Contact
QR code for the current URL

Story Box-ID: 808831

IBM Deutschland GmbH Schönaicher Str. 220 71032 Böblingen, Germany http://www.de.ibm.com
Contact Mr Hans-Juergen Rehm +49 7034 151887

IBM Announces New Security Testing Group: "X-Force Red"

Company Expands Security Testing Team with World-Renowned Experts, Continues Expansion of Security Consulting and Services Business

(PresseBox) (Armonk, N.Y., )
IBM (NYSE: IBM) Security today announced the formation of IBM X-Force Red, a group of security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware, and software applications before cybercriminals do. The team, part of IBM Security Services, will also examine human security vulnerabilities in daily processes and procedures that attackers often use to circumvent security controls.

The new team will be led by IBM's Charles Henderson, a world-renowned penetration testing expert. IBM X-Force Red is a global team with a network of hundreds of security professionals based in dozens of locations around the world, including the United States, the United Kingdom, Australia and Japan.

The security testing professionals of IBM X-Force Red bring expertise from across multiple industries like healthcare, financial services, retail, manufacturing and the public sector. Collectively, they have conducted security tests for the world’s largest brands and governments including penetration testing, ethical hacking, social engineering, and physical security testing. IBM X-Force Red shares security intelligence with IBM X-Force Research, IBM X-Force Exchange threat sharing platform, and IBM Security AppScan, while providing an additional layer of security testing through human creativity, insights, and experience.

Malicious attacks against corporate assets are on the rise, with 64 percent more security incidents reported in 2015 than in 2014.1 As new solutions are brought online, security is often an afterthought. For example, an IBM study found that 33 percent of companies do not test mobile applications for security vulnerabilities.2 Attackers looking for the next zero-day exploit constantly scrutinize existing technologies; these technologies require periodic security testing to maintain their integrity.

“Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked,” said Charles Henderson, Global Head of Security Testing and X-Force Red, IBM Security. “Elite human testers can learn how an environment works and create unique attacks using techniques even more sophisticated than what the criminals have. IBM X-Force Red gives organizations the freedom to stay agile without creating blind spots in their security posture.”

IBM X-Force Red’s four focus areas are:
  • Application – Penetration testing and source code review to identify security vulnerabilities in web, mobile, terminal, mainframe, and middleware platforms
  • Network – Penetration testing of internal, external, wireless, and other radio frequencies
  • Hardware – Verifying the security between the digital and physical realms by testing Internet of Things (IoT), wearable devices, point-of-sale (PoS) systems, ATMs, automotive systems, and self-checkout kiosks
  • Human – Performing simulations of phishing campaigns, social engineering, ransomware, and physical security violations to determine risks of human behavior
IBM X-Force Red provides security testing services in three models: individual projects, subscription-based testing, and managed testing programs. The subscription model offers significant budget flexibility by pre-allocating testing funds without defining specific testing targets or even test types. Managed testing programs are ideal for organizations without the security staff to determine testing priorities, document remediation requirements, and enforce policies.

All of the models include vulnerability analytics designed to improve the efficiency and impact of security testing programs. This nimble approach gives companies increased elasticity of security spend and powerful testing on demand, including vulnerability assessment and management for the full lifecycle of application and network deployments.

About IBM Security

IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world’s broadest security research, development and delivery organizations, monitors 35 billion security events per day in more than 130 countries, and holds more than 3,000 security patents. For more information, please visit www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

1.X-Force IBM Cyber Security Intelligence Index, April 2016

2.The State of Mobile Application Insecurity, March 2015

Website Promotion

Website Promotion
The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.
Important note:

Systematic data storage as well as the use of even parts of this database are only permitted with the written consent of unn | UNITED NEWS NETWORK GmbH.

unn | UNITED NEWS NETWORK GmbH 2002–2024, All rights reserved

The publisher indicated in each case (see company info by clicking on image/title or company info in the right-hand column) is solely responsible for the stories above, the event or job offer shown and for the image and audio material displayed. As a rule, the publisher is also the author of the texts and the attached image, audio and information material. The use of information published here is generally free of charge for personal information and editorial processing. Please clarify any copyright issues with the stated publisher before further use. In case of publication, please send a specimen copy to service@pressebox.de.