It has been just over 2 years since we announced our strategic alliance with Cisco Security and set a vision for our industry on a more integrated and collaborative approach to cybersecurity.

I wanted to provide some highlights around our alliance, showcasing some of the great integrations we’ve jointly developed with Cisco to address a diverse set of threat vectors.

IBM Security and Cisco are following through on their “power of two” announcement of two years ago. They are serious about their strategic alliance in cyber security. A 3.0 version of their partnership really does seem to be taking shape. It would appear they really do mean business.   
–  HardenStance Analyst Report 

What We’re Hearing From Joint Customers

We’ve heard some common security concerns across our joint clients.

• Reduce product and vendor complexity with two trusted advisors
• Streamline workflows to make it easier for teams to get things done
• Maximize the value of existing investments with an end-to-end security approach
• Realize security outcomes with joint solutions across multiple threat vectors
• Automate threat detection and response across networks, users, endpoints and cloud

What We’re Delivering

Our strategic alliance delivers more effective security via integrated products, managed services, and shared threat intelligence while simplifying vendor relationships for joint customers. We have very little product overlap between portfolios enabling us to collaborate deeply to deliver joint solutions across networks, users, endpoint and cloud.

1. Integrated Products – Dozens of product integrations on the IBM Security App Exchange including multiple QRadar apps, Resilient and MaaS360 to enable customers to leverage their existing product investments and simplify workflows.
2. Security Services – Managed services for a number of Cisco technologies including XGS migration to Cisco Firepower NGFW and Endpoint Managed Services for Cisco Advanced Malware Protection for Endpoints (AMP4E).
3. Threat Intelligence –The two leading threat intel teams, Cisco Talos and IBM X-Force share data and come together to create the most comprehensive research available.

*Note: Statements regarding product plans are subject to change or withdrawal without notice

Security Outcomes

Below are a few examples of threat vectors that we are uniquely addressing with Cisco. In many cases, an analyst can take action directly from QRadar and Resilient without having to toggle between disparate tools.

Insider Threat – Detect suspicious activity and quarantine bad actors

QRadar associates the activity to the user credentials and also takes action against those users through rapid threat containment functionality in Cisco ISE, quarantining the user and locking down network access.

Cisco ISE App for QRadar

Ransomware – Automation between Resilient and Cisco speeds up response time

Suspicious malware sample is sent directly to Cisco Threat Grid which then detonates the file and pulls all relevant artifacts back into Resilient. Further threat analysis such as suspicious domain containment findings within Cisco Umbrella Investigate and Enforcement can also be pulled into the incident report.

Cisco Threat Grid and Umbrella with IBM Resilient

Next Steps

1. Watch our recent customer webinar: Simplifying Vendor Relationships with Cisco & IBM Security Solutions
2. Download latest Cisco apps for QRadar and Resilient
3. Visit our alliance website: ibm.com/security/community/cisco
4. Connect with our team: cisco-ibm-security@us.ibm.com