IBM Security announces configurable ReaQta-Cloud threat scores and new APIs for SaaS customers in latest release 3.9.0
- Major ReaQta-Cloud upgrade for automated actions against artifacts depending on their threat score
- New APIs for a better integration within customer workflows and ecosystems
ReaQta is pleased to announce the cloud update for its SaaS customers that will offer a more flexible and robust solution to get more work done, faster. A major upgrade of the ReaQta-Cloud underscores ReaQta’s product leadership with customizable threat scores, that can easily be adapted to fit unique customer environments.
Automated actions against artifacts depending on their threat score
With a major upgrade of ReaQta-Cloud, our cloud-based detection service, customers are now able to automatically take actions against artifacts depending on their threat score, which significantly reduces time and effort needed to manage endpoint environments. Managed Security Service Providers (MSSP) will also greatly benefit as threats detected once, can automatically be blocked on other instances.
ReaQta-Cloud associates threat scores to each artifact observed in the infrastructure and starting from 3.9.0 administrators will be able to configure ReaQta-Cloud to automatically take actions against artifacts depending on their threat score. The new configuration page allows administrators to quickly enable actions to automatically alert, or even block, artifacts that exceed threat score thresholds.
(Screenshot of ReaQta-Cloud Configuration Dashboard)
ReaQta-Cloud is an additional layer of autonomous detection and response, that will detect and respond automatically to known threats. Customers can easily define a threat score range, where alerts with threat scores above a pre-defined range are automatically blocked, while alerts with lower threat score are ignored. This allows analysts to focus on alerts that matter, saving precious time and effort.
The ReaQta-Cloud defensive mechanism is complementary to the existing behavioral detections and anti-malware components.
New APIs for a better integration in customer workflows and ecosystems
To connect better in our customers' ecosystems, we are pleased to announce the release of additional APIs. Customers can leverage these APIs to retrieve all the events associated with an alert, gain additional enriched telemetry for applications connected to ReaQta EDR giving them full-context to the retrieved alerts.
(Screenshot of ReaQta-Cloud API Connectors)
The management and automation of ReaQta via third-party apps has been improved. Endpoints can now be persistently isolated and alert details be exposed by a new sortable field that reflects when the latest modification to the alert took place.
In addition, version 3.9.0 of ReaQta enhances its integration into the IBM Threat Management ecosystem with (a) the IBM Security ReaQta Universal Data Insights Connector to run Cloud Pak federated investigations against IBM Security ReaQta and (b) the IBM ReaQta for IBM SOAR application that offers a bidirectional synchronization of ReaQta alerts to IBM SOAR along with action level functions.
For more information on IBM Security ReaQta and an EDR buyers guide, please visit our website.