Threat Management

We’re building the next wave of tools and methodologies to help security and operations teams detect, understand, and respond to advanced cybersecurity threats and attacks on their infrastructure and in the cloud, with automated threat detection, investigation, and deflection capabilities.

Our work

Projects

default.png

SysFlow

A cloud-native system telemetry framework that enables the creation of security analytics on a scalable, pluggable open-source platform.
  • Threat Management
  • Cloud Security
  • Security Analysis

Tech Preview: IBM Security Threat Investigator

Our team's work has been developed into a beta capability for the IBM Cloud Pak for Security. Threat Investigator finds cases that warrant an investigation and automatically starts investigating. It fetches artifacts that are attached to the cases, completes several rounds of data mining and then generates a timeline and MITRE ATT&CK chain graph of the incident.

Learn more

Publications

Tools + code

Related topics