Cookie policy: This site uses cookies (small files stored on your computer) to simplify and improve your experience of this website. Cookies are small text files stored on the device you are using to access this website. For more information on how we use and manage cookies please take a look at our privacy and cookie policies. Some parts of the site may not work properly if you choose not to accept cookies.

sections

IBM announces X-Force Red, a new security testing team

  • Print
  • Share
  • Comment
  • Save

We marvel at the name

IBM Security has formed ’X-Force Red’, a group of hundreds of security professionals and ethical hackers who discover vulnerabilities in computer networks, hardware, and software applications for businesses.

The team will also look at human security vulnerabilities, exploring areas such as social engineering and ransomware.

X-Force Red, IBM, IBM Security, cyber security, hack

Doctor Nemesis inspects a rack

Source: IBM

The human touch

Led by Charles Henderson, X-Force Red is based around the world, including in the United States, the United Kingdom, Australia and Japan. The group shares security intelligence with IBM X-Force Research, the IBM X-Force Exchange threat sharing platform, and IBM Security AppScan.

“Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked,” Charles Henderson said.

“Elite human testers can learn how an environment works and create unique attacks using techniques even more sophisticated than what the criminals have. IBM X-Force Red gives organizations the freedom to stay agile without creating blind spots in their security posture.”

IBM says the group’s four focus areas are:

  • Application – Penetration testing and source code review to identify security vulnerabilities in web, mobile, terminal, mainframe, and middleware platforms
  • Network – Penetration testing of internal, external, wireless, and other radio frequencies
  • Hardware – Verifying the security between the digital and physical realms by testing Internet of Things (IoT), wearable devices, point-of-sale (PoS) systems, ATMs, automotive systems, and self-checkout kiosks
  • Human – Performing simulations of phishing campaigns, social engineering, ransomware, and physical security violations to determine risks of human behavior

The team offers three versions of its service - individual projects, subscription-based testing, and managed testing programs - each of which comes with vulnerability analytics that are designed to improve security testing programs.

Source: IBM Security

 

Have your say

Please view our terms and conditions before submitting your comment.

required
required
required
required
  • Print
  • Share
  • Comment
  • Save

Webinars

More link