Today, IBM announced the integration of Generative AI into its managed Threat Detection and Response (TDR) Services, enhancing the efficiency and effectiveness of security operations for clients. Leveraging the IBM Watsonx data and AI platform, the newly introduced IBM Consulting Cybersecurity Assistant aims to streamline the identification, investigation, and response to critical security threats.
IBM’s TDR Services Can Already Automatically Escalate or Resolve Up to 85% of Alerts
The Cybersecurity Assistant is part of IBM Consulting’s broader efforts, included in both its threat detection and response practice and the IBM Consulting Advantage AI services platform. This platform equips IBM consultants with purpose-built AI tools, ensuring consistent, repeatable, and high-quality service delivery for clients.
Read Latest CyberTech News: Palantir and Microsoft Bolster National Security with AI and Cloud Partnership
Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM Consulting, highlighted the growing complexity of cyber incidents, which now extend beyond immediate crises to become multi-dimensional, prolonged events. He emphasized that the integration of generative AI into TDR Services enables security teams to reduce manual investigation efforts, allowing them to respond more proactively and accurately to critical threats, ultimately enhancing clients’ overall security posture.
Registrar for free webinar Outpacing Cloud Attackers with GenAI @ https://rb.gy/xegd70
IBM’s TDR Services can already automatically escalate or resolve up to 85% of alerts. With the addition of generative AI, the investigation of remaining actionable alerts is significantly expedited. For instance, one client experienced a 48% reduction in alert investigation times due to these new capabilities.
Key features of the Cybersecurity Assistant include:
- Accelerated Threat Investigations: The assistant leverages historical correlation analysis to speed up complex threat investigations. By cross-referencing alerts with data from various sources, it provides a comprehensive threat management approach. This allows security analysts to be more proactive and precise, with a timeline view of attack sequences and auto-recommended actions based on historical patterns.
- Streamlined Operational Tasks: The assistant’s generative AI conversational engine offers real-time insights and support for both clients and IBM security analysts. It automates operational tasks such as opening or summarizing tickets, running queries, and enriching threat intelligence, thereby reducing noise and enhancing overall SOC efficiency.
Craig Robinson, Research Vice President for IDC’s Security Services Research Practice, noted that IBM’s advancements offer businesses deeper insights into critical threats, driving increasingly accurate and rapid threat investigations—an essential advantage given the current shortage of security resources.
Developed in collaboration with IBM Research, the Cybersecurity Assistant capitalizes on IBM’s generative AI capabilities, built on the company’s Granite foundation models, refined for production within IBM watsonx.ai, and integrated with IBM watsonx Assistant for its conversational interface.
IBM is a global leader in hybrid cloud, AI, and consulting services, serving clients in over 175 countries. With expertise in AI, quantum computing, and industry-specific cloud solutions, IBM helps clients transform their businesses quickly, efficiently, and securely. The company is committed to trust, transparency, responsibility, and inclusivity in all its endeavors.