This video is a technical demonstration in which IBM Resilient and Carbon Black Response detect, respond, and remediate a live security incident. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

This video is a technical demonstration of the integration between Carbon Black Response, IBM Resilient, and QRadar to detect, respond, and remediate a live security incident. This integration is part of the long standing strategic partnership between Carbon Black and IBM.

Overview

• Part 1 demonstrates the integration of QRadar Advisor with Watson with Resilient functionality. QRadar with Watson provides artificial intelligence to automatically investigate and provide insights to threat indicators and related entities. Integration with Resilient allows the security analyst to automatically track and enrich incident artifacts and reporting.
• Part 2 demonstrates how to use Resilient as a workflow automation tool to enhance the analyst's ability to manage the response to the more complex threats that require more than the actions allowed directly from within QRadar.

IBM believes that companies using point solutions cannot effectively combat advanced threats. These organizations should look at their security assets as organs in the human body, interacting with each other to fight disease and improve health. Integrated security solutions and security analytics are the key to a healthy Security Immune System.

This presentation delves into the integration points within the IBM Security Immune System, with a focus on architecture and technical details. Security architects and security analysts will find this session a strong introduction to building real-world security for their enterprise.

The IBM Security Immune System looks at a security portfolio in an organized fashion - as an integrated framework of security capabilities that transmits and ingests vital security data to help gain visibility, understand, and prioritize threats, and coordinate multiple layers of defense. At its core, the system automates policies and block threats - just as the human immune system can assess and identify a virus and then trigger an immune response.