December 8, 2015 By Chris Meenan 3 min read

It’s commonly said that “there’s no I in team.” That’s certainly a platitude cybercriminals take to heart since they behave like one big, global team in many ways.

They collaborate together on a vast scale, sharing information about their intended victims, including their user IDs, passwords, personal information, social circles and other intelligence. They also collaborate on their weaponry — sharing malware kits, vulnerability exploits and command-and-control infrastructure — to rapidly create attacks with a high degree of accuracy. This type of joint effort necessitates a collaborative defense as a response.

The Need for Intelligence Sharing

Where does the collaborative attack leave the intended victims? They’re working in silos, often with poorly integrated security solutions, a lack of visibility and too much complexity in their security systems. Not a great place to be!

More than ever, organizations need the whole security community to collaborate more closely with each other, sharing threat intelligence to provide truly integrated solutions and common platforms that maximize reuse and enable deep integration. This should lead to innovative, agile solutions that can adequately respond to attack activity from criminals.

IBM Security believes this is fundamental to any successful cybersecurity strategy. To enable this collaboration, we opened up our threat intelligence database, IBM Security X-Force Exchange, to the community. This open collaboration platform has over 700 TB of intel and enables organizations to openly collaborate and share information regarding threats we are all exposed to. We have over 10,000 users from more than 2,000 unique organizations already on the platform, so clearly there is a real need for this type of environment.

The Next Phase of Collaborative Defense

We are now ready to announce the next phase of our collaborative defense enablement strategy, which has two very exciting and significant parts. Firstly, we have extended our collaboration platform, the IBM X-Force Exchange, to include the IBM Security App Exchange.

The new App Exchange gives organizations access to collaboratively built security defense and response solutions created by IBM, our partners, third-party security vendors, researchers and clients. Organizations will not only have the confidence that apps on the App Exchange are curated by IBM, but also that the security community as a whole is able to review and contribute to them.

This exchange is launching with over a dozen apps built by IBM and our community of partners in exciting areas, including incident visualization, insider threats, incident response, endpoint detection and remediation and many more.

Visit the brand new IBM Security App Exchange to browse our catalog of security apps

In defense, platforms are critical. They enable rapid creation of new workflows, analytics and visualizations to provide visibility and defense. To that end, we also created the QRadar Application Framework. In other words, we’ve supercharged QRadar with apps, providing increased flexible with reduced complexity.

QRadar is the market leader in security intelligence, collecting, analyzing and detecting threats in real time, and it is the foundation of incident detection and response workflow. As such, the platform provides all the core capabilities needed to not only develop new security applications, but also seamlessly integrate them with existing solutions.

The new QRadar Application Framework and SDK enables partners, third-party security vendors, managed services organizations, customers and IBM to rapidly build new security extensions directly into QRadar. This utilizes all the core capabilities of the platform (e.g., data collection, normalization, correlation, search, behavioral baselining, incident detection and more) and also seamlessly adds new analytics, visualizations and workflows.

Evolving with the Times

What does this means for our community of partners, third-party security vendors, services organizations and customers? It means they can quickly innovate and create their own unique, valuable solutions on QRadar, maximizing reuse and sharing new capabilities with the extensive QRadar community.

What does this mean for our customers? The ability to jump-start their security operations with speed and simplicity, and constant access to innovative, curated, security-focused solutions that keep the attackers at bay.

What does it mean for cybercriminals ? A harder time.

We are very excited about what these two new innovations mean for truly collaborative defense in the security market — and there definitely will never be an I in QRadar!

Check out the IBM Security App Exchange to browse the catalog of security defense and response apps from IBM and its partners, and watch the replay of our webinar to meet some of our application partners and learn even more about how to use collaboration and analytics to solve security challenges in the new year.

More from Intelligence & Analytics

What makes a trailblazer? Inspired by John Mulaney’s Dreamforce roast

4 min read - When you bring a comedian to offer a keynote address, you need to expect the unexpected.But it is a good bet that no one in the crowd at Salesforce’s Dreamforce conference expected John Mulaney to tell a crowd of thousands of tech trailblazers that they were, in fact, not trailblazers at all.“The fact that there are 45,000 ‘trailblazers’ here couldn’t devalue the title anymore,” Mulaney told the audience.Maybe it was meant as nothing more than a punch line, but Mulaney’s…

New report shows ongoing gender pay gap in cybersecurity

3 min read - The gender gap in cybersecurity isn’t a new issue. The lack of women in cybersecurity and IT has been making headlines for years — even decades. While progress has been made, there is still significant work to do, especially regarding salary.The recent  ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the field. In fact, only 17% of the 14,865 respondents to the survey were women.Pay gap between men and womenOne of the most concerning disparities revealed by…

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today