Overview
IBM Security X-Force Threat Management (XFTM) Service provides 24/7 monitoring and investigation of alerts produced by AWS Security Partner SIEM technologies as well as alerting and incident response capabilities.
The convergence of IT with cloud-native security, OT and IoT domains requires integrated cybersecurity. XFTM NIST-based approach integrates insight, detection, investigation, and response for threats across your AWS environments, traditional IT, and unmanaged and connected devices at scale. The IBM Security platform ingests security information from many AWS native controls including GuardDuty, CloudTrail, SecurityHub, Network Firewall, Detective and others.
XFTM provides clients with visibility across their AWS cloud and hybrid environment and proactive management of threats with consistent, reliable outcomes. Our cloud-based managed service leverages AWS cloud-native security capabilities to provide a SOAR-powered (Security Orchestration, Automation and Response) workflow for end-to-end threat management across AWS and hybrid cloud environments.
Globally available with regional delivery capabilities, XFTM can be packaged to provide market-leading consulting and systems integration, offensive security, incident response, cloud security and managed security services aligned to the NIST CSF to help clients programmatically grow and transform enterprise security operations.
Additionally, XFTM can be packaged to include other key IBM managed security services functions for AWS:
- AWS Infrastructure Vulnerability Scanning
- AWS Resources Inventory Visibility
- AWS Security Best Practices Monitoring
- AWS Compliance Monitoring
- Managed Network Intrusion Detection/Prevention System (IDS/IPS)
- Managed Detection and Response for AWS Endpoints
- Distributed Denial of Service (DDoS) Protection
- Managed Web Application Firewall (WAF)
XFTM services can vary both in duration and engagement type.** Actual fee will vary depending upon scope.** Recurring managed security services fees typically start between $10,000-$30,000 US. Each customer’s requirements and maturity are uniquely considered to determine the applicable approach, which may consist of:
- Cloud security consulting services to assess and develop your AWS and hybrid cloud strategy
- Consulting services for the assessment, design, implementation and alignment of AWS native security services with enterprise security operations
- Design and build of AWS and hybrid cloud security operations centers
- 24/7 managed security services and managed extended detection and response solution over time
Start your X-Force Threat Management (XFTM) journey with IBM’s AWS Threat Management Assessment. IBM’s 3-day assessment identifies gaps in your AWS hybrid cloud security program and provides directional recommendations to improve security operations, incident response, compliance and governance.
Highlights
- AWS Security Partner SIEMs supported for 24/7 monitoring and management – IBM Security QRadar or Splunk. IBM XFTM service increases SIEM performance by using IBM Security’s proprietary Threat Detection Insights (TDI) and the MITRE ATT&CK framework for continuous tuning and risk analysis
- Integration with AWS cloud native security controls for visibility across AWS and hybrid cloud environments.
- Faster threat identification using our patented IBM Security AI and machine learning dispositioning system which reduces false positive alerting by 70% or more. Faster threat defense using artificial intelligence (AI) machine learning and integrated IBM Security SOAR capabilities that enable automated and human response actions.
Details
Pricing
Custom pricing options
Legal
Content disclaimer
Support
Vendor support
For Sales Support:
- Call IBM Security sales at 1 877-426-3774 Priority code: Security
- Contact us online at www.ibm.com/account/reg/us-en/signup?formid=MAIL-security
- Click on the “Continue” button in the orange box above to the right.
For Global Security Operations Center, 24x7, 365 days per year
- Existing customers, please contact IBM Security MSS Virtual SOC Portal for existing MSS subscription customers with an existing IBM ID: portal.sec.ibm.com
IBM Security Operations Centers for active support
- Phone: (877) 563-8739
- Intl Phone: +1 (404) 236 3290
- Email: ibmsoc@us.ibm.com