IBM and TruSTAR help security teams operationalize intelligence at-speed, in-workflow, and on-demand.
IBM Security and TruSTAR have come together to provide a joint Enterprise Intelligence Management solutions designed to help security teams prioritize events and enrich investigations.
TruSTAR and IBM partnered with the City of Los Angeles to launch the LA Cyber Lab (LACL), an intelligence sharing initiative that helps collect and enrich intelligence between the private and public sector. This initiative provides state and local organizations in the Los Angeles area with actionable threat intelligence data needed to defend their organizations at no cost.
Intelligence Sharing - The centerpiece of this collaborative effort is the LA Cyber Lab Cyber Threat Intelligence Sharing Platform (TISP), which is powered by TruSTAR. The platform makes it easy for business, government, and citizens to share suspicious data and validate if it is a threat.
Phishing Enrichment - When a user submits a suspicious email, the platform reviews the email and extracts key information to enrich it against 25+ intelligence data sources to indicate the level of risk.
Incident Response - The IOCss collected through TISP help businesses block cyber attacks and to search their networks for potential compromises. Companies from a variety of sectors are sharing information with the LACL TISP.
Adding to IBM’s impressive collection of security workflow tools like QRadar and Resilient, TruSTAR can now operationalize IBM Premier Threat Intelligence throughout your security ecosystem. With TruSTAR’s Enterprise Intelligence Management platform, security teams can automatically ingest, normalize, and enrich multiple data sources, accelerating incident response times.
Streamline the ingest of intelligence into SIEM tools like IBM QRadar for automated, high-signal detection.
Enrich tickets with third-party intelligence when investigating and responding to alerts via IBM Resilient.
Operationalize intelligence across security tools to prioritize investigations and accelerate incident response.
Triage with confidence and context. Redact and share reports with your internal team and external sharing communities.