IBM Brings Watson Cognitive Computing To The SOC

Technology known for a Jeopardy stunt six years ago is now powering question answering within IBM Securitys QRadar system.

IBM hopes to elevate artificial intelligence and cognitive computing way beyond party tricks and game show supremacy and as a part of that push, Big Blue picked cybersecurity as a prime market to explore the possibilities. Today, IBM announced that its officially marrying up its cybersecurity portfolio with the vaunted Watson questioning answering system.
Known best for its performance as a contestant on the game show Jeopardy in 2011, Watson was engineered to ingest vast quantities of data on any given subject in order to receive and answer questions in a conversational fashion. A system specifically developed to tackle Jeopardy, this cognitive technology uses natural language processing and machine learning to sift through data sources, synthesize information contained within, find and rank hypotheses and come up with a precise answer to the users questions.
In the ensuing six years since Watsons success in winning a $1 million first prize in Jeopardy against two human champions, IBM has not only refined Watsons engine but al so been on the look out for ideal business cases to put the technology to use. The firm has achieved early successes in medical decisioning technologies, tracking customer and social media sentiment, and analyzing satellite and municipal data to track water use for drought mitigation.
With the growing problem of alert fatigue and a shortage of skilled security analysts, the industry seemed like it was crying out for Watsons help. The idea is to pair security operations center (SOC) technologies with Watsons processing capabilities so that analysts can ask the system questions about their data and existing threat posture, and receive meaningful advice on further action.
The announcement follows a year of learning for Watson, which for the past 12 months has been trained on the language of cybersecurity, ingesting over 1 million security documents in the process.
Weve been teaching it for basically about a year, and it’s learned a lot along the way and it’s got a lot smarter along the way. It can read a ton more than it ever could before, says Caleb Barlow, vice president of threat intelligence for IBM Security. And now were at the point where it’s kind of graduated college and it’s time to go get that first real job.
According to Barlow, IBMs intent is to take the strain off of teams who cant afford or find enough skilled operators to manage the volume of advanced threats that barrage enterprise networks. Not only will they be able to make faster decisions, but they should be able to do it with more complete data. For instance, he referenced one competition a customer created during beta where they pit a team of experienced analysts against a team of junior analysts armed with Watson. They were given a certain security incident and an hour to look into it. The skilled analysts were able to confirm that attackers were testing the network with an attempt at brute force password attacks, but believed that nothing further had occurred. Meanwhile, the Watson team identified those attempts but also were able to connect it with a form of malware, and then identify that the malware was actually on the network tied to the same threat actor.
So, as you can imagine, that’s a very exciting find for that security team, Barlow says, because now they know exactly how to go to address it, and they know, Wait a minute, this isn’t somebody who’s knocking at the door, this entity’s actually already in the door; theyre just trying to get more access.
The centerpiece of what IBM calls its Cognitive SOC paltform will be IBM QRadar Watson Advisor, which brings together Watson with its QRadar security intelligence platform. The natural language processing capabilities will sift through a variety of security sources, including security blogs, websites, research papers and combine that with threat intelligence and security data from users QRadar systems. IBM will also be bringing cognitive tools to its global X-Force Command Center network and has rolled out a Watson-powered chat bot for IBM Managed Security Services customers. Additionally, the company has a new project codenamed Havyn, which plans to also add voice-activated capabilities so that analysts can query the system by speaking plain-language questions aloud.
Related Content:
How Artificial Intelligence Will Solve The Security Skills Shortage
Introducing Deep Learning: Boosting Cybersecurity With An Artificial Brain
Improving Attribution & Malware Identification With Machine Learning

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
IBM Brings Watson Cognitive Computing To The SOC