IBM is expanding the role of its security-software package for hybrid-cloud deployments by improving the gathering of security data collected within customer networks and drawing on third-party threat-intelligence feeds, among other upgrades.\nIBM\u2019s Cloud Pak for Security, which features open-source technology for hunting threats and automation capabilities to speed response to cyberattacks, can bring together on a single console data gathered by customers\u2019 existing security point products.\nIBM Cloud Paks are bundles of Red Hat\u2019s Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.\n\n\u201cCustomers are overwhelmed with point security products\u2014the average customer has more than 50\u2014that make gaining insights and quickly responding to threats and attacks difficult,\u201d said Justin Youngblood, vice president of IBM Security.\nCloud Pak for Security was rolled out about a year ago, and a new release expands its integration capabilities to include feeds from data stored and accessed from distributed locations. The system now supports IBM\u2019s Security Guardian system that Big Blue offers to protect databases, data warehouses and big data environments such as Hadoop.\nWith that information the security team can determine where sensitive data resides across hybrid-cloud environments, as well as who has access to it, how it is used and the best way to protect it, Youngblood said. \u00a0\nHistorically, customers have had different, siloed teams such as security operations management and data management that take care of databases, for example, and getting the information from those two groups to solve problems was slow and difficult, Youngblood said. Cloud Pak for Security coordinates security and data on one console so customers can more quickly remediate problems or define automated responses to threats, Youngblood said.\nIBM said that the current Cloud Pak for Security release includes 25 pre-built connections to IBM and third-party data sources as well as 165 case-management integrations which describe out-of-the-box automation and orchestration playbooks to streamline response actions for security teams.\nThe new release also includes support for multivendor threat-intelligence databases.\u00a0 Aside from its own X-Force Threat Intelligence Feed, the platform will also include pre-built integration with \u00a0AlienVault OTX, Cisco Threatgrid, MaxMind Geolocation, SANS Internet StormCenter and Virustotal.\n\u201cThe idea is to help customers get enriched, up-to-date threat information from as many sources as possible so they can accurately and quickly respond to a threat situation,\u201d Youngblood said. He said the continued integration of security intelligence is important as customers tie in more resources from cloud providers and support growing COVID-era remote-network workloads.\nIBM said it will also offer a new managed service offering based on Cloud Pak for Security that would offer enterprise customers or other service providers a turnkey platform to support end-to-end threat management.