IBM aims for autonomous security operations

IBM has added new agentic and automation capabilities to its managed detection and response (MDR) services to help customers more quickly and efficiently secure enterprise resources.

Specifically, Big Blue is launching an agentic AI system called Autonomous Threat Operations Machine (ATOM), which is designed to provide automated threat triage, investigation, and remediation and reduce the need for human intervention when responding to threats.

ATOM uses AI-based agents and an orchestration engine to augment an organisation’s existing security analytics systems and accelerate threat detection, analyse alerts, perform risk analysis, and execute investigation plans. The agents use generative AI to correlate threat activity, curate threat intelligence, automate hunts, and generate risk assessments to mitigate attacks and prioritise remediation, IBM stated. ATOM then handles the interactions and workflows between AI agents to assess and prioritise alerts so that security teams can focus on high-risk threats rather than false positives or low-risk dangers.

ATOM can take in information from an organisation’s existing security analytics telemetry as well as from other vendors’ security systems, such as Google Cloud and Microsoft.

IBM also announced a new X-Force Predictive Threat Intelligence (PTI) agent for ATOM that uses vertical-specific AI foundation models to identify patterns and predict future attack vectors and techniques. The PTI agent gathers data from more than 100 sources, including IBM’s own X-Force Threat Intelligence platform, open-source threat detection information, data from third-party security tools and other automated sources, and user-supplied organisational data. 

In a 2024 report, research firm IDC said IBM’s MDR service is one of the more advanced management systems in the marketplace:

“IBM’s proactive threat hunting augments traditional security solutions to uncover anomalous activity and IBM’s proactive threat hunters work with organisations to help identify their crown jewel assets and critical concerns. This input enables the threat hunting team to create fully tailored threat hunt reports and customised detections,” IDC stated. “AI/ML capabilities filter alerts based on activity observed across its entire global footprint of security operations centres for the past two years, reducing false positives and accelerating detection, so teams can focus on high-priority threats, including rare event detection.”

R&D for mainframe, quantum

IBM also announced it will invest $150 billion in the U.S. over the next five years. That includes an investment of more than $30 billion in research and development to advance and continue IBM’s manufacturing of mainframe and quantum computers.

IBM recently announced the next generation of its venerable mainframe system, available in June. 

At the heart of the new z17 mainframe is the 5.5 GHz IBM Telum II processor, which includes a built-in AI accelerator that IBM says will let customers run more than 450 billion inferencing operations in a day with one millisecond response time. The processor supports eight CPU cores per chip, 32 cores per system, and 36MB L2 cache memory, and it can run 24 trillion operations per second – a 40% increase in system throughput and fourfold reduction in overall latency compared to the existing Telum, IBM stated.

On the quantum computing front, IBM has been developing systems for a number of years and claims to have the largest fleet of quantum computers in the industry. Late last year, IBM launched its most advanced quantum computer to date featuring the 156-qubit Heron quantum processor. That system doubled the previous IBM system’s quantum computing capacity and completed a task in 2.2 hours that previously took 112 hours.

IBM’s quantum roadmap has the company delivering a fully error-corrected system in 2029. It expects to have a quantum computer with over 2,000 error-corrected qubits — or logical qubits — after 2033. Its Quantum Network provides access to IBM’s quantum systems for nearly 300 Fortune 500 companies, academic institutions, national laboratories, and startups and is accessed by over 600,000 active users, the company said.

“Enabling these solutions will not only help us better understand the fundamentals of how the world works but are projected to transform American competitiveness, jobs, and national security,” IBM stated.