IBM Resilient Incident Response Platform on Cloud streamlines incident response and privacy response management and delivers an automatic, fast, and flexible way to react to incidents

IBM Canada Ltd. Software Announcement A17-0062
January 31, 2017

Table of contents

	Overview		Technical information
	Key prerequisites		Ordering information
	Planned availability date		Terms and conditions
	Program number		Prices
	Publications		Order now

Overview

IBM® Resilient Incident Response Platform (IRP) on Cloud orchestrates and automates the people, process, and technology that are associated with incident response. Resilient IRP on Cloud streamlines incident response and privacy response management and provides an automatic, fast, and flexible way for organizations to react to incidents with the introduction of two, new orderable components:

Resilient IRP Standard Plus Privacy on Cloud
Standard Plus Privacy combines the security capabilities of Resilient on Cloud Standard with the Resilient privacy functions. This results in generated response plans to include not only IT security-related tasks, but also appropriate global-data-privacy-breach-notification tasks. These tasks are based on the type of data compromised and applicable regulations. Standard Plus Privacy includes:
- A set of cyber-security-response guidelines that are based on industry standards and best practices.
- A knowledgebase of global privacy data breach notification regulations, which is tracked and interpreted by an internal team of certified privacy professionals.
- Data-breach-notification-response plans that promptly map to the latest regulations. These plans help take the complexity out of compliance obligations for tracking:
  - Privacy-data-breach-notification regulations
  - Industry-specific data breach requirements
  - Company-specific obligations
  - Third-party requirements
  - Industry best practices
- Curated, data-breach-notification regulatory information from external privacy professionals and the community of Resilient IRP users.
- Automated notification of new regulations that help to provide context around an organization's ongoing, data-breach-notification-compliance obligations.

Resilient IRP Standard Plus Action on Cloud
Standard Plus Action combines the security capabilities of Resilient on Cloud Standard with the Resilient action functions. This results in generated response plans to include not only guidance on the appropriate steps to take, but the ability to execute those tasks from within the Resilient run-time environment. Standard Plus Action includes the ability to:
- Help orchestrate response processes by:
  - Making alerts actionable
  - Streamlining remediation tasks
  - Adapting in near real-time as the incident evolves
- Automate the tasks associated with triage and enrichment to enable analysts to focus energy on investigation and response instead of pivoting between tools.
- Synthesize data from existing security and IT systems, which includes endpoint security tools, SIEMs, and ticketing systems, to provide critical, near-real-time information.
- Automate a wide range of menial tasks that include:
  - User identification through LDAP
  - Asset enrichment or discovery with the integration of a configuration management database (CMDB)
  - Cyber threat intelligence lookup
- Help to empower security teams to automate and fine-tune response processes and workflows without custom development or specialized programming skills.

To utilize either Standard Plus Privacy on Cloud or Standard Plus Action on Cloud, a run-time environment must have at least one Resilient IRP Standard on Cloud Authorized User license.

Key prerequisites

Resilient IRP on Cloud requires an internet connection and a workstation with a browser.

For specific browser requirements, refer to the Technical information section.

Planned availability date

January 31, 2017

Accessibility by people with disabilities

A US Section 508 Voluntary Product Accessibility Template (VPAT), containing details about accessibility compliance, can be found on the IBM Accessibility website.

Reference information

For information on the IBM acquisition of Resilient Systems, Inc, refer to the IBM News room.

For additional information on Resilient IRP on Cloud, refer to Software Announcements:

A17-0130, dated January 10, 2017
A16-0688, dated November 1, 2016

For additional information on Resilient IRP as an on-premise offering, refer to Software Announcements:

A17-0068, dated January 31, 2017
A16-0689, dated November 1, 2016
A16-0438, dated June 14, 2016

Program number

Program number	VRM	Program name
5737-C07	SaaS	IBM Resilient Incident Response Platform on Cloud

Publications

For product documentation, contact your IBM representative.

Services

Software Services

IBM Software Services has the breadth, depth, and reach to manage your services needs. You can leverage the deep technical skills of our lab-based, software services team and the business consulting, project management, and infrastructure expertise of our IBM Global Services team. Also, we extend our IBM Software Services reach through IBM Business Partners to provide an extensive portfolio of capabilities. Together, we provide the global reach, intellectual capital, industry insight, and technology leadership to support a wide range of critical business needs.

To learn more about IBM Software Services, contact your Lab Services Sales or Delivery Leader.

Technical information

Specified operating environment

Hardware requirements

Resilient IRP on Cloud requires:

A workstation that supports one of the web browsers as listed in the Software requirements section
A direct, internet connection

Software requirements

Resilient IRP on Cloud requires one of the following supported web browsers:

Microsoft™ Internet Explorer V11
Mozilla Firefox, latest version for your operating system and ESR 38
Google Chrome, latest version for your operating system
Safari, latest version for Mac

The program's specifications and specified operating environment information may be found in documentation accompanying the program, if available, such as a readme file, or other information published by IBM, such as an announcement letter. Documentation and other program content may be supplied only in the English language.

Such information is provided subject to the following terms. IT system security involves protecting systems and information through prevention, detection, and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated, or misused, or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service, or security measure can be completely effective in preventing improper use or access. IBM systems, products, and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products, or services to be most effective.

Important: IBM does not warrant that any systems, products, or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

Planning information

Packaging

This offering is delivered through the internet. There is no physical media.

Ordering information

This product is only available through Passport Advantage. It is not available as shrinkwrap.

These products may only be sold directly by IBM or by authorized IBM Business Partners for Software Value Plus.

More information can be found on the IBM Software Value Plus website.

To locate IBM Business Partners for Software Value Plus in your geography for a specific Software Value Plus portfolio, go to the Find a Business Partner page.

Product Group: Security

Product: IBM Resilient Incident Response Platform on Cloud (5737-C07)

Product Category: Resilient Incident Response Platform

Passport Advantage

IBM Resilient Incident Response System on Cloud (5737-C07)

Except for the additional part numbers as described in the table below, the ordering information remains unchanged from Software Announcement A16-0688, dated November 1, 2016.

Program name/Description	Part number
IBM Resilient Incident Response Platform Standard Plus Action on Cloud Instance per Month	D1S2FLL
IBM Resilient Incident Response Platform Standard Plus Action on Cloud Instance Overage	D1S2GLL
IBM Resilient Incident Response Platform Standard Plus Privacy on Cloud Instance per Month	D1S2HLL
IBM Resilient Incident Response Platform Standard Plus Privacy on Cloud Instance Overage	D1S2ILL

New users of Resilient IRP Standardon Cloud

When ordering either the Resilient IRP Standard Plus Privacy on Cloud or Resilient IRP Standard Plus Action on Cloud license, you must order at least one Resilient IRP Standard Authorized User license.

Current users of Resilient IRP Standard on Cloud

When ordering either the Resilient IRP Standard Plus Privacy on Cloud or Resilient IRP Standard Plus Action on Cloud license, you must have at least one Resilient IRP Standard Authorized User license.

Charge metric

Passport Advantage®

Program/service name	Program number	Charge unit description
IBM Resilient IRP on Cloud	5737-C07	Authorized User Instance

Authorized User

Authorized User is a unit of measure by which the IBM SaaS can be obtained. Client must obtain separate, dedicated entitlements for each unique Authorized User given access to the the IBM SaaS in any manner directly or indirectly (for example, through a multiplexing program, device or application server) through any means. Sufficient entitlements must be obtained to cover the number of Authorized Users given access to the IBM SaaS during the measurement period specified in Client's Proof of Entitlement (PoE) or Transaction Document.

Instance

Instance is a unit of measure by which the IBM SaaS can be obtained. An Instance is access to a specific configuration of the IBM SaaS. Sufficient entitlements must be obtained for each Instance of the IBM SaaS made available to access and use during the measurement period specified in Customer's Proof of Entitlement (PoE) or Transaction Document.

Terms and conditions

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Passport Advantage Agreement, the International Passport Advantage Express® Agreement, the Cloud Services Agreement and associated Service Descriptions, or the IBM SaaS Terms of Use.

This product is only available through Passport Advantage. It is not available as shrinkwrap.

Subscription

The IBM International Passport Advantage Agreement and the IBM SaaS Terms of Use or the IBM Cloud Services Agreement (CSA) and the Service Description govern your use of this offering.

Technical support

Technical support is provided for IBM SaaS and enabling software, as applicable, during the subscription period. Any enhancements, updates and other materials provided by IBM as part of any such technical support are considered to be part of IBM SaaS or enabling software, as applicable, and therefore governed by the SaaS Terms of Use or the CSA and associated Service Description. Technical support is included with IBM SaaS and is not available as a separate offering.

Refer to additional technical support information in the IBM Software as a Service Terms of Use document for the program.

Terms of Use

The program's Terms of Use and CSA Service Description document is available on the Software as a Service terms website.

Limited warranty

If warranted, refer to the warranty as stated in the Terms of Use document or the Cloud Services Agreement for this offering.

Money-back guarantee

Volume orders (IVO)

Passport Advantage applies

Yes, information is available on the Passport Advantage and Passport Advantage Express® website.

Software Subscription and Support applies

IBM Operational Support Services - Support Line

Other support

Passport Advantage

System i Software Maintenance applies

Variable charges apply

Educational allowance available

Not applicable.

Statement of good security practices

IT system security involves protecting systems and information through prevention, detection, and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, or misappropriated or can result in misuse of your systems to attack others. Without a comprehensive approach to security, no IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products, or services to be most effective.

Important: IBM does not warrant that any systems, products, or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

Prices

Prices are subject to change without notice.

GST, QST, and sales taxes, where applicable, are extra.

Business Partner information

If you are an IBM Business Partner -- Distributor for Workstation Software acquiring products from IBM, you may link to Passport Advantage On-line for resellers where you can obtain Business Partner pricing information. An IBMid and password are required to access the IBM Passport Advantage website.

Passport Advantage

For Passport Advantage information and charges, contact your IBM representative or authorized IBM Business Partner for Software Value Plus. Additional information is also available on the Passport Advantage and Passport Advantage Express website.

IBM Global Financing

IBM Global Financing offers competitive financing to credit-qualified customers to assist them in acquiring IT solutions. Offerings include financing for IT acquisition, including hardware, software, and services, from both IBM and other manufacturers or vendors. Offerings (for all customer segments: small, medium, and large enterprise), rates, terms, and availability can vary by country. Contact your local IBM Global Financing organization or go to the IBM Global Financing website for more information.

IBM Global Financing offerings are provided through IBM Credit LLC in the United States, and other IBM subsidiaries and divisions worldwide to qualified commercial and government customers. Rates are based on a customer's credit rating, financing terms, offering type, equipment type, and options, and may vary by country. Other restrictions may apply. Rates and offerings are subject to change, extension, or withdrawal without notice.

Financing from IBM Global Financing helps you preserve cash and credit lines, enables more technology acquisition within current budget limits, permits accelerated implementation of economically attractive new technologies, offers payment and term flexibility, and can help match project costs to projected benefits. Financing is available worldwide for credit-qualified customers.

Order now

To order, contact your Americas Call Centers, local IBM representative, or your IBM Business Partner. To identify your local IBM representative or IBM Business Partner call 800- IBM -4YOU (426-4968). For more information, contact the Americas Call Centers.

Phone: 800- IBM -CALL (426-2255)

Fax: 800-2IBM-FAX (242-6329)

For IBM representative: askibm@ca.ibm.com

For IBM Business Partner: pwcs@us.ibm.com

Mail:

IBM Teleweb Customer Support

ibm.com® Sales Execution Center, Americas North

3500 Steeles Ave. East, Tower 3/4

Markham, Ontario

Canada L3R 2Z1

Reference:

YE001

The Americas Call Centers, our national direct marketing organization, can add your name to the mailing list for catalogues of IBM products.

IBM Software Value Plus

These products are available under IBM Software Value Plus, either directly from IBM or through authorized Business Partners who invest in skills and high-value solutions. IBM customers may benefit from the industry-specific or horizontal solutions, skills, and expertise provided by these Business Partners.

Additions to Software Value Plus will be communicated through standard product announcements. For a current list of IBM software available under Software Value Plus, go to the IBM Software Value Plus website.

For questions regarding Software Value Plus, go to the IBM Software Value Plus website.

Trade-marks

IBM, Passport Advantage, System i, Express, PartnerWorld and ibm.com are registered trade-marks of IBM Corporation in the United States, other countries, or both.

Microsoft is a trade-mark of Microsoft Corporation in the United States, other countries, or both.

Other company, product, and service names may be trade-marks or service marks of others.

^tm Trade-mark owned by International Business Machines Corporation and is used under license by IBM Canada Ltd.

® Registered trade-mark of International Business Machines Corporation and is used under license by IBM Canada Ltd.

(**) Company, product or service name may be a trade-mark or service mark of others.

Terms of use

IBM products and services which are announced and available in your country can be ordered under the applicable standard agreements, terms, conditions, and prices in effect at the time. IBM reserves the right to modify or withdraw this announcement at any time without notice. This announcement is provided for your information only. Additional terms of use are located at:

For the most current information regarding IBM products, consult your IBM representative or reseller, or visit the IBM worldwide contacts page

IBM Canada