Red Team: IBM Cyber Security Service Revealed

Uploaded on 2016-09-06 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Although efforts continue to find autonomous solutions to cybersecurity, some companies believe that the human factor is still important.

IBM Security announced the formation of IBM X-Force Red, a group of security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware, and software applications before cybercriminals do.

It is a global team with a network of hundreds of security professionals based in dozens of locations around the world, including the US, the UK, Australia and Japan.

The security testing professionals group bring expertise from across multiple industries like healthcare, financial services, retail, manufacturing and the public sector. Collectively, they have conducted security tests for the world’s largest brands and governments.

Malicious attacks against corporate assets are on the rise, with 64% more security incidents reported in 2015 than in 2014. As new solutions are brought online, security is often an afterthought.

For example, 33% of companies do not test mobile applications for security vulnerabilities. Attackers looking for the next zero-day exploit constantly scrutinize existing technologies; these technologies require periodic security testing to maintain their integrity.

“Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked,” said Charles Henderson, Global Head of Security Testing and X-Force Red, IBM Security.

Focus areas are:

Application – Penetration testing and source code review to identify security vulnerabilities in web, mobile, terminal, mainframe, and middleware platforms.

Network – Penetration testing of internal, external, wireless, and other radio frequencies.

Hardware – Verifying the security between the digital and physical realms by testing Internet of Things (IoT), wearable devices, point-of-sale (PoS) systems, ATMs, automotive systems, and self-checkout kiosks.

Human – Performing simulations of phishing campaigns, social engineering, ransomware, and physical security violations to determine risks of human behavior.

The group provides security testing services in three models: individual projects, subscription-based testing, and managed testing programs. The subscription model offers significant budget flexibility by pre-allocating testing funds without defining specific testing targets or even test types. Managed testing programs are ideal for organizations without the security staff to determine testing priorities, document remediation requirements, and enforce policies.

All of the models include vulnerability analytics designed to improve the efficiency and impact of security testing programs. This nimble approach gives companies increased elasticity of security spend and powerful testing on demand, including vulnerability assessment and management for the full lifecycle of application and network deployments.

I-HLS: http://bit.ly/2aTFQSj

« What Happens When Two Countries Fight A Cyber War?
Cyber Spy Group Uncovered After Years Of Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

CyberGuarded

CyberGuarded

CyberGuarded are an accredited vendor independent information security testing and auditing company.

Cyber Security Challenge UK

Cyber Security Challenge UK

Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cybersec professionals.

Gigacycle

Gigacycle

Gigacycle is one of the leading IT disposal and recycling providers in the UK. We specialise in IT asset disposal (ITAD) and data destruction.

Hunter Strategy

Hunter Strategy

Hunter Strategy focuses on delivering solutions that are concise, scalable, and target our customer’s complex technical challenges.

ImmuniWeb

ImmuniWeb

We Simplify, Accelerate and Reduce Costs of Security Testing, Protection and Compliance.

BastionZero

BastionZero

BastionZero is leveraging cryptography to reimagine the tools used to manage remote access to servers, containers, clusters, applications and databases across cloud and on-prem environments.

TAFEcyber

TAFEcyber

TAFEcyber is an Australian based consortium focusing on the skilling of the fast-growing cyber security workforce through education and training.

Gomboc.ai

Gomboc.ai

Gomboc solve cloud infrastructure security policy deviations by providing tailored remediations to the IaC (Infrastructure as Code).

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Cytex

Cytex

Cytex is the All-in-One solution for SMB data protection & compliance needs.

RunReveal

RunReveal

RunReveal's mission is to make sure no breach goes undetected. That means having a product that is accessible and effective for companies of all sizes.

XeneX

XeneX

XeneX Cloud Security Services address enterprise-class security challenges by enabling DevOps and Security teams to access a shared source of truth.