Downloaded 12 times
Uploaded byIBM Security
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated Response Plan
The document outlines the enhancements in the IBM Resilient v31 platform, including dashboard improvements, privacy regulation updates, and new integrations with security tools. It emphasizes the importance of intelligent orchestration, community-driven resources, and support from technology partners and IBM engineers. Additionally, it highlights practical demonstrations of integrations and the significance of engaging with the IBM Resilient community for sharing knowledge and best practices.
More Related Content
Similar to Leveraging Validated and Community Apps to Build a Versatile and Orchestrated Response Plan
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated Response Plan
- 1. Integrating Incident Response IBMRESILIENT INCIDENT RESPONSE PLATFORM 2018-10-31 Product Manager Hugh Pyle
- 2. 2 IBM Security Aboutour Speakers Hugh Pyle, Product Manager IBM Resilient Jamie Cowper, Security Marketing Leader, Resilient IBM Resilient
- 3. 3 IBM Security Today’sAgenda • What’s new in Resilient v31 • Integrating IBM Resilient with the rest of your security operations tools ̶ Threat Intelligence ̶ Workflows and Functions ̶ IBM Security App Exchange • Integrations in practice: demonstrations
- 4. 4 IBM Security Resilientv31 • Local language versions: jp, kr, zh, zh-TW, it, fr, de, es, pt-BR, ru, en • Dashboard improvements: filters & aggregations • Privacy regulation updates • Disaster Recovery (DR) deployment tools • Audit & Logging improvements • Activity Fields in workflows • Many usability improvements to Python scripting
- 5.
- 6. 6 IBM Security 6 IBMResilient: Leading With Intelligent Orchestration
- 7. 7 IBM Security IBMResilient Intelligent Orchestration Ecosystem IBM-Validated and Supported Applications Community Applications Escalation • SIEM • Ticketing • IPS/IDS • UBA • DLP Communication and Coordination • Enterprise communications • Ticketing • Crisis management Containment, Response, Recovery • Endpoint • Ticketing • Next-generation firewall • Cloud Access Security Broker Identification and Enrichment • Endpoint • Sandbox • Threat Intelligence • CMDB Unlocks power of existing tools and technologies and increases security ROI and time to value. Enables faster and smarter response through shared IR knowledge, expertise, and resources. Code Examples Community-built scripts and automations Developer Tools and SDKs IBM Resilient-provided resources and documentation for building Resilient apps Playbooks and Workflows Incident response tasks lists and expertise from the Resilient community Integrations Applications that leverage your existing IT and security tools for IR Best Practices Community knowledge sharing, metrics, and reports 11
- 8.
- 9.
- 10.
- 11. 11 IBM Security IBMSecurity App Exchange & Community App Exchange Community App Exchange IBM Validated playbooks and integrations from IBM and technology partners Community-supplied playbooks and integrations Contributors can be… Technology Partners IBM engineers Customers IBM review activities… Functionality validation Security review Functional testing of use cases Functionality review Basic security review Support… Support is available from app vendor (by email or forum) Support may be available from app author NEW
- 12.
- 13. 13 IBM Security AutomaticThreat Lookup
- 14.
- 15.
- 16.
- 17. 17 IBM Security ibm.biz/resilientcommunity Engagewith other Resilient users Download the latest technical content Access insights into new releases
- 18. ibm.com/security securityintelligence.com xforce.ibmcloud.com @ibmsecurity youtube/user/ibmsecuritysolutions © Copyright IBMCorporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party. FOLLOW US ON: THANK YOU