IBM X-Force: Threat Intelligence Product Overview and Insight

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

See the complete list of top threat intelligence companies.

Company Description

IBM X-Force has been in existence since 1996 as a part of Internet Security Systems. ISS was acquired by IBM in 2006, and the X-Force brand is now part of IBM Security. The X-Force Exchange platform was launched in 2015 to open up the wealth of threat intelligence collected over 20 years from IBM X-Force to the public to support collaborative defense.

Product Description

IBM X-Force Exchange is a collaborative threat intelligence platform that helps security analysts research threat indicators to help speed time to action. It offers intelligence on:

  • IP and URL reputation
  • web applications
  • malware
  • vulnerabilities
  • spam

Users can then enhance their security insights with machine-generated intelligence and curated human-generated insights from IBM X-Force researchers available via public case file collections on the latest malware campaigns and threats.

"Users can collaborate with peers to validate threats and develop response plans using private groups and shared collections, and strengthen their existing security solutions with threat intelligence delivered through open standards," said Sam Dillingham, Senior Offering Manager, IBM Security.

Agents

X-Force Exchange is a cloud-based platform, and does not deploy via agents.

Markets and Use Cases

X-Force Exchange hosts six of the world's top 10 retailers, and five of the world's top 10 banks. With integrated workflow support through private groups and Collections, X-Force Exchange appeals to organizations that need to support a streamlined security investigation process.

One retailer, said, Dillingham, replaced multiple threat intelligence feeds with X-Force Exchange, and reduced their investigation time by eliminating the need for multiple information formats to assemble case files for incident investigations. This retailer is using shared collections to gather threat intelligence, letting the security team focus on applying the intelligence rather than on the mechanics of gathering it.

Applicable Metrics

As a cloud based platform, X-Force Exchange scales to support any size organization. Users are allowed unlimited queries via the platform itself per month, and up to 5,000 records per month via the no-cost API. Additional third-party threat intelligence feeds can be brought into X-Force Exchange using the Threat Feed Manager once a user provides their credentials or API key for those feeds via the platform.

Security Qualifications

IBM X-Force Exchange is ISO27001 and IBM Privacy Shield certified. As a threat intelligence platform, X-Force Exchange provides security content to other qualified systems.

Intelligence

Users can enhance their security insights with machine-generated intelligence. Threat intelligence from X-Force Exchange is also used by IBM QRadar Advisor with Watson so security analysts can leverage machine learning on the QRadar SIEM platform. All threat intelligence produced is cross-correlated against relevant sources used by X-Force Exchange, and this analysis is automated into reports that provide real-time visibility into risk score, activity history, geography, associated indicators, categorization and other pertinent threat intelligence.

Delivery

X-Force Exchange is a cloud-based solution, accessible via a web browser or through an API interface to interface directly with existing security solutions.

Pricing

IBM X-Force Exchange is free to use via the web interface at xforce.ibmcloud.com. The API is available at no additional cost for up to 5,000 records per month; for users that need additional data, the X-Force Exchange Commercial API is available for $2,000 per user per 10,000 records per month.

JOIN THE DISCUSSION

Loading Comments...