August 2, 2016 By Charles Henderson 2 min read

This week, IBM announced the creation of X-Force Red, a new elite security testing team. I’ve been working on putting this group together since October of last year, so the announcement gave me a mixture of pride, relief and excitement.

I’ve been involved with security testing long enough that creating one more pen testing team wouldn’t be very challenging or rewarding. This is different, mostly because of IBM’s unparalleled stature in technical innovation.

In 2015, IBM received 7,355 patents in the U.S., making us the leader for the 23rd consecutive year. With Watson, IBM is pioneering aspects of artificial intelligence and data analytics that not long ago seemed like science fiction. Just last week, I was blown away when the IBM website featured an invitation to “sign up to run virtual experiments on a quantum processor.”

I wish that I could say we’re using quantum computing at X-Force Red. We’re not quite ready for that, but we still embody IBM’s innovative spirit.

X-Force Red Does the Heavy Lifting

Anyone in security can tell you how overwhelming massive amounts of vulnerability data can be. Even in small organizations, findings from penetration tests, code reviews and vulnerability scans pile up quickly.

Vulnerability analytics are a key feature of X-Force Red’s offerings. They help to prioritize and track work, identify security trends in your organization, map risks based on shared dependencies and much more. The data can come from any source: tests performed by IBM, vulnerabilities discovered by your own internal work or even issues documented by third-party tests.

There are four main disciplines within X-Force Red:

  • Application: Manual penetration tests, code review and vulnerability assessments of web, mobile, terminal, mainframe and middleware platforms;
  • Network: Manual penetration tests and vulnerability assessments of internal, external, Wi-Fi and other radio frequencies;
  • Hardware: Security tests that span the digital and physical realms with Internet of Things (IoT), wearable devices, point-of-sale (POS) systems, ATMs, automotive systems, self-checkout kiosks, etc.; and
  • Human: Simulations of phishing campaigns, social engineering, ransomware and physical security violations to determine risks of human behavior.

A Team of Experts

The vast technical experience at IBM is another advantage of X-Force Red. Any decent security testing team will have experts on the common application and network technologies. But when it comes to bleeding-edge, niche or legacy technology, consultants can be left scrambling. X-Force Red is backed by the collective experience of literally hundreds of thousands of the world’s best technologists that work at IBM.

Simplicity is another key aspect of the X-Force Red strategy. Filling out scoping surveys and counting your webpages, classes or database servers slows down the testing process and doesn’t improve your security. The details on how we scope and size projects can be found here.

More from X-Force

Hive0051 goes all in with a triple threat

13 min read - As of April 2024, IBM X-Force is tracking new waves of Russian state-sponsored Hive0051 (aka UAC-0010, Gamaredon) activity featuring new iterations of Gamma malware first observed in November 2023. These discoveries follow late October 2023 findings, detailing Hive0051's use of a novel multi-channel method of rapidly rotating C2 infrastructure (DNS Fluxing) to deliver¬†new Gamma malware variants, facilitating more than a thousand infections in a single day. An examination of a sample of the lures associated with the ongoing activity reveals…

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

13 min read - As of March 2024, X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents crafted to imitate authentic documents of government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production. Beginning in November 2023, X-Force observed ITG05…

Why federal agencies need a mission-centered cyber response

4 min read - Cybersecurity continues to be a top focus for government agencies with new cybersecurity requirements. Threats in recent years have crossed from the digital world to the physical and even involved critical infrastructure, such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the public sector, which includes government agencies, is up to $2.6 million from $2.07 million in 2022. Government agencies need to move…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today