IBM Verify Antenna

Edit online

IBM® Verify Antenna is a lightweight, self-hosted container that enables the seamless exchange of security events and risk signals by using the OpenID Shared Signals Framework.

The Shared Signals Framework (SSF) is a collaborative approach to cybersecurity threat detection and response. It enables organizations to share and act on threat intelligence in a standardized and automated way. By providing a common language and structure for describing security events, the framework facilitates the exchange of critical information between security systems, tools, and stakeholders.

This approach allows for more effective and efficient detection, prevention, and response to cyberthreats, ultimately improving the overall security posture of participating organizations. The framework is flexible and adaptable, supporting a wide range of use cases and threat scenarios, including phishing, ransomware, advanced persistent threats, and supply chain vulnerabilities.

By using the Shared Signals Framework, organizations can enhance their cybersecurity capabilities, reduce the risk of cyberattacks, and increase their resilience in the face of evolving cyberthreats.

IBM Verify Antenna can serve as both a transmitter and a receiver of security events within SSF.

As a transmitter, it ingests events from various sources such as files, databases, audit streams, and so on. It transforms them into standards-based or custom event formats, and transmits them securely, as defined by the framework.
As a receiver, IBM Verify Antenna consumes events and converts them into actions on target systems. For example, it can revoke user sessions when it detects risky behavior that is associated with a user or device.

For more information about this product, see IBM Verify Antenna.