IBM has launched a cutting-edge AI-driven cybersecurity tool aimed at enhancing its managed threat detection and response services. The assistant, named IBM Consulting Cybersecurity Assistant, is designed to expedite and improve the identification, investigation, and response to critical security threats for clients.

IBM

This assistant from IBM is developed based on the IBM watsonx data and AI platform, integrating into IBM Consulting's threat detection and response practices, as well as its AI service platform—IBM Consulting Advantage. Mark Hughes, the Global Cybersecurity Services Managing Partner at IBM Consulting, noted that as cyber incidents evolve from immediate crises into multi-dimensional, long-lasting events, security teams are facing ongoing challenges of too many attacks, insufficient time, and lack of personnel.

The cybersecurity assistant can autonomously perform multiple tasks such as opening or summarizing work orders, running queries, extracting logs, interpreting commands, and enriching threat intelligence. It utilizes IBM's Granite foundational model and leverages watsonx Assistant to provide a conversational chat interface, offering real-time operational insights for clients and IBM's security analysts in a more intuitive manner.

Moreover, this AI assistant can analyze historical correlations and automatically recommend actions to accelerate threat investigations. It can also create timeline views of attack sequences, aiding analysts in better understanding critical threats and providing more contextual information for investigations. Notably, the tool continuously learns from investigations, thereby enhancing its speed and accuracy.

As part of IBM's threat detection and response services, this assistant can automatically handle up to 85% of alerts. By introducing generative AI capabilities, IBM aims to enable users to investigate the remaining actionable alerts more swiftly. IBM claims that this new tool has already helped an unnamed client reduce alert investigation time by 48%.

Mark Hughes stated: "By enhancing our threat detection and response services, we can reduce the manual investigation and operational tasks for security analysts, allowing them to respond more proactively and precisely to critical threats, thereby improving the overall security posture for our clients."

Key Points:

1. 🚀 IBM introduces an AI-driven cybersecurity assistant to enhance threat detection and response efficiency.

2. 🧠 The assistant can autonomously perform multiple tasks, providing real-time insights and accelerating threat investigations.

3. ⏱️ Through the introduction of generative AI, IBM helps clients reduce alert investigation time by 48%.