Security

Merlin uses IBM Garage to fast-track new cybersecurity technology

Share this post:

Merlin Cloud Garage cybersecurityThe cybersecurity marketplace is crowded. There are hundreds of vendors with an amazing array of solutions flooding the space, yet many organizations still struggle to stay ahead.

In many companies, everyone is working as hard as they can to plug holes, but there is still a lack of knowledge about how to manage and understand all the tools and how they interact. IT executives are finding that the tools are confusing, too diverse and susceptible to attack. They are left evaluating dozens of tools without the ability to look toward a future roadmap of how they might integrate them.

Building a comprehensive cybersecurity offering

Merlin International, which provides software and solutions for the US federal government, saw the frustration of its clients in spending tremendous capital and time without getting any better at protecting themselves. Clients witnessed the number of tools quadruple without a commensurate ability to see what was coming, prioritize activity or tie back to overall security remediation processes.

That is why Merlin is building a comprehensive cybersecurity offering to improve how security operation centers (SOCs) respond to threats. The solution is based on security operations and analytics platform architecture (SOAPA) and will translate relationships with security software vendors into an ecosystem that will incrementally go after the gaps that exist in most large scale SOCs.

The platform architecture helps with flexibility and speed across multiple applications to address and solve legacy problems.

Building with the IBM Garage

Merlin partnered with the IBM Garage to define and build the first minimum viable product (MVP) on IBM Cloud Private (ICP). We chose ICP because it had ready-built functionality the company could use. Future components of the cybersecurity solution will incorporate the resident automation and AI functionality of ICP.

The cybersecurity solution focuses on user-centric designs to provide improved access to actionable data. For instance, the solution started with the concept of augmented asset visibility to enable a security supervisor to quickly gain understanding of the protection status (current and historical) of key threats and vulnerabilities such as anti-virus, malware, DNS, firewall and privileged access. 

The IBM Garage provided a venue for Merlin to ideate and hypothesize with a talented team of experts that included architects and designers along with stakeholders from across our company. The IBM Design Thinking approach used agile methodology and lean startup techniques to help us visualize our ideas, and our own product development team was able to adopt the tools we learned.

Six weeks to MVP

The MVP build engagement lasted just six weeks and focused on laying a solid foundation for both the user experience and the technical underlying framework. Merlin developed a browser-based dashboard to display data of near-real-time and historical cybersecurity events through various metrics and data visualizations. Users can also drill down into specific data points using dynamic graphs and charts.

In building the cybersecurity solution, we aimed to create scaffolding for an ecosystem that will use clients’ existing toolsets against each other to solve specific use cases. Instead of boiling the ocean, we started with endpoint security, thereby making a junior analyst confident in what is a threat, what action they need to take and how best to take it while leaving a detailed history for compliance.

The IBM Garage engagement helped us bring a very new, difficult and previously unvalidated technology to market. The cybersecurity solution is expected to be announced and available in the first quarter of 2019.

Explore how the IBM Garage can help your company.

More Security stories

7 pillars of a strong hybrid cloud security strategy

Hybrid cloud environments give companies the best of both worlds. They offer the elasticity and operational expenditure of public clouds with the data sovereignty, security and control found in a private cloud environment. By combining the two, companies can allocate workloads to the environment that makes the most sense for them. As organizations build these […]

Continue reading

5 data security techniques that help boost consumer confidence

These days, it seems like hardly any time passes between headlines about the most recent data breach. Consider the revelation in late September that a security intrusion exposed the accounts of more than 50 million Facebook users. For that matter, not much time goes by without a new survey or study that confirms the difficulty of […]

Continue reading

Machine learning: A key weapon in the cybersecurity battle

Since the dawn of the internet, companies have been fighting to stay ahead of cybercriminals. Artificial intelligence (AI) and machine learning have made this job easier by automating complex processes for detecting attacks and reacting to breaches. However, cybercriminals are also using this technology for their own malicious purposes. More and more hackers are exploiting […]

Continue reading