menu icon

    Threat Management

    We’re building the next wave of tools and methodologies to help security and operations teams detect, understand, and respond to advanced cybersecurity threats and attacks on their infrastructure and in the cloud, with automated threat detection, investigation, and deflection capabilities.

    Our work

    Projects

    sysflow3.png

    SysFlow

    A cloud-native system telemetry framework that enables the creation of security analytics on a scalable, pluggable open-source platform.

    Tech Preview: IBM Security Threat Investigator

    Our team's work has been developed into a beta capability for the IBM Cloud Pak for Security. Threat Investigator finds cases that warrant an investigation and automatically starts investigating. It fetches artifacts that are attached to the cases, completes several rounds of data mining and then generates a timeline and MITRE ATT&CK chain graph of the incident.

    Learn more

    Publications

    Related topics