IBM Unveils Cloud-Native SIEM Built to Maximize Security Teams’ Time and Talent

ARMONK, N.Y.Nov. 7, 2023 /PRNewswire/ — IBM (NYSE: IBM) today announced a major evolution of its flagship IBM QRadar SIEM product: redesigned on a new cloud-native architecture, built specifically for hybrid cloud scale, speed and flexibility. IBM also unveiled plans for delivering generative AI capabilities within its threat detection and response portfolio – leveraging watsonx, the company’s enterprise-ready data and AI platform.

Today’s hybrid cloud environments are evolving and scaling at an exponential rate, creating a larger and more complex attack surface to protect. This growing IT footprint makes it harder to quickly find the true threats amongst the noise – slowed down by siloed technologies, manual searches and an overload of alerts, without clear context or visualizations. In fact, SOC professionals get to less than half (49%) of the alerts that they’re supposed to review within a typical workday, according to a recent global survey.1

The new cloud-native QRadar SIEM is built to maximize the power of today’s security teams. It is designed to augment and up-level security analysts daily work – tapping AI to manage time-consuming and repetitive tasks while empowering security analysts to find and respond to high priority security incidents more effectively.

“Our new cloud native SIEM is a core element of IBM’s mission to usher in the next generation of security operations, built for the hybrid cloud and AI era,” said Kevin Skapinetz, Vice President, Strategy and Product Management, IBM Security. “Instead of forcing analysts to work around the complexity of security technologies, we’re designing technology to remove the complexity – weeding out the noise, simplifying the user experience, and empowering analysts to tackle urgent threats with greater speed and confidence.”

IBM’s cloud-native SIEM builds on QRadar’s 13 years market leadership and analyst recognition2 for deep security analytics – with a redesigned architecture for highly efficient data ingestion, rapid search and analytics at scale. Built on an open foundation, it is the newest addition to QRadar Suite, IBM’s integrated portfolio of threat detection and response software.

The new cloud-native QRadar SIEM will be generally available as SaaS in Q4 2023, with plans to offer software for on-premises and multi-cloud deployment in 2024.

Open at its Core
Built on Red Hat OpenShift, QRadar SIEM is designed to be open at a foundational level – allowing for deeper interoperability with multi-vendor tools and clouds. It leverages open source and open standards for core functions including detection rules and search language – allowing it to work across companies’ broader security and technology stacks.

  • Harness Security Community Detections: Leverages common, shared language for detection rules (SIGMA) – allowing clients to quickly import new, crowdsourced detections directly from the security community as threats evolve.
  • Investigate Across Data Sources: Offers unique federated search and threat hunting capabilities built on open-source technologies, allowing analysts to proactively search for and investigate threats across cloud and on-premise data sources in a single, unified way – without moving data from its original source.
  • Deep Partner Network: Builds on the QRadar ecosystem, one of the largest partner networks in the industry with more than 700 pre-built integrations.

Full Suite for Connected, Proactive Security Response
As part of QRadar Suite, the new cloud-native SIEM offers customers access to a wide set of integrated capabilities which can allow for more proactive detection, investigation and response across toolsets. With QRadar Suite, organizations can gain visibility into their exposed assets via attack surface management (ASM) capabilities, search for threats across toolsets, protect at the endpoint with EDR, and connect to automated playbooks to speed response (SOAR). QRadar SIEM empowers users with shared insights and automated actions across their core toolsets – accessed directly from their primary user interface, without needing to shift between tools.

Enterprise-Grade AI Speeds Response to Critical Threats
QRadar SIEM applies multiple layers of AI and automation to improve the quality of alerts and the efficiency of security analysts. These mature AI capabilities have been pre-trained on millions of alerts from IBM’s vast network of clients and are refined further post-deployment to account for each client’s unique environment. For example:

  • Reduce Noise and Improve Alerts: Alert prioritization capabilities use AI to automatically de-prioritize low priority alerts, while automatically grouping, contextualizing and escalating high priority alerts – factoring in risk context from ongoing threat intelligence and analyst response patterns. This capability allowed IBM Consulting Cybersecurity Services to automate 85% of alert management for clients,3 and to accelerate their threat triage timelines by 55% in the first year of use.4
  • Jump-Start Investigations: AI capability automatically runs federated searches across connected systems, generating a visual attack timeline, MITRE ATT&CK mappings, and recommended actions – giving analysts a significant head-start on investigation tasks.
  • Automatically Update Detections: QRadar SIEM’s analytics are automatically updated with new detection rules and threat intelligence on an ongoing basis, to keep pace with evolving threats.

IBM’s AI security capabilities are embedded natively into the QRadar Suite analyst interface, bringing contextual insights to analysts’ fingertips and helping them take advantage of AI more intuitively within their regular workflows.

Generative AI to Advance SOC Productivity
IBM also plans to release generative AI (GAI) security capabilities for QRadar Suite in early 2024 – built on watsonx, the company’s AI and data platform. IBM is designing GAI to help optimize security teams’ time and talent by managing certain tedious tasks on behalf of analysts, while also making it easier for them to perform more challenging, higher value work. For example:

  • Automate Reporting: Create simple summaries of security cases and incidents that can be shared with a variety of stakeholders in a single click.
  • Accelerate Threat Hunting: Automatically generate searches to detect threats based on natural language descriptions of attack behaviour and patterns – helping to accelerate response to new threat campaigns.
  • Interpret Machine-Generated Data: Helping analysts to quickly understand security log data by providing simple explanations of events that have taken place on a system – lowering technical barriers and expediting their investigations.
  • Curate Threat Intelligence: Interpret and summarize highly relevant threat intelligence, honing in on campaigns that are more likely to affect clients based on their unique risk profile.

IBM is also developing predictive generative AI security capabilities which will be trained to create active responses that optimize over time – for instance, helping security team find similar incidents, update affected systems and patch vulnerable code.

Beyond these use-cases, IBM plans to embed generative AI across its broader security software and services portfolio. These capabilities will leverage watsonx infrastructure as well as watsonx AI models, which have been trained on curated, domain-specific datasets – designed to offer greater trust, transparency and accuracy.

For more about QRadar SIEM, visit information visit: https://www.ibm.com/products/qradar-cloud-native-siem

For more information about AI for Security, visit: https://www.ibm.com/security/artificial-intelligence

Statements regarding IBM’s future direction and intent are subject to change or withdrawal without notice, and represent goals and objectives only.

About IBM Security

IBM Security helps secure the world’s largest enterprises and governments with an integrated portfolio of security products and services, infused with dynamic AI and automation capabilities. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to predict threats, protect data as it moves, and respond with speed and precision without holding back business innovation. IBM is trusted by thousands of organizations as their partner to assess, strategize, implement, and manage security transformations. IBM operates one of the world’s broadest security research, development, and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide.

Aeromexico Raises Safety Measures and Efficiency of Operations with AI-Powered IBM Technology

Mexico City, November 7, 2023 – Aeromexico is using IBM Environmental Intelligence Suite, a tool to monitor, anticipate, plan, and respond to the potential impact of extreme weather events on air operations, designed to raise safety measures and the efficiency of their operations for the benefit of its customers and employees. The technology was implemented by Xatrix, the Mexican consultancy company and IBM Business Partner.

The technology, powered by Artificial Intelligence, allows the airline to perform informed climate risk analysis and provides weather information and geospatial data for the more than 100 routes it operates in Mexico and around the world. It also issues alerts that allow us to consider current and expected conditions such as wind, rain, and lightning, among other phenomena, to help improve operational decisions in flight planning.

The adverse weather conditions affecting business are on the rise and, in fact, the Global Economic Forum’s 2023 Global Risks Report, suggests that extreme weather events and natural disasters are seen as the second-most serious overall global risk of the next few years.

“The future of business and the environment are deeply connected, and technology is allowing a greater understanding of climate and how it can impact businesses, ” said Manuel Gonzalez del Yerro, Sustainability Software Leader for IBM Latin America. He added: “For us, Aeromexico’s trust in IBM technologies to help them manage climate risk is a source of pride, putting safety measures and efficiency above all else and anticipating adverse atmospheric events.”

Diego Convalia, Aeromexico’s Vice President of Technical Flight Operations, commented: ” This technology complements the most modern aircrafts like the ones we have, the expertise of our crews and the air traffic control technology and services of the countries where we operate”. And continued: “this technology helps us in decisions for takeoffs, landings, flight routes and ground operations, which contributes to  elevate flying to be  an extraordinary experience.”

About Aeromexico

Grupo Aeromexico, S.A.B. de C.V., is a holding company with subsidiaries engaged in commercial and cargo aviation in Mexico, training, assistance, and maintenance, as well as the control of its passenger loyalty program: Aeromexico, Aeromexico Connect, Aeromexico Cargo, Aeromexico Formacion, Aeromexico Servicios and Aeromexico Rewards. The company is Mexico’s global airline and has its main hub at Mexico City International Airport. Its destinations network features Mexico, the United States, Canada, Central America, South America, Asia, and Europe. The Group’s operating fleet is comprised of Boeing 787 and 737 jet airliners and Embraer 190 models. Aeromexico is a founding member of the SkyTeam airline alliance, which celebrated its 23rd anniversary and serves 184 countries with its 19 SkyTeam airline partners.

About Xatrix Technologies

Xatrix Technologies is a highly specialized technology consulting company in the design and development of tailor-made solutions to meet the specific needs of its customers. With over two decades of market experience, Xatrix has demonstrated excellence in implementing and integrating solutions in key areas, such as B2B Collaboration, Blockchain Transparent Supply, Cloud, Sustainability and Weather Data. Since its founding, Xatrix has stood out for addressing challenges of high complexity and specialization, consistently exceeding its clients’ expectations. This focus on excellence and goal compliance has led to Xatrix gaining recognition from both its allies and its competitors in the technology sector. For more information, visit https://xatrix.mx

NatWest and IBM Collaborate on Generative AI Initiative to Enhance Customer Experience

LONDON and ARMONK, N.Y.Nov. 6, 2023 /PRNewswire/ — NatWest and IBM (NYSE: IBM) today announced enhancements to the bank’s virtual assistant, Cora, that will use generative AI to provide customers with access to a wider range of information through conversational interactions. The bank will be among the first in the UK to deploy generative AI with a virtual assistant enabling a safe, intuitive, and accessible experience in its digital services.

Harnessing the power of responsible and ethical AI forms part of the bank’s wider strategy, collaborating with IBM and other experts to help customers achieve financial wellbeing through personalised support. By leveraging IBM’s enterprise grade AI and data platform, watsonx, teams are co-creating a digital concierge (Cora+) that evolves the chatbot’s capability into a more interactive and conversational experience, where this benefits customers.

Personalised, conversational responses to complex customer queries 

This innovative capability has been designed to provide a more accessible and human interaction for customers looking to compare products and services across the product suite, or who are looking for information across the NatWest Group websites.

Cora+ will be able to access information from multiple secure sources that were previously inaccessible through chat alone, such as products, services, information about the bank and career opportunities. Customers can ask questions and receive responses in a more natural, conversational style and are provided with links to requested information, which they can either view immediately or bookmark for later. Customers will continue to have the option to speak on the phone with branch representatives during business hours.

Wendy Redshaw, Chief Digital Information Officer of the NatWest Group’s Retail Bank said: “We are a relationship bank in a digital world, building trusted, long-term relationships with our customers through meaningful and personalised engagement.

Building on Cora’s success over the last five years, we’re working with companies like IBM to leverage the latest generative AI innovations that will help make Cora feel even more ‘human’ and, most importantly, a trusted, safe and reliable digital partner for our customers.”

In a digital world, banks focus on fostering talent, technology and trusted collaborations

As banks increasingly become digital enterprises, attracting and retaining top technology talent has become an industry priority.  The importance of mindful innovation and safe exploration is key, and aligned to NatWest’s Digital X Strategy, which focusses on three pillars: engineer, protect and operate. This provides the bank with opportunities to collaborate with specialist industry leaders, like IBM, and work together on cutting edge, emerging technologies to deliver what matters most for customers.

To accelerate the pace of innovation and delivery, the IBM Client Engineering team worked alongside the NatWest business and technology teams to rapidly co-create, test, and validate the outcomes with the aim of safely and swiftly delivering a viable generative AI digital assistant.

“NatWest and other forward-thinking leaders of financial institutions around the world are exploring the potential of AI technologies as part of their competitive business strategy,” said John Duigenan, Distinguished Engineer and General Manager Global Financial Services Industry at IBM. “With the appropriate guardrails and governance in place ensuring that AI is open, trusted and targeted, banks can deliver an empowering value proposition enabling an even deeper level of customer loyalty. We’re excited about the opportunity to collaborate with NatWest on their vision for customer care.”

Banking industry leaders globally see value in generative AI and are selectively exploring how it can be used

According to a recent study by IBM’s Institute for Business Value, CEO Decision-Making in the Age of AI, banking and financial markets CEOs are being selective and deliberate in their use of generative AI. They recognise its potential, with over 40% of the 360 banking and financial markets leaders responding that they expect generative AI, deep learning, and machine learning to help deliver financial results over the next three years. Talent, security and customer experience were cited the most frequently identified areas in which financial services leaders indicated interest in applying generative AI. Customer care was cited by 54% of these industry chiefs as among their highest technology priorities and a full three quarters (75%) of financial services CEOs surveyed believe that the competitive advantage will go to the institutions that have the most advanced use of generative AI.

About NatWest
NatWest Group is a relationship bank for a digital world. We champion potential; breaking down barriers and building financial confidence so the 19 million people, families and businesses we serve in communities throughout the UK and Ireland can rebuild and thrive. If our customers succeed, so will we.

About IBM
IBM is a leading provider of enterprise AI, hybrid cloud architecture, security and ESG insights to the global financial services sector. Its deep industry expertise, extensive portfolio of services and solutions, and its robust ecosystem of fintech partners, empower collaboration, innovation, and creation with clients. As a trusted partner to banks, insurers, capital markets and payments providers, IBM guides financial institutions on all stages of their digital transformation journeys through IBM Consulting and delivers the proven infrastructure, software and services they need through IBM Technology. For more information, visit www.ibm.com/industries/financial-services.

The National Quantum Computing Centre Signs Agreement with IBM to Provide Quantum Computing Access to UK Academic, Research, and Public Sector Organizations

OXFORDSHIRE, U.K., November 2, 2023  – The National Quantum Computing Centre (NQCC) today announces an agreement with IBM for the center to provide UK researchers with cloud access to IBM Quantum’s Premium Plan, including IBM’s fleet of quantum computing systems, with the aim to drive new research directions based on the use of quantum computing. Through this initiative, and by joining the IBM Quantum Network, the NQCC further spearheads their vision to enable the UK to solve some of the most complex and challenging problems facing society by harnessing the potential of quantum computing.

The NQCC is a co-sponsored program by the Science and Technology Facilities Council (STFC) and the Engineering and Physical Sciences Research Council (EPSRC). Its objective is to drive new research horizons by serving the UK academic, research, and public sector communities to enable proof-of-concept projects, feasibility studies and discovery-led science.

“Providing quantum computing access is an important step in contributing towards the national effort,” NQCC Director, Dr Michael Cuthbert said. “The agreement with IBM will enable the NQCC to provide utility-scale quantum computing resources for the UK’s vibrant research community, which will open up new avenues of fundamental and applied research, with the prospect of boosting the development of novel technologies and drive new discoveries.”

IBM Quantum offers users access to utility-scale processors with more than 100 qubits. These systems deliver performance capable of serving as scientific tools to explore an expanded scale of problems that classical systems may never be able to solve.

“Organizations that collaborate with the NQCC will have the opportunity to access quantum computers which, as shown in recently published research, are capable of accurately modeling a physical system in nature beyond leading classical approaches,” said Dr. Scott Crowder, Vice President, Adoption and Business Development, IBM Quantum. “This ‘quantum utility’ gives our users the ability to explore hard problems — and to begin extracting real value.”

Aligned with the recently published National Quantum Strategy and the commitment of £2.5 billion of investment, the NQCC as a national lab is committed to working with organizations across government, industry and the research community, to support the delivery of quantum computing capabilities for the UK and build the user community for quantum computing.

The center seeks to enable the UK to become a quantum-ready nation and take full advantage of the benefits that quantum computing can offer, by supporting the UK-based organizations. It will help to boost access to quantum computing resources for UK-based users and further catalyze its SparQ user engagement program enabling the user journey from awareness to advocacy.

NQCC’s mission complements STFC’s other long-term partnership with IBM: the Hartree National Centre for Digital Innovation programme, which applies AI, data science, high performance computing (HPC), and quantum computing for the benefit UK industry and the public sector.

Where NQCC’s mission is to enable the UK to solve some of the most complex and challenging problems facing society by harnessing the potential of quantum computing, the Hartree Centre and IBM aim to help UK organizations to develop and adopt innovative solutions from the core technologies and apply them to challenges in areas including engineering, materials development, life sciences, energy and environment.

There are, therefore, many opportunities for both centers, the NQCC and the Hartree Centre, to collaborate and support UK industry at different stages of the adoption and innovation journey to fully prepare and futureproof the UK economy to gain maximum benefit from quantum computing.

About the NQCC

The NQCC is a new research institution funded through UKRI, which is dedicated to accelerating the development of quantum computing by addressing the challenges of scalability. Working with partners across industry, government and the research community, the NQCC is creating the necessary R&D capabilities through co-ordination and delivery of a technical programme, alongside the commissioning and operation of new facilities. The programme will deliver assured quantum computing capability, enabling the UK to remain internationally competitive. The centre will be headquartered in a purpose-built facility at the STFC’s Rutherford Appleton Laboratory Campus in Oxfordshire, which is due for completion in 2024.

About IBM

IBM is a leading provider of global hybrid cloud and AI, and consulting expertise. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. More than 4,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and consulting deliver open and flexible options to our clients. All of this is backed by IBM’s long-standing commitment to trust, transparency, responsibility, inclusivity and service.