IBM X-Force Red, Big Blue’s crack team of security researchers, celebrate first birthday by releasing the Cracken and investing in new security testing practice areas.
IBM is looking to bolster automotive and IoT security, launching new security testing practice areas delivered by its IBM X-Force Red researchers.
The new IoT services look to capitalise on the fact that 58% of organisations only test IoT applications during the production phase, with the potential for vulnerabilities to creep into existing systems still unacceptably high.
IBM’s X-Force Red services will add an additional layer of security and penetration testing alongside the Watson IoT platform , which provides configuration and management of IoT environments.
“It’s not just about the technology, it is also about the global reach, investment, and collaborative approach which make IBM a trusted IoT partner for enterprise IoT solutions,” said James Murphy, Offering Manager, IBM Watson IoT Platform.
“With IoT technologies permeating the farthest corners of industry, IBM is bringing our Watson IoT Platform and X-Force Red security talent together to address present and future concerns.”
IBM is also extending the new services to the automotive space, with Big Blue pitching connected car security as a global priority.
The culmination of IBM X-Force Red having worked with more than a dozen automotive manufacturers and third-party automotive suppliers, the automotive practice aims to help clients secure hardware, networks, applications, and human interactions.
The connected car has a myriad of components and connections, with these components combined and connected to mobile applications and external servers – all of which points to the total amount of potential vulnerabilities for the vehicle climbing above the sum vulnerabilities of its parts. Keeping this in mind, IBM X-Force Red will perform discrete security testing of the components and solution-based security testing for the complete system of the vehicle.
It has been quite a year already for IBM’s crack team of researchers, with IBM X-Force Red marking its first-year anniversary with the addition of security specialists such as Cris Thomas (aka Space Rogue) and Dustin Heywood (aka Evil_Mog with Team Hashcat). Adding to their cyber security arsenal, IBM X-Force Red has also built a password cracker called “Cracken” designed to help clients improve password hygiene.
“Over the past year, we’ve seen security testing further emerge as a key component in clients’ security programs,” said Charles Henderson, Global Head of IBM X-Force Red.
“Finding issues in your products and services upfront is a far better investment than the expense of letting cybercriminals find and exploit vulnerabilities. Our own investments in people, tools and expertise have more than tripled our security testing capabilities in the first year of IBM X-Force Red, making our offense our clients’ best defense.”