Endpoint

10/22/2013
04:31 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

IBM Protects Clients From Security Attacks With New Cloud Solution

New software and services are based on a partnership with Akamai Technologies

ARMONK, N.Y., Oct. 22, 2013 /PRNewswire/ -- IBM (NYSE: IBM) today announced a new cloud solution that combines software analytics and cloud security services to fend off web-based Distributed Denial of Services (DDoS) attacks for organizations doing business on the web and in the cloud. The new software and services are based on a partnership with Akamai Technologies, Inc.

(Logo: http://photos.prnewswire.com/prnh/20090416/IBMLOGO)

DDoS attacks are focused on the disruption of web-based assets such as company home pages, e-commerce sites and web-based cloud services. These attacks work by overloading the bandwidth of a web site or cloud application, rendering its service inoperable and preventing legitimate clients from being able to connect to it. This can result in revenue loss for an organization, as customers and clients are unable to complete transactions online.

DDoS attacks can also be used as a distraction, allowing attackers to breach other systems in the enterprise while IT staffs are forced to make difficult risk-based decisions, possibly without visibility to the full scope of what is occurring.

Based on daily monitoring of security for more than 4,000 clients, IBM has determined that DDoS attacks are on the rise. The average large company must filter through 1,400 cyber attacks weekly according to the IBM Cyber Security Intelligence Index. But many organizations do not have the on-site expertise or the right IT skills and tools required to combat them. Also, many do not have an incident response program in place or rely on existing programs that are out of date, not regularly tested or recently updated to address the growing exponential threats.

As part of the cloud solution, IBM will integrate Akamai's always-on cloud-based web security solution, "Kona Site Defender" with IBM's Cloud Security Services portfolio.

"Our clients tell us there is a need to strengthen cloud security," said Kris Lovejoy, general manager, IBM Security Services. "The partnership with Akamai combines a world-class security team and an intelligent network platform to strengthen cloud security. Together with Akamai, IBM can provide both proactive and reactive DDoS protection from the increasing frequency, scale and sophistication of these attacks."

The companies will also share security intelligence insights gained by applying business analytics to extensive security monitoring data to better detect threats, identify security risks and areas of noncompliance and set priorities for remediation. IBM's X-FORCE(r) research and development will contribute global analytics capabilities and the world's most comprehensive threats and vulnerabilities database. IBM will also use its Q1Radar security solution, which gathers information from multiple sources and using analytics identifies potential threats and breaches.

The result for clients is managed DDoS protection that covers a full spectrum of services including:

-- Preparation - development of readiness plans and response protocols

-- Mitigation - proactively stop attacks before they affect clients'

networks

-- Monitoring - monitor network traffic, DDoS alerts, and the real-time

health of IT resources

-- Response - trained response experts on standby to assist with attacks;

to contain, eradicate, recover and identify primary and secondary

attacks

-- Intelligence - deliver insights on internet threat conditions and

provide real-time DDoS metrics

"DDoS mitigation and prevention can be incredibly complex and resource intensive, and organizations often find they simply don't have the right resources in place to be as effective as they need to be to meet the web security challenges they face," explained Ronni Zehavi, senior vice president and general manager, Security Division, Akamai. "Together, IBM and Akamai can offer the right mix of technology and expertise to give our customers the peace of mind that their DDoS mitigation efforts are in the right hands."

About Akamai

Akamai(r) is the leading provider of cloud services for delivering, optimizing and securing online content and business applications. At the core of the Company's solutions is the Akamai Intelligent Platform(TM) providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting

24/7 consumer demand, and enabling enterprises to securely leverage the cloud.

To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

About IBM Security

IBM Security Services delivers the expertise, skills, and technology to help reduce the cost and complexity of securing IT infrastructures for IBM clients.

Powered by IBM X-FORCE(r) research and development, IBM solutions include planning and design through implementation, testing, monitoring and management of multi-vendor environments.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Companies Blindly Believe They've Locked Down Users' Mobile Use
Dawn Kawamoto, Associate Editor, Dark Reading,  11/14/2017
Microsoft Word Vuln Went Unnoticed for 17 Years: Report
Kelly Sheridan, Associate Editor, Dark Reading,  11/14/2017
121 Pieces of Malware Flagged on NSA Employee's Home Computer
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/16/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Managing Cyber-Risk
An online breach could have a huge impact on your organization. Here are some strategies for measuring and managing that risk.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.