Global Storage Forum

 View Only

Prioritizing Threat Detection with IBM Storage Defender and Predatar: The Role of AI @ IBM TechXchange 2023

By Del Hoobler posted Fri August 18, 2023 10:12 AM


Prioritizing Threat Detection with IBM Storage Defender and Predatar: The Role of AI

In today's increasingly interconnected world, cybersecurity remains a paramount concern. Ransomware, a form of malicious software that encrypts a victim's data until a ransom is paid, continues to plague businesses and individuals alike. It's crucial for organizations to rapidly detect and respond to these threats. Yet, with the barrage of alerts coming from security, backup and primary storage platform, how can you separate the real signals of cyber crime from the noise? Enter Artificial Intelligence (AI).

 Why Combine Alerts Using AI?

  1. Efficiency: Manually sifting through countless alerts from various platforms is tedious and error-prone. AI can process vast amounts of data in a fraction of the time, pinpointing potential threats swiftly.
  1. Precision: AI can correlate disparate alerts and contextualize them. For instance, an anomaly in primary storage that aligns with a SIEM alert might be a significant threat. AI can recognize these patterns, thus reducing false positives and honing in on real threats.
  1. Proactive Defense: By analyzing patterns, AI can predict potential ransomware threats before they manifest, ensuring that defenses are in place in advance.

Automated Recovery Assurance Tests and Malware Scans

After identifying the potential ransomware threat, the immediate next step is verification and containment. Here, AI can automate the process by:

  1. Running Recovery Tests: Before a disaster strikes, it's crucial to know if our backups and primary snapshots are sound. AI can take potential threat signals and use them to run recovery tests, ensuring that our backup and snapshot recovery mechanisms are robust and ready. This gives you the assurance that should the worst happen you will be able to recover.
  1. Malware Scans in Isolation: Using the identified threats, AI can automate malware scans on both primary snapshots and backups. To ensure no further contamination, these scans are run in isolated sandbox environments which IBM and Predatar call a CleanRoomTM.

Benefits of No Human Intervention

  1. Speed: Every second counts in ransomware defense. Automated AI responses ensure immediate action.
  1. 24/7 Coverage: Threats don't stick to business hours. AI provides constant vigilance, ensuring no downtime in defense.
  1. Consistency: Automated responses ensure that every alert is treated with the same rigor, reducing the scope of human error.

In conclusion, as ransomware threats evolve, our defense mechanisms must keep pace. The Predatar platform incorporates state of the art AI to streamline alert processing, threat identification, and response testing for IBM customers. The synergy of Predatar AI with both your IBM Defender and existing IBM data protection platforms will ensure a safer digital realm and boost recovery assurance for your organization. 

To find out more about the exciting topic of AI and Cyber Threats come and listen to Del Hoobler and Rick Norgate at IBM TechXchange 2023 bring this to life in session number 2592 which is titledEnsuring Unparalleled Data Resiliency with Predatar & IBM Storage Defender’  on Tuesday, Sep 12 at 3:45 PM - 4:45 PM PDT, Room 264, Level 2.

See you there!

Rick Norgate

Del Hoobler