© 2015 IBM Corporation

IBM Security

1© 2015 IBM Corporation

Introducing IBM X-Force ExchangeA new way for the world to leverage collaborative

threat intelligence

Domenico Raguseo Europe Technical Sale Manager

Follow me @domenicoraguseo

© 2015 IBM Corporation

IBM Security

2

Security teams are using multiple sources of intelligence to identify cyber threats, but they come with new challenges

65%of enterprise firms use external threat intelligence

to enhance their security decision making 1

However, security teams lack critical support to make the most of these resources

It takes too long to make information actionable

Data is gathered from untrusted sources

Analysts can’t separatethe signal from the noise

1 Source: ESG Global

© 2015 IBM Corporation

IBM Security

3

Backed by the reputation and

scale of IBM X-Force

Introducing IBM X-Force Exchange

Research and collaboration platform and API

Security Analysts and Researchers

Security Operations

Centers (SOCs)

Security Products and Technologies

OPENa robust platform with access to a wealth of threat intelligence data

SOCIALa collaborative platform for sharing threat intelligence

ACTIONABLEan integrated solution to help quickly stop threats

A new platform to consume, share, and act on threat intelligence

IBM X-Force Exchange is:

© 2015 IBM Corporation

IBM Security

4

OPENA robust platform with access to a wealth of threat intelligence data

• Over 700 terabytes of machine-generated intelligence from crawler robots, honeypots, darknets, and spamtraps

• Multiple third party and partner sources of intelligence

• Up to thousands of malicious indicators classified every hour

Quickly gain access to threat data from curated

sources:

Leverage the scale of IBM Security and partner ecosystem

Human intelligence adds context to machine-

generated data:

• Insights from security experts, including industry peers, IBM X-Force, and IBM Security professionals

• Collaborative interface to organize and annotate findings, bringing priority information to the forefront

© 2015 IBM Corporation

IBM Security

5

IBM Security Network Protection XGS

IBM Security QRadar Security Intelligence

IBM SecurityTrusteer Apex

Malware Protection

ACTIONABLEAn integrated solution to help quickly stop threats

STIX / TAXII(future feature)

API

• Integration between IBM Security products and X-Force Exchange-sourced actionable intelligence

• Designed for third-party integration with planned future support for STIX and TAXII, the established standard for automated threat intelligence sharing

• Leverage the API to connect threat intelligence to security products

Push intelligence to enforcement

points for timely protection

3rd Party Products

© 2015 IBM Corporation

IBM Security

6

SOCIALA collaborative platform for sharing threat intelligence

Add context to threats

via peer collaboration

• Connect with industry peers to validate findings

• Share a collection of Indicators of Compromise (IOCs) to aid in forensic investigations

Discovers a new malware domain and marks it as malicious in the X-Force Exchange

INCIDENTRESPONDER

1

Finds the domain and applies blocking rules to quickly stop malicious traffic. Shares with his CISO using the Exchange

SECURITYANALYST

2

Adds the domain to a public collection named “Malicious Traffic Sources Targeting Financial Industry” to share with industry peersCISO

3

For the first time, clients can interact with IBM X-Force security researchers and experts directly

IBM X-FORCE

4