Feature spotlights

Proactively Manage Response with the Security Module

The Resilient Security Module arms teams with a powerful platform for managing and resolving incidents quickly and efficiently. It includes Dynamic Playbooks, which enable security teams to automatically adapt their IR processes to real-time incident conditions, enabling a fast and complete response. The Security Module includes more than a dozen built-in intelligence feeds that supplement incident alerts with relevant context. Customizable reports and dashboards provide pertinent information.

Orchestrate and Automate with the Action Module

The Resilient Action Module empowers security teams to automate incident response plans and orchestrate IR processes and workflows. The Action Module enables teams to streamline basic, time-consuming steps, empowering analysts to focus on more strategic tasks and resolve incidents faster. The Action Module integrates with more than 100 security tools, and allows security teams to automate and fine-tune response workflows without specialized programming skills.

Manage Breach Notification Laws with the Privacy Module

The Resilient Privacy Module streamlines data breach notification preparation, assessment, and response. Built on a continually updated knowledgebase of global regulations, the Privacy Module provides data breach response plans that map to the latest regulations, taking the complexity out of tracking privacy legislation and regulations, contractual obligations, and industry best practices. The Privacy Module also provides assessment tools and simulations to help privacy teams prepare for GDPR.

Respond with Agility and Intelligence with Dynamic Playbooks

Resilient's Dynamic Playbooks are an agile and adaptive workflow built on a sophisticated logic engine. It updates IR plans automatically as new information about an incident is uncovered, using organizations’ security tools to ingest data about an incident. Dynamic Playbooks help security teams ensure a fast and complete response to threats, and provide the speed, agility, and intelligence needed to contend with increasingly complex attacks.

Understand Your Environment with Incident Visualization

Resilient Incident Visualization graphically displays the relationships between incident artifacts or Indicators of Compromise (IOCs) and incidents in an organization’s environment. With Incident Visualization, analysts can see the most pertinent relationships between artifacts and incidents. This provides greater insight into incidents, helps quickly uncover broader campaigns, and shows how attacks unfold over time. It also enables analysts to immediately act directly within the visualizer.

Make Complex Processes Simple with Visual Workflows

IBM Resilient's Visual Workflows enables security teams orchestrate incident response with visually built, complex workflows based on tasks and technical integrations. And with a business process management notation engine, Visual Workflows requires no special programming or coding skills.

Train Your Team and Processes with Resilient's Simulations

IBM Resilient's incident simulations and reporting features enable security teams to test their response plans, identify gaps in their processes or skills sets, and continually measure and refine their response capabilities – enabling them to stay ahead of today's complex cyber threat environment.

Customer case study

  • Case study image

    Top Global Research Laboratory Case Study

    Top Global Research Laboratory Case Study
    Read the case study

How customers use it

  • For the CISO

    For the CISO

    Problem

    Executives lack visibility into their threat enviroment.

    Solution

    Resilient provides access and visibility into incident response program through custom dashboards and reports. Additionally, Resilient helps clients increase the measurable time-to-value of security spend and the ROI of their security investments.

  • For the Incident Response Manager

    For the Incident Response Manager

    Problem

    Measuring and improving IR effectiveness is a challenge.

    Solution

    IBM Resilient enables IR managers to measure and act to improve SOC productivity, processes, and time to resolve. And by elevating staff effectiveness with the right tools and proceses, Resilient helps organizations address the security skills gap.

  • For the Analyst

    For the Analyst

    Problem

    Analysts rely on disparate tools and ad hoc IR processes.

    Solution

    Resilient enables teams to establish standard IR processes and automate repetitive and time-consuming tasks. This empowers analysts to resolve incidents quickly, and spend more time on more strategic tasks.