Red Team: IBM Cyber Security Service Revealed

Uploaded on 2016-09-06 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Although efforts continue to find autonomous solutions to cybersecurity, some companies believe that the human factor is still important.

IBM Security announced the formation of IBM X-Force Red, a group of security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware, and software applications before cybercriminals do.

It is a global team with a network of hundreds of security professionals based in dozens of locations around the world, including the US, the UK, Australia and Japan.

The security testing professionals group bring expertise from across multiple industries like healthcare, financial services, retail, manufacturing and the public sector. Collectively, they have conducted security tests for the world’s largest brands and governments.

Malicious attacks against corporate assets are on the rise, with 64% more security incidents reported in 2015 than in 2014. As new solutions are brought online, security is often an afterthought.

For example, 33% of companies do not test mobile applications for security vulnerabilities. Attackers looking for the next zero-day exploit constantly scrutinize existing technologies; these technologies require periodic security testing to maintain their integrity.

“Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked,” said Charles Henderson, Global Head of Security Testing and X-Force Red, IBM Security.

Focus areas are:

Application – Penetration testing and source code review to identify security vulnerabilities in web, mobile, terminal, mainframe, and middleware platforms.

Network – Penetration testing of internal, external, wireless, and other radio frequencies.

Hardware – Verifying the security between the digital and physical realms by testing Internet of Things (IoT), wearable devices, point-of-sale (PoS) systems, ATMs, automotive systems, and self-checkout kiosks.

Human – Performing simulations of phishing campaigns, social engineering, ransomware, and physical security violations to determine risks of human behavior.

The group provides security testing services in three models: individual projects, subscription-based testing, and managed testing programs. The subscription model offers significant budget flexibility by pre-allocating testing funds without defining specific testing targets or even test types. Managed testing programs are ideal for organizations without the security staff to determine testing priorities, document remediation requirements, and enforce policies.

All of the models include vulnerability analytics designed to improve the efficiency and impact of security testing programs. This nimble approach gives companies increased elasticity of security spend and powerful testing on demand, including vulnerability assessment and management for the full lifecycle of application and network deployments.

I-HLS: http://bit.ly/2aTFQSj

« What Happens When Two Countries Fight A Cyber War?
Cyber Spy Group Uncovered After Years Of Attacks »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Axiomatics

Axiomatics

Axiomatics is the originator and leading provider of runtime, fine-grained authorization delivered with attribute-based access control (ABAC) for applications, data, APIs, and microservices.

Genua

Genua

Genua is a specialist in IT security services and solutions ranging from network and infrastructure security to encrypted comms and industrial automation.

GreyCampus

GreyCampus

GreyCampus is a leading provider of training for working professionals in the areas of Project Management, Big Data, Data Science, Service Management, Quality Management and Information Security.

North European Cybersecurity Cluster (NECC)

North European Cybersecurity Cluster (NECC)

NECC promotes information security and cybersecurity-related cooperation and collaboration in the Northern European region in order to enhance integration into the European Digital Single Market.

ACM-CCAS

ACM-CCAS

ACM is a UKAS-accredited certification body helping businesses around the world perform to a higher standard. Our certifications include ISO 27001 and ISO 22301.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

RapidScale

RapidScale

RapidScale’s managed cloud solutions provide reliable, innovative, and secure services, all complete with white-glove service and full management options.

Vigilant Technology Solutions

Vigilant Technology Solutions

Vigilant is a global cyber security technology company offering solutions to manage entire IT & cyber security lifecycles.

Whistic

Whistic

Whistic is a cloud-based platform that uses a unique approach to address the challenges of third-party risk management.

Defimoon

Defimoon

DeFimoon is the International Blockchain Development & Security Agency. We provide professional services and solutions at the highest quality on world-leading chains.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

Advanced IT

Advanced IT

Reliable managed IT Security & support services that will help you take your business operations to the next level without breaking the bank!

Yokai

Yokai

Yokai is a secure, distributed platform for data communication with enhanced security features tailored for classified environments such as finance, defence, healthcare, cybersecurity, and more.

Cyber Brain Academy

Cyber Brain Academy

At Cyber Brain Academy, our mission is to provide high-quality IT certification training for the cyber security workforce.

Eurecat Technology Centre

Eurecat Technology Centre

Eurecat is the main technology center in Catalonia and the second largest private research organization in Southern Europe.