Cisco and IBM integrate enterprise security offerings

Image credit: igorstevanovic /

Cisco and IBM Security have announced they are pooling together their security resources across products, services and threat intelligence to help customers deal with cyber security threats with tools that can talk to each other.

One of the core issues impacting security teams is the proliferation of security tools that don’t communicate or integrate. A recent Cisco survey of 3,000 chief security officers found that 65% of their organizations use between six and 50 different security products. Managing such complexity is challenging over-stretched security teams and can lead to potential gaps in security.

The Cisco and IBM Security relationship is focused on helping organizations reduce the time required to detect and mitigate threats, offering organizations integrated tools to help them automate a threat response with greater speed and accuracy.

Cisco security solutions will integrate with IBM’s QRadar to protect organizations across networks, endpoints and cloud. Cisco will build new applications for QRadar, starting with two new applications designed to help security teams understand and respond to advanced threats. The apps will be available on the IBM Security App Exchange.

Customers will also benefit from the scale of IBM Global Services support of Cisco products in their managed security service provider (MSSP) offerings.

The collaboration also establishes a new relationship between the IBM X-Force and Cisco Talos security research teams, who will begin collaborating on threat intelligence research and coordinating on major cybersecurity incidents. For joint customers, IBM will deliver integration between X-Force Exchange and Cisco’s Threat Grid. This integration greatly expands the historical and real-time threat intelligence that security analysts can correlate for deeper insights, the companies said.

For example, Cisco and IBM recently shared threat intelligence as part of the recent WannaCry ransomware attacks. The teams coordinated their response and researchers exchanged insights into how the malware was spreading.

IBM’s Resilient Incident Response Platform (IRP) will also integrate with Cisco’s Threat Grid to provide security teams with insights needed to respond to incidents faster. For example, analysts in the IRP can look up indicators of compromise with Cisco Threat Grid’s threat intelligence, or detonate suspected malware with its sandbox technology. This enables security teams to gain valuable incident data in the moment of response.

Be the first to comment

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.