IT Infrastructure Security Lead at South Consult / Phakalane Data Center
Real User
2021-04-01T09:44:00Z
Apr 1, 2021
Focusing on collecting tactical indicators of compromise (IOCs) like ,domains, IP addresses and hashes sin not enough– teams need to map or act . We need More context on phishing , malware , botnets and Additional IOCs. We need highly actionable insights
I would like a lot more AI capabilities in terms of trying to contextualize more information happening in the IT department, then correlate it into this product. This type of information would ensure that we understand attacks before they happen from a release standpoint and have good releases in the future. Right now, we see IBM as an industry leader, and we are happy with that. However, more can be done with Watson and other product capabilities within that group. I would like to see this added into the product in the future to improve mean time to detect and mean time to respond. Therefore, we would like to have more AI capabilities to detect threats and improve its productivity from a cybersecurity standpoint.
Threat Intelligence Platforms help organizations identify, analyze, and mitigate cyber threats through comprehensive data aggregation, real-time threat detection, and actionable insights.
These platforms offer advanced capabilities to gather threat data from multiple sources, enabling security teams to make informed decisions and respond promptly to potential threats. They integrate with existing security infrastructure and provide customizable dashboards for easier monitoring.
...
It is very expensive.
I would like to see better integration with other systems, solutions, and vendors.
Focusing on collecting tactical indicators of compromise (IOCs) like ,domains, IP addresses and hashes sin not enough– teams need to map or act . We need More context on phishing , malware , botnets and Additional IOCs. We need highly actionable insights
I would like a lot more AI capabilities in terms of trying to contextualize more information happening in the IT department, then correlate it into this product. This type of information would ensure that we understand attacks before they happen from a release standpoint and have good releases in the future. Right now, we see IBM as an industry leader, and we are happy with that. However, more can be done with Watson and other product capabilities within that group. I would like to see this added into the product in the future to improve mean time to detect and mean time to respond. Therefore, we would like to have more AI capabilities to detect threats and improve its productivity from a cybersecurity standpoint.