Cloud Security , Open XDR , Security Information & Event Management (SIEM)
AI-Driven Partnership for Enhanced Threat Detection
Palo Alto Networks' Kin and IBM's Shriner on Cloud Risks and AI SolutionsOrganizations face increasing risks as attackers exploit cloud vulnerabilities, often using artificial intelligence tools to find them. Organizations are making themselves easier to exploit, and 99% of cloud environments suffer from over-provisioned accounts, said Kevin Kin, global vice president of systems engineering at Palo Alto Networks. This issue, Kin said, stems from rapid cloud growth and cloud management challenges.
Matt Shriner, global executive partner of threat management at IBM, said there's been a shift from brute force attacks to more refined methods such as Kerberoasting, which targets the Kerberos authentication process used by Microsoft Active Directory, enabling attackers to exploit many users over time.
The integration of AI tools is vital to enhancing security, Kin said. The attackers "are using the same tools that we as defenders are using. We're using AI not only to protect information. As defenders, we're using AI to get a better handle on the environment ... We know our data better than they know our data," he said.
IBM and Palo Alto Networks have joined forces to integrate AI into their security solutions. IBM's watsonx capabilities will be merged with Palo Alto Networks' Cortex XSIAM suite to bolster threat detection and response.
In this video interview with Information Security Media Group at Black Hat 2024, Shriner and Kin also discussed:
- How the proliferation of multiple security tools creates management challenges;
- The challenges and transformations in modern enterprise security;
- The need for security leaders to assess their current tools.
At Palo Alto Networks, Kin leads the global Cortex systems engineering team focused on next-generation security platforms such as XDR, XSOAR, Xpanse and XSIAM. He has more than 20 years of experience in technical presales, network security and system deployment and an extensive understanding of the challenges and opportunities confronting security operations in the evolving threat landscape.
Shriner oversees the growth and management of the cybersecurity threat management portfolio, providing thought leadership, sales guidance and delivery oversight across global geographies at IBM. He has more than 20 years of experience in cybersecurity, cloud computing and SaaS.