IBM Launches AI-Powered Security Assistant

August 7, 2024 Alex Woodie

IBM this week launched a new AI-based security tool that’s designed to help security professionals who are deluged by data. Dubbed the IBM Consulting Cybersecurity Assistant, the new offering is based on IBM’s watsonx technology and is available (as the name would suggest) to IBM consulting clients.

Security professionals are constantly bombarded with alerts to the point where they are overloaded. A recent survey by CybSafe found that more than 25 percent of security professionals say they’re often or always feeling overwhelmed with information, while another 46 percent say they occasionally feel that way. A 2021 survey by Trend Micro found that 70 percent of respondents say they feel their home lives are being emotionally impacted by managing security alerts.

With its new Cybersecurity Assistant, IBM is hoping to ease the security burden and improve client’s security postures by using GenAI to help with some of the repetitive and difficult tasks that security professionals face on a daily basis.

The new Cybersecurity Assistant is a component of IBM’s Threat Detection and Response (TDR) Services, which is a consulting service that IBM offers to clients. TDR Services already escalates or closes up to 85 percent of alerts for its clients, according to IBM. Cybersecurity Assistant is designed to help clients deal with the remaining 15 percent of the alerts.

Specifically, the Cybersecurity Assistant, which is based on IBM’s Granite foundation model, is designed to help with mundane tasks that analysts with IBM and its clients face, such as opening and summarizing tickets, as well as more complex tasks, such as pulling logs, running queries, and helping to piece together threat intelligence.

It also has the capability to cross-correlates alerts from different network and security devices, thereby enhancing the insights emerging from SIEM (security information and event management), EDR (endpoint detection and response), security vulnerability databases like MITRE ATT&CK and X-Force, and other IT telemetry, according to IBM.

Based on the information that it gleans, the Cybersecurity Assistant will also automatically recommend actions “based on the historical patterns of analyzed activity and pre-set confidence levels, speeding response times for clients and helping to reduce attackers’ dwell time,” IBM said in a press release.

The goal is to use GenAI to reduce manual investigations and operational tasks for security analysts, thereby letting them respond to security threats “more proactively and precisely,” says Mark Hughes, the global managing partner of cybersecurity services at IBM Consulting.

“As cyber incidents evolve from immediate crises to multi-dimensional and months-long events, security teams are facing the enduring challenge of too many attacks and not enough time or people to defend against them,” Mark Hughes, the global managing partner of cybersecurity services at IBM Consulting, said in a press release.

“By enhancing our Threat Detection and Response services with generative AI, we can reduce manual investigations and operational tasks for security analysts, empowering them to respond more proactively and precisely to critical threats, and helping to improve overall security posture for clients,” he said.

You can find more information about IBM’s TDR Service here.

RELATED STORIES

How To Contribute To IBM’s GenAI Code Assistant For RPG

Fortra Leans On XDR For Full Spectrum Security

IBM Developing AI Coding Assistant for IBM i

IBM i Security Concern Hits All-Time High, But Solution Adoption Lags, Fortra’s Marketplace Study Shows