IBM Security To Expand Incident Response Capabilities With Plans To Acquire Resilient Systems

Launches IBM X-Force Incident Response Services Builds on IBM Security Leadership in Threat Detection & Prevention

Select a topic or year

ARMONK, NY - 29 Feb 2016: IBM (NYSE: IBM) Security today announced a significant expansion of its security operations and incident response capabilities with its plans to acquire Resilient Systems, Inc. The incident response platform, pioneered by Resilient Systems, automates and orchestrates the many processes needed when dealing with cyber incidents – from breaches to lost devices. This enables clients to respond and mitigate cyber incidents more quickly while helping minimize their exposure.

As part of today's announcement, the company also launched the new IBM X-Force Incident Response Services, further expanding IBM’s capabilities by helping clients plan for, manage and respond to cyberattacks, tapping the knowledge of 3,000 consultants and security researchers globally. Resilient Systems’ award-winning platform will be a foundational component for these new services, along with IBM’s QRadar Security Intelligence Platform and planned integration with Resilient Systems’ technology across the full IBM Security portfolio.  The new services include a remote incident response capability to help clients map how a breach occurred and take action to shut it down.

Preparing for and responding to cyber attacks has proven to be a major challenge for organizations.  According to a recent Ponemon Institute study [1], 70 percent of U.S. security executives do not have a cyber security incident response plan in place. This has proven to be costly for business, with the average cost of a data breach rising to $3.8 million in 2015 – a 23 percent rise since 2013 according to a separate Ponemon study[2] .

"By adding Resilient Systems’ technology and expertise, IBM will have an industry-leading range of capabilities to help clients respond to cyber breaches, across consulting, services, and products," said Marc van Zadelhoff, General Manager, IBM Security. "IBM is the world's fastest-growing enterprise security company[3], and we lead the industry in the detection and prevention of cyber attacks. With our intent to acquire Resilient Systems, and our other announcements today, we are doubling down on the incident response market.  Cybersecurity needs to function like an immune system, both in preventing breaches, but also in quickly eradicating those that do occur.”

The new incident response capabilities significantly increase IBM Security’s capabilities. IBM already is the Security Intelligence market leader [4], enabling businesses to detect and prevent breaches.  IBM reached $2B in security revenue, outgrew the market, and hired 1,000 new experts into its security business in 2015. 

IBM Announces Intent to Acquire Resilient Systems

IBM today announced its intent to acquire Resilient Systems, a leader in security incident response solutions, based in Cambridge, Mass., with approximately 100 employees.  The Resilient Systems Incident Response Platform is used today by a wide variety of the Fortune 500 as well as mid-sized organizations across a range of industries, including financial services, healthcare, retail, U.S. federal, manufacturing, and education. Financial terms were not disclosed.  The transaction is expected to close later this year, subject to any required regulatory reviews.

Resilient Systems' incident response platform technology enables clients to respond to security breaches faster and with greater precision and coordination, allowing orchestration of response process across functions (security, HR, finance, government relations, etc.) and across security systems (those monitoring data, applications, end points, networks, etc.). It also helps clients to respond to increasing regulation.  Upon acquisition of Resilient Systems, IBM Security will have the industry's first integrated end-to-end Security Operation and Incident Response Platform offering. The platform will bring together security analytics, forensics and vulnerability management along with incident response into a coordinated approach for enterprise threat protection, detection and response.

"We are excited to be joining IBM Security, the industry's fastest-growing enterprise security company,” said John Bruce, Resilient Systems Co-Founder and CEO. “By combining, the market now has access to the leading prevention, detection and response technologies available in the same portfolio – the security trifecta.”

A major benefit will be the planned combinations of Resilient Systems’ Incident Response Platform with IBM QRadar Security Intelligence Incident Forensics, BigFix, IBM X-Force Exchange and IBM Incident Response Services that can enable an orchestrated process for addressing security incidents.  Enhanced analytics capabilities will also deliver an integrated incident response solution spanning organizational and product boundaries.

Resilient Systems' platform provides a comprehensive set of response playbooks for different incident types and a knowledgebase of global regulatory requirements and compliance actions. This provides best practices for responding to a range of incidents, from malware and DDoS attacks to data loss.  It enables users across the organization to collaborate in the response process and provides instant access data from more than a dozen cyber threat intelligence feeds, and other integrated cyber security and IT systems, including IBM's X-Force Exchange, one of the largest threat intelligence databases in the world.

Launches IBM X-Force Incident Response Services

IBM today also launched new X-Force Incident Response Services, which include consulting and managed security services to help clients manage all aspects of responding to a cyber breach. IBM X-Force security experts will help clients develop response strategies, including Computer Incident Response Team playbooks, and a means to more effectively discover, track, respond to and report on security incidents.  These new capabilities will be further enhanced through the planned acquisition of Resilient Systems.

The new services will also include a new remote incident response service, which actively hunts for threats and allows IBM security experts to remotely manage active attacks via the cloud. Part of this capability will be enhanced via technology from Carbon Black, which will enable IBM security analysts to conduct security forensics on compromised endpoint devices, determine where a breach first occurred, map it across other devices, contain it quickly and take action to shut it down.

For more information on today’s announcement, please visit:

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world’s broadest security research, development and delivery organizations, monitors 20 billion security events per day in more than 130 countries, and holds more than 3,000 security patents. For more information, please visit, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

About Resilient Systems

Resilient Systems’ mission is to help organizations thrive in the face of any cyberattack or business crisis. Our award-winning Incident Response Platform (IRP) empowers security teams to analyze, respond to and mitigate incidents faster, smarter and more efficiently. Resilient Systems is fast becoming an industry standard solution for incident response. The IRP integrates other security technologies into a single hub and provides easy workflow customization and process automation. Armed with Resilient Systems, security teams can have comprehensive response capabilities. Headquartered in the US, Resilient Systems has more than 100 global customers, including 30 of the Fortune 500 and partners in more than 20 countries. Learn more at www.Resilient 

Resilient Systems and Resilient Systems are trademarks of Resilient Systems, Inc.

Disclaimer: IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. The development, release, and timing of any future features or functionality described for our products remains at our sole discretion.

Gartner disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.


[1] The Cyber Resilient Organization: Learning to Thrive Against Threats, by Ponemon Institute, published September 18, 2015

[2] 2015 Cost of Data Breach Study: Global Analysis, by Ponemon Institute, published May 27, 2015

[3] Gartner “Market Share Analysis: Security Software, Worldwide, 2014,” published May 15, 2015

[4] Gartner “Magic Quadrant for Security Information and Event Management” by Kelly M. Kavanagh, Oliver Rochford, July 20, 2015

Related XML feeds
Topics XML feeds
IBM Security
IBM solutions that help with security, risk management, and compliance