Categories: Security

IBM Launches X-Force Red Pen Testing Task Force

IBM has created a new security squadron composed of ethical hackers and cybersecurity professionals with the goal of testing weaknesses in enterprise security before cybercriminals can attack.

The group is called X-Force Red, an apt amalgamation that true American patriots and X-Wing pilot Luke Skywalker would be proud of.

The team, part of IBM Security Services, will also examine human security vulnerabilities in daily processes and procedures that attackers often use to get around security.

Global network

X-Force Red will be led by IBM’s Charles Henderson, a penetration testing expert. The team will also draw on a global network of hundreds of security professionals based in dozens of locations around the world, including the United States, the United Kingdom, Australia and Japan.

“Having a machine scan your servers and source code is a great step to help prevent data breaches, but the human element of security testing cannot be overlooked,” said Henderson.

“Elite human testers can learn how an environment works and create unique attacks using techniques even more sophisticated than what the criminals have. IBM X-Force Red gives organizations the freedom to stay agile without creating blind spots in their security posture.”

X-Force Red will have four focus areas, according to IBM: application, network, hardware and human.

The application aspect will carry out penetration testing and source code review to find vulnerabilities in web, mobile, terminal, mainframe and middleware platforms. On networks, X-Force Red will conduct penetration testing of internal, external, wireless and other radio frequencies.

In hardware, IBM will look at verifying the security between the digital and physical realms by testing IoT, PoS systems, ATMs and wearable devices. X-Force Red will also perform simulations of phishing campaigns, social engineering, ransomware and physical security violations to determine the risks of human behaviour.

IBM X-Force Red provides security testing services in three models: individual projects, subscription-based testing, and managed testing programs. The subscription model offers significant costflexibility by pre-allocating testing funds without defining specific testing targets or even test types, claims IBM.

IBM said that the managed testing programs are ideal for customers without the security staff to determine testing priorities, document remediation requirements, and enforce policies.

Take our cybersecurity in 2016 quiz here!

Ben Sullivan

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Recent Posts

EU To Assess Apple’s iPad Compliance Plans

European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…

17 mins ago

James Dyson Says ‘Spiteful’ Budget Will Kill Start-Ups

James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…

47 mins ago

Nvidia, Meta Ask Supreme Court To Axe Investor Lawsuits

Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…

1 hour ago

Nvidia To Replace Intel On Dow Jones Industrial Average

Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…

2 hours ago

Toyota-Backed Joby Flies ‘Air Taxi’ In Japan

Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…

2 hours ago

Nvidia Asked SK Hynix To Advance Next-Gen AI Memory Production

SK Hynix says Nvidia chief executive Jensen Huang asked if production of next-gen HBM4 memory…

3 hours ago