Recognizing that IT security by definition is a team sport, IBM today announced it is adding a set of open application programming interfaces (APIs) to the IBM Security QRadar platformthrough which third-party organizations can build applications that can be accessed via a new IBM Security App Exchange marketplace. Kevin Skapinetz, director of strategy for IBM Security, says that given the simple fact that digital criminals now routinely share information concerning vulnerabilities and attack vectors, it benefits the IT security community to share as much intelligence as possible.
With that goal in mind, IBM previously agreed to share the IT security data it collects, which is a resource that IBM says over 2,000 organizations are now making use of to gather security intelligence. Now Skapinetz says IBM is taking that concept one step further by publishing an open set of APIs for its security analytics application.https://o1.qnsr.com/log/p.gif?;n=203;c=204663295;s=11915;x=7936;f=201904081034270;u=j;z=TIMESTAMP;a=20410779;e=i
The first four third-party vendors to make use of the IBM APIs are Bit9 + Carbon Black, BrightPoint Security, Exabeam and Resilient Systems. STEALTHbits and iSIGHT Partners also have apps in development.
IBM today also unveiled a new release of IBM Security QRadar, which can now invoke rules to deal with specific threats once they are detected, and offers tighter integration between QRadar and IBM BigFix endpoint security management software.
The sad truth of the matter is that when it comes to IT security, most organizations are hopelessly outgunned. They generally don’t have the expertise needed to proactively detect threats, which results in systems being compromised for months before anyone realizes those systems have been compromised. As in the days of yore, when merchants pooled their collective resources to defend their commerce from the threat of piracy, modern organizations need to be able to collaborate in ways that much better defend their IT security interests. After all, it’s a lot easier for criminals to prey on a lone organization than it is one that is part of a much larger digital convoy.