IBM® X-Force® Threat Management is a new type of MSSP where cybercrimes are fought via an integrated approach of world-class expertise, powered by AI and orchestration. X-Force Threat Management is delivered out of nine worldwide Security Operations Centers (SOCs), IBM Security Global Command Centers. These SOCs are comprised of world-class standards, people, technology, facilities, and processes to address from simplest to the most complex security needs of clients in deployment, configuration, monitoring, maintenance, and daily management of a complete suite of industry-best security products and services. IBM managed security services deliver unique capabilities across all five of the NIST Cybersecurity Framework functions:
• Threat Insight utilizes X-Force IRIS, X-Force Red offensive testing and vulnerability management, and IBM® X-Force® Research and Threat Intelligence, with support from machine learning (IBM Watson) for mining of data within each environment.
• Threat Prevention utilizes managed network and endpoint security tools and X-Force data to define threats, identify suspicious behavior patterns, and make policy recommendations at any point in the threat management lifecycle.
• Threat Detection includes threat monitoring, validation, threat analysis, and modeling, uses SIEM tools integrated with IBM® X-Force® Protection Platform to provide capabilities such as searching for malware, analyzing user, network, asset, and transaction behavior using cognitive technologies.
• Threat Response utilizes the incident response capability of the X-Force Protection Platform integrated with IBM Resilient supporting enrichment and orchestration.
• Threat Recovery utilizes X-Force IRIS to help return affected systems to their previous state post-incident, and IBM X-Force IRIS Incident Planning for pre-incident resiliency preparation.