IBM[1] has upgraded the Resilience enterprise security platform to harness both human and machine intelligence for incident response.
The new orchestration capabilities bring together the best of both worlds -- the expertise of cybersecurity professionals and machine learning (ML), which can be utilized to take the manual labor and strain off human partners, the tech giant said on Monday[2].
According to the firm, the Resilient Incident Response Platform[3] (IRP) will "dramatically accelerates and sharpens incident response by seamlessly combining incident case management, orchestration, automation, intelligence, and deep two-way partner integrations into a single platform."
Threat actors and cybercrime are placing immense pressure on companies and their security teams which often find themselves understaffed and underfunded. Cisco suggests[4] that last year, security teams were only able to investigate 56 percent of daily security threats, which leaves 44 percent of alerts unexplored on average.
However, machine learning and artificial intelligence systems may become key tools which reduce this pressure, allowing security staff to focus on key areas without being bogged down in false positives and alerts which often reach the thousands on a daily basis.
IBM's solution aims to shoulder this task. The platform can be set up to orchestrate and automate incident response alerts and actions which would otherwise require human operators, supported by a business process management notation (BPMN) workflow engine.
The IBM X-Force Threat Management Services system, which is connected to the Resilience service, combines three artificial intelligence engines to manage threat events.
"This [...] direct analysts through a fast, accurate, and expert-level response process, and ensures the right incident information is delivered exactly when they need it," IBM says. "The new platform allows analysts to