IBM Resilient customers are building versatile, adaptable incident response playbooks and workflows with expanded functions and community applications – recently released on the IBM Security App Exchange.
With the new IBM Resilient community, you can collaborate with fellow security experts on today’s top security challenges, share incident response best practices, and gain insights into the newest integrations.
2. 2 IBM Security
About our Speakers
Hugh Pyle, Product Manager
IBM Resilient
Jamie Cowper, Security Marketing Leader,
Resilient
IBM Resilient
3. 3 IBM Security
Today’s Agenda
• What’s new in Resilient v31
• Integrating IBM Resilient with the rest of your security operations tools
̶ Threat Intelligence
̶ Workflows and Functions
̶ IBM Security App Exchange
• Integrations in practice: demonstrations
4. 4 IBM Security
Resilient v31
• Local language versions: jp, kr, zh, zh-TW, it, fr,
de, es, pt-BR, ru, en
• Dashboard improvements: filters & aggregations
• Privacy regulation updates
• Disaster Recovery (DR) deployment tools
• Audit & Logging improvements
• Activity Fields in workflows
• Many usability improvements to Python scripting
7. 7 IBM Security
IBM Resilient Intelligent Orchestration Ecosystem
IBM-Validated
and Supported
Applications
Community
Applications
Escalation
• SIEM
• Ticketing
• IPS/IDS
• UBA
• DLP
Communication and
Coordination
• Enterprise communications
• Ticketing
• Crisis management
Containment, Response, Recovery
• Endpoint
• Ticketing
• Next-generation firewall
• Cloud Access Security Broker
Identification and Enrichment
• Endpoint
• Sandbox
• Threat Intelligence
• CMDB
Unlocks power of existing
tools and technologies and
increases security ROI and
time to value.
Enables faster and smarter
response through
shared IR knowledge,
expertise, and resources.
Code Examples
Community-built scripts
and automations
Developer Tools and SDKs
IBM Resilient-provided
resources and documentation
for building Resilient apps
Playbooks and
Workflows
Incident response tasks
lists and expertise from
the Resilient community
Integrations
Applications that leverage
your existing IT and security
tools for IR
Best Practices
Community knowledge
sharing, metrics, and reports
11
11. 11 IBM Security
IBM Security App Exchange & Community
App Exchange Community App Exchange
IBM Validated playbooks and
integrations from IBM and
technology partners
Community-supplied playbooks
and integrations
Contributors can be… Technology Partners
IBM engineers
Customers
IBM review activities… Functionality validation
Security review
Functional testing of use cases
Functionality review
Basic security review
Support… Support is available from app
vendor (by email or forum)
Support may be available from
app author
NEW