The Ponemon Institute’s annual “Cost of Data Breach” study, released this week, served up a clear message: Damages from cyberattacks continue to climb, but organizations can stem these rising costs by preparing and supporting their incident response (IR) team, saving hundreds of thousands of dollars on average.

It’s long been our mission to help organizations transform their IR capabilities, and we’ve done so through our innovative Security Orchestration, Automation, and Response (SOAR) Platform. With our latest platform release, version 26, we’re delighted to launch Resilient Incident Visualization.

Incident Visualization Changes the Game

Resilient Incident Visualization is an industry first. It leverages the simple fact that actually seeing connections between incidents in a way like never before can help security analysts zero in on concerted attacks and respond in record time. It’s a simple yet powerful concept successful in, and now adopted from, other business areas.

Resilient Incident Visualization graphically displays multidimensional relationships between incident artifacts or indicators of compromise (IoCs) and incidents in an organization’s environment. Security analysts can:

  • Instantly gain intelligence, context and direction by seeing the most pertinent connections between artifacts and incidents, both past and present.
  • Immediately uncover broader campaigns targeting the organization and understand how an attack has unfolded over time.
  • Rapidly take investigative or remedial actions from directly within the visualizer, such as querying QRadar or blocking a malicious URL.

Decreasing Costs and Time

With Resilient Incident Visualization, a security analyst can instantly see that artifacts related to a malware incident (e.g., suspicious IP addresses, DNS names, malware hashes, etc.) have appeared in several past incidents. This suggests that these incidents are part of a bigger attack, and the platform provides direction on how to put an end to it.

This latest innovation comes only a few months after Resilient Systems was acquired by IBM Security. It shows that we’re committed to continuously innovating and pushing this market forward to help our customers thrive in the face of today’s cyberthreats. As part of IBM Security, we can innovate faster and more significantly than ever before.

In the end, Resilient Incident Visualization is a step change for incident response — making teams smarter and faster responders.


More from Incident Response

What cybersecurity pros can learn from first responders

4 min read - Though they may initially seem very different, there are some compelling similarities between cybersecurity professionals and traditional first responders like police and EMTs. After all, in a world where a cyberattack on critical infrastructure could cause untold damage and harm, cyber responders must be ready for anything. But are they actually prepared? Compared to the readiness of traditional first responders, how do cybersecurity professionals in incident response stand up? Let’s dig deeper into whether the same sense of urgency exists…

X-Force uncovers global NetScaler Gateway credential harvesting campaign

6 min read - This post was made possible through the contributions of Bastien Lardy, Sebastiano Marinaccio and Ruben Castillo. In September of 2023, X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials. The campaign is another example of increased interest from cyber criminals in credentials. The 2023 X-Force cloud threat report found that 67% of cloud-related…

Tequila OS 2.0: The first forensic Linux distribution in Latin America

3 min read - Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America. IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents X-force responded to were in Latin America. In comparison, 31% were in the Asia-Pacific, followed by Europe with 28%, North America with 25% and the Middle East with 4%. In the Latin American region, Brazil had 67% of incidents that…

Alert fatigue: A 911 cyber call center that never sleeps

4 min read - Imagine running a 911 call center where the switchboard is constantly lit up with incoming calls. The initial question, “What’s your emergency, please?” aims to funnel the event to the right responder for triage and assessment. Over the course of your shift, requests could range from soft-spoken “I’m having a heart attack” pleas to “Where’s my pizza?” freak-outs eating up important resources. Now add into the mix a volume of calls that burnout kicks in and important threats are missed.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today