Today IBM announced the newly formed IBM X-Force Incident Response and Intelligence Services (IRIS) team. This group of exceptionally talented and passionate consultants and analysts is focused on becoming our clients’ trusted security partner. X-Force IRIS experts collaborate with clients to provide solutions for the most challenging information security problems.

The Future of Threat Intelligence and Incident Response

IBM has made significant investments in cognitive technology — Watson — to solve the world’s most challenging problems, which is one of the reasons I joined the team earlier this year. Today, we leverage Watson in health care to enhance cancer research and diagnoses throughout the world, in the weather industry to predict the next big storm and in financial services to help manage regulatory compliance.

In the future, we will integrate Watson into security technologies to address threat intelligence and incident response challenges facing companies, their employees and their data. IBM will empower security professionals to make more informed, timely and accurate decisions to protect the most important intellectual property of today’s businesses.

A Transformational Security Journey

All the members of this formidable team feel fortunate to share a singular passion for keeping attackers away from our clients’ environments. Although simply stated, this mission is a complex, ever-changing solution to the most advanced security issues facing organizations throughout the world. Helping companies save time, money and reputation is valuable — allowing them to focus on their business rather than worry about the next security incident is ideal.

IBM X-Force IRIS represents a major milestone for IBM Security Services. This will be a transformational security journey with our clients. By most measures, today’s security threats, incidents and breaches are not entirely containable within the timeframes in which we need to prevent the attacker from causing damage. But for organizations with strategic implementation of incident response and intelligence capabilities, risks can be mitigated and negative impact contained to manageable and cost-effective levels.

X-Force IRIS: Another Step Forward

IBM has faced many challenges to stay relevant in its 110-plus years of operations. The introduction of IBM X-Force IRIS is just one more step forward.

To achieve the levels of computer threat intelligence necessary to proactively protect our clients’ most important assets and prevent attacks, we need to offer the next generation of technology. To this end, we are making significant investments in our people, services and solutions to enable all our clients can leverage industry-leading capabilities that detect, respond to and prevent attacks.

We look forward to sharing our collective expertise, opinions and unique experiences across security intelligence, incident response and remediation. To learn more about the team, I encourage you to download our solution brief and other assets. I am honored to be a part of this exciting group and look forward to providing our clients with a new breed of IBM Security.

Introducing IBM X-Force Incident Response and Intelligence Services

More from Incident Response

When the Absence of Noise Becomes Signal: Defensive Considerations for Lazarus FudModule

In February 2023, X-Force posted a blog entitled “Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers” that details the capabilities of a sample attributed to the Lazarus group leveraged to impair visibility of the malware’s operations. This blog will not rehash analysis of the Lazarus malware sample or Event Tracing for Windows (ETW) as that has been previously covered in the X-Force blog post. This blog will focus on highlighting the opportunities for detection of the FudModule within the…

Breaking Down a Cyberattack, One Kill Chain Step at a Time

In today’s wildly unpredictable threat landscape, the modern enterprise should be familiar with the cyber kill chain concept. A cyber kill chain describes the various stages of a cyberattack pertaining to network security. Lockheed Martin developed the cyber kill chain framework to help organizations identify and prevent cyber intrusions. The steps in a kill chain trace the typical stages of an attack from early reconnaissance to completion. Analysts use the framework to detect and prevent advanced persistent threats (APT). Organizations…

Defining the Cobalt Strike Reflective Loader

The Challenge with Using Cobalt Strike for Advanced Red Team Exercises While next-generation AI and machine-learning components of security solutions continue to enhance behavioral-based detection capabilities, at their core many still rely on signature-based detections. Cobalt Strike being a popular red team Command and Control (C2) framework used by both threat actors and red teams since its debut, continues to be heavily signatured by security solutions. To continue Cobalt Strikes operational usage in the past, we on the IBM X-Force…

What is a Red Teamer? All You Need to Know

A red teamer is a cybersecurity professional that works to help companies improve IT security frameworks by attacking and undermining those same frameworks, often without notice. The term “red teaming” is often used interchangeably with penetration testing. While the terms are similar, however, there are key distinctions. First and foremost is the lack of notice from red teams. Pen testing may be scheduled in advance to assess the ability of specific security measures to handle a simulated attack; red team…