Meet IBM Watson’s cyber security AI Havyn
IBM has announced Watson-powered tools for cyber security. Over the past year, the cognitive computing programme, Watson has been trained on over 1 million security document. The tool can now help security analysts examine thousands of natural language research reports. On average security teams sift through more than 200,000 security events per day leading to over 20,000 hours per year wasted chasing false positives according to IBM research. With the number of security incidents expected to double over the next five years, the introduction of technologies that speed up the detection process will be critical.
Watson for Cyber Security will be integrated into IBM s new Cognitive SOC platform, the centrepiece of which is IBM QRadar Advisor. This is the first tool that taps into Watson s corpus of cyber security insights and provides users with the ability to respond to threats across endpoints, networks, users and cloud. Over 40 customers are already using the new app, including Avnet, University of New Brunswick and Sopra Steria.
“Today’s sophisticated cyber security threats attack on multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data,” said Sean Valcamp, Chief Information Security Officer at Avnet.
“Watson makes concealment efforts more difficult by quickly analysing multiple streams of data and comparing them with the latest security attack intelligence to provide a more complete picture of the threat. Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team’s ability to respond accordingly.”
IBM has also revealed Havyn, a voice-powered security assistant that leverages Watson conversation technology to respond to verbal commands and natural language from security analysts. Havyn uses Watson APIs, BlueMix and IBM Cloud to provide real-time response to verbal requests and commands, accessing data from open source security intelligence. For example, Havyn can provide security analysts with updates on new threats that have appeared and recommended remediation steps. A recent IBM study found that only 7 percent of security professionals are using cognitive tools today, but that usage is expected to triple over the next two to three years.