Share this post:
The cybersecurity marketplace is crowded. There are hundreds of vendors with an amazing array of solutions flooding the space, yet many organizations still struggle to stay ahead.
In many companies, everyone is working as hard as they can to plug holes, but there is still a lack of knowledge about how to manage and understand all the tools and how they interact. IT executives are finding that the tools are confusing, too diverse and susceptible to attack. They are left evaluating dozens of tools without the ability to look toward a future roadmap of how they might integrate them.
Building a comprehensive cybersecurity offering
Merlin International, which provides software and solutions for the US federal government, saw the frustration of its clients in spending tremendous capital and time without getting any better at protecting themselves. Clients witnessed the number of tools quadruple without a commensurate ability to see what was coming, prioritize activity or tie back to overall security remediation processes.
That is why Merlin is building a comprehensive cybersecurity offering to improve how security operation centers (SOCs) respond to threats. The solution is based on security operations and analytics platform architecture (SOAPA) and will translate relationships with security software vendors into an ecosystem that will incrementally go after the gaps that exist in most large scale SOCs.
The platform architecture helps with flexibility and speed across multiple applications to address and solve legacy problems.
Building with the IBM Cloud Garage
Merlin partnered with the IBM Cloud Garage to define and build the first minimum viable product (MVP) on IBM Cloud Private (ICP). We chose ICP because it had ready-built functionality the company could use. Future components of the cybersecurity solution will incorporate the resident automation and AI functionality of ICP.
The cybersecurity solution focuses on user-centric designs to provide improved access to actionable data. For instance, the solution started with the concept of augmented asset visibility to enable a security supervisor to quickly gain understanding of the protection status (current and historical) of key threats and vulnerabilities such as anti-virus, malware, DNS, firewall and privileged access.
The IBM Cloud Garage provided a venue for Merlin to ideate and hypothesize with a talented team of experts that included architects and designers along with stakeholders from across our company. The IBM Design Thinking approach used agile methodology and lean startup techniques to help us visualize our ideas, and our own product development team was able to adopt the tools we learned.
Six weeks to MVP
The MVP build engagement lasted just six weeks and focused on laying a solid foundation for both the user experience and the technical underlying framework. Merlin developed a browser-based dashboard to display data of near-real-time and historical cybersecurity events through various metrics and data visualizations. Users can also drill down into specific data points using dynamic graphs and charts.
In building the cybersecurity solution, we aimed to create scaffolding for an ecosystem that will use clients’ existing toolsets against each other to solve specific use cases. Instead of boiling the ocean, we started with endpoint security, thereby making a junior analyst confident in what is a threat, what action they need to take and how best to take it while leaving a detailed history for compliance.
The IBM Cloud Garage engagement helped us bring a very new, difficult and previously unvalidated technology to market. The cybersecurity solution is expected to be announced and available in the first quarter of 2019.
Explore how the IBM Cloud Garage can help your company.