IBM Verify

We are excited to announce the General Availability (GA) of the Threat Detection and Remediation feature in IBM Verify!

This new capability empowers organizations to proactively detect and mitigate identity-related threats such as credential stuffing, brute force attacks, and login anomalies for resources protected by IBM Verify. Threat detection and remediation feature in IBM Verify provides advanced protection against emerging identity-based attacks, ensuring that your organization can safeguard its users, applications, and data in real time.

Why Threat Detection and Remediation in IBM Verify Matters:

As digital identity increasingly becomes the core of modern business, protecting against identity-related threats is more critical than ever. Threat detection and remediation feature in IBM Verify offers the ability to not only detect these threats but also automatically remediate them, ensuring a proactive defence against unauthorized access and potential breaches.

Threat detection and remediation feature in IBM Verify is available as part of the base use of the platform, so customers and partners with SSO subscription are entitled to use this capability. Whether you're a small enterprise or a large organization, you can take advantage of these powerful threat detection and remediation capabilities immediately.

How Threat Detection and Remediation in IBM Verify Protects Your Organization

Threat detection and remediation feature focuses on detecting and addressing key identity-related threats, including:

• X-Force Actionable IPs: Identifies and blocks malicious IPs flagged by X-Force. X-Force utilizes up-to-date and historical global threat intelligence to deliver risk indicators on malicious activities, such as malware and bots etc, enhancing detection and mitigation capabilities
• Failed Logins: Detects brute force attacks and abnormal login patterns that signal potential threats.
• Credential Stuffing: Prevents unauthorized access by detecting the use of compromised or common passwords in real time.
• Login deviations: Even though users are successfully logging in, Verify is able to detect the rate at which successful logins are happening to identify anomalous behaviour based on historical trends.

Key Benefits of Threat Detection and Remediation in IBM Verify:

1. Proactive threat detection: Threat detection and remediation feature identifies historical threat patterns across all Verify SaaS tenants and has a feed from X-Force. This enables organizations to detect threats early and respond swiftly, even if their specific environment isn’t directly targeted. For instance, if one Verify tenant experiences a credential stuffing attack, others can take preventive measures based on shared alerts, while also preserving and anonymizing the specific attack data such as impacted users, applications, and other data relevant to the initially attacked Verify tenant.

2. Automatic remediation: Threat detection and remediation feature automates the response to threats, such as blocking malicious IPs and resetting compromised user accounts, allowing organizations to move from detection to action seamlessly. This rapid response ensures that identity-based threats are addressed before they can cause damage. Based on severity, such as “Critical” and “Warning”, rule based mitigation can be applied.

3. Comprehensive insights and reporting: Threat detection and remediation feature delivers in-depth reports and visualizations, providing security teams with a clear understanding of detected threats, impacted users, and overall security posture. This valuable data allows for more informed decisions and the continuous refinement of security policies.

4. Seamless integration with existing security tools: Threat detection and remediation feature integrates smoothly with your existing security infrastructure. Using notification webhooks, threat alerts can be sent to third-party platforms like PagerDuty, Slack, or SIEM systems, ensuring a streamlined incident response process.

IBM Verify Identity Protection

The IBM Verify portfolio also offers an identity agnostic approach for expanded ITDR capabilities, regardless of which identity providers organizations have. IBM Verify Identity Protection expands the ITDR scope by consuming the threats found in IBM Verify as well as other IAM tools, combining  these threat feeds into IBM Verify Identity Protection. Threat detection and remediation feature in IBM Verify complements IBM Verify Identity Protection, allowing organizations to have a more comprehensive threat detection and remediation view across their entire IAM stack.

By continuously monitoring login activity and comparing it against historical patterns, ITDR helps organizations stay one step ahead of attackers and secure their digital identities.

Start Using Threat Detection and Remediation in IBM Verify Today

The threat detection and remediation feature is now available as part of the IBM Verify platform. We encourage all Verify customers to enable and explore full capabilities to strengthen their organization’s defences against identity-based threats.

For more information on how to configure and make the most of threat detection and remediation feature, please visit our documentation or reach out to your IBM representative.

Take your identity security to the next level with IBM Verify’s Threat Detection and Remediation.

Authors:

Priti Patil, STSM and Architect, IBM Verify Analytics and Gen AI

Milan Patel, Product Management, IBM Verify