the data where it resides. Through the use of open standards and IBM innovations, clients can access IBM and third-party tools to search for threat indicators across any cloud or on-premise location.
And finally, IBM Cloud Pak for Security connects security workflows with a unified interface to help teams respond faster to security incidents. According to IBM Security estimates, security teams have to manage an average of 200,000 potential security events per day, and coordinate responses across dozens of tools. IBM Cloud Pak for Security allows clients to orchestrate and automate their security response so they can better prioritize their team's time. The platform allows companies to orchestrate their response to hundreds of common security scenarios, guiding users through the process and providing quick access to security data and tools. IBM's Security Orchestration, Automation and Response capability also integrates with Red Hat Ansible for additional automation playbooks.
For more information, go to www.ibm.com/products/cloud-pak-for-security.