New! Deep dive into the cost savings and benefits of a SOAR platform

New! Deep dive into the cost savings and benefits of a SOAR platform Read Forrester's Total Economic Impact™ of IBM Security Resilient

Feature spotlights

Collaborate with consistency with case management

Ensuring that the right person gets the right information at the right time is crucial to incident response. IBM Security Resilient empowers your security team with robust case management capabilities that enable in-platform notifications and information sharing. It can also extend communications beyond the SOC to involve key players in functions like IT, Legal, Communications, and Human Resources by integrating with popular collaboration tools.

Install and deploy integrations quickly with AppHost

With an extensive orchestration and automation ecosystem formed by more than 160 IBM Validated, Third-Party Supported and Community applications published via the IBM App Exchange, IBM Security Resilient enables numerous integrations with other security tools. AppHost, Resilient's new integration server, makes the installation and configuration of applications quick and simple with a step-by-step installation process that allows for editable settings and configurations.

Respond with agility and intelligence with dynamic playbooks

IBM Security Resilient's playbooks are dynamic and additive, which means that they adapt and change with an incident as the known facts evolve during an incident investigation. This dynamism is critical to your security operations center (SOC) analysts because it amplifies your team's ability to respond to incidents by providing them with a recommended course of action and giving them the agility to pivot as required by changing events.

Make complex processes simple with visual workflows

Workflows codify your organization's incident response processes and allow you to leverage automation to eliminate repetitive tasks, orchestration to integrate with other security tools, and human intelligence to make decisions. Resilient's visual workflow editor enables your team to design and build complex workflows with a business process management notation (BPMN) engine that requires no special programming or coding skills. Playbooks consist of a single or multiple discrete workflows.

Visualize and understand relationships across incidents

Leverage the artifact visualization graph to better see and understand the relationship between incidents and the details associated with each incident, which may help uncover a broader campaign or an advanced persistent threat (APT). Information about related closed or open incidents is also displayed in hover and timeline view in Resilient.

Inform strategic business decisions by tracking key metrics

Track metrics and KPIs for incidents and users, including mean time to detect (MTTD) and mean time to respond (MTTR), through Resilient's comprehensive dashboards and reporting capabilities. Based on your results and analysis, you may choose to run simulations to train new employees, test new workflows and incident response plans, or practice different cyber-threat scenarios.

Integrate Privacy use cases with your SOAR platform

Keep up with the ever-increasing challenges to address complex privacy breach reporting requirements and meet compliance standards with IBM Security Resilient with Privacy. The Global Privacy Regulations Knowledgebase, at the heart of the solution, tracks over 170 global regulations, including GDPR, PIPEDA, HIPAA, CCPA, LGDP, and all 50 stated breach notification rules, and provides your team with guidance through the breach notification process.

Product specifications

Technical specifications

IBM Security Resilient requires Red Hat Enterprise Linux 7.4 to 7.7 or better.

Software requirements

IBM Security Resilient web access requires the latest versions of Firefox, Chrome, Edge, and Safari to log in.

Hardware requirements

IBM Security Resilient requires a server with 4 CPU cores, 16 GB of memory, and a minimum of 100 GB of disk space.

Customer case studies

Screen shot of KBC Group Case Study

KBC Group

How to create a cyber-resilient multinational banking and insurance group

Screen shot of TalkTalk Case Study

TalkTalk

Resolving issues eight times faster with IBM Security Resilient

Screen shot of Secure24 Case Study

Secure24

An investigative team speeds incident response with IBM Security Resilient

How customers use it

  • Graphic to illustrate Alert Triage

    Alert Triage

    Problem

    Security analysts manage numerous alerts daily, which can lead to analyst burnout and make it hard to separate the signal from the noise to triage alerts effectively.

    Solution

    A SOAR platform can help reduce alert fatigue and improve security operations. IBM Security Resilient allows you to escalate alerts directly from your SIEM and to automate responses to low-level alerts, therefore optimizing alert handling.

  • Graphic to illustrate Incident Enrichment

    Incident Enrichment

    Problem

    Collecting information to add context to an alert and determine its severity can be time-consuming since it requires analysts to search across other tools.

    Solution

    Through its powerful orchestration capabilities, IBM Security Resilient integrates with numerous security tools. This enables automatic incident enrichment, which reduces investigation time and allows analysts to focus on analysis and response.

  • Graphic to illustrate Automated Phishing Response

    Automated Phishing Response

    Problem

    Phishing attacks, which can do significant harm to an organization, are on the rise. For this reason, security teams are seeing a higher volume of alerts related to possible phishing attacks.

    Solution

    IBM Security Resilient allows your security team to build and implement phishing playbooks, guided incident response plans that align with your organization's standard operation procedures, to resolve phishing incidents efficiently and effectively.

  • Graphic to illustrate Vulnerability Management

    Vulnerability Management

    Problem

    Vulnerabilities present different risk levels depending on how easy it is to exploit them; hence security teams need to work closely with IT to identify and patch critical vulnerabilities fast.

    Solution

    Bridge the gap and improve collaboration between security and IT teams with IBM Security Resilient, which integrates with Red Hat Ansible to automate and accelerate remediation, as well as ticketing systems to track and manage tasks across teams.

  • Graphic to illustrate meeting compliance requirements

    Meet compliance requirements

    Problem

    Keeping up with evolving data breach reporting requirements and regulations is challenging, as well as generating quick, comprehensive reports for authorities during audits.

    Solution

    IBM Security Resilient is the only SOAR platform that integrates privacy use cases. With a global library of over 170 regulations, it guides your team through the breach notification process and generates detailed, audit-ready reports.

Next Steps

See how it works

Buy now and get started

You may also be interested in

IBM Cloud Pak for Security

Integrate security tools to gain insights into threats across hybrid, multicloud environments.

IBM X-Force Incident Response and Intelligence Services

Proactively manage your security threats with the expertise, skills and people of IBM Security Services.

IBM QRadar

Intelligent security analytics for insight into your most critical threats.

IBM X-Force Exchange

Speed your security investigations with actionable threat intelligence that integrates with your security tools.

IBM Guardium Data Protection for Databases

Safeguards sensitive data using automated discovery, classification, monitoring and cognitive analytics.