Palo Alto Networks announced this week that it has agreed to acquire QRadar Software-as-a-Service (SaaS) offerings from IBM. This is a cloud service for organizations that are using this platform.
IBM continues to provide support for organizations running QRadar in on-premises IT environments. However, the companies are also committed to serving customers who choose to migrate to the Cortex XSIAM platform. IBM also committed to training more than 1,000 security consultants in the migration, implementation, and deployment of cybersecurity platforms and services developed by Palo Alto Networks.
Additionally, IBM will partner with Palo Alto Networks on security operations, threat management and DevSecOps to advance data security and identity and access management for hybrid cloud and artificial intelligence (AI) applications.
Finally, Palo Alto Networks plans to incorporate Watsonx Large-Scale Language Models (LLM) into Cortex XSIAM alongside the multiple AI models already embedded in SOC services.
Mitch Ashley, principal analyst at TechStrong Research, said the partnership should not only provide another use case for IBM Watsonx LLM, but also extend the AI capabilities Palo Alto is already investing in. .
Palo Alto Networks has advocated for a security information event management (SIEM) platform as an alternative for organizations to build and maintain their own SOC. The company's solution is based on a data lake, which allows the company to embed predictive and generative AI capabilities into Cortex XSIAM.
It's not clear how many organizations are looking to replace their SOC with one provided by a cybersecurity vendor, but in theory, organizations that rely on managed-as-a-service SOCs could use cybersecurity tools. You should be able to devote more resources to discovering and stopping threats than integrating them. And the service.
SIEM platforms are receiving increased attention as cybersecurity teams find themselves increasingly caught up in an AI arms race with cybercriminals. Many of the teams have the resources and expertise needed to leverage AI to increase the volume and sophistication of cyberattacks. Organizations that build their own SOCs often don't have access to a data corpus large enough to train their AI models. We expect more businesses to rely heavily on a variety of managed security services in the future.
Leveraging AI to alleviate cybersecurity talent shortages
The hope is that AI can partially alleviate the chronic cybersecurity talent shortage that has plagued organizations for decades. This is especially important as the amount of time organizations have to identify and mitigate threats before they incur huge losses continues to shrink.
In the meantime, cybersecurity teams should carefully evaluate vendor partners to ensure they have the resources they need over the long term. As AI becomes more widespread, this should ultimately benefit defenders. As always, with many cybersecurity budgets already limited, the challenge is finding the best way to take advantage of emerging technologies like AI without adding more cost.
Recent articles by author
