Watson, of course, is the crucial cog in what IBM calls the cognitive SOC, a concept the company plans to show off at this week’s RSA Conference in San Francisco.
There’s a lot of talk about using machine learning to spot anomalies in the network. Watson can do some of that and is adding the ability to interpret research reports, IBM claims — the result of having “read” more than 1 million security documents.
Part of the potential value of AI or machine learning in security would be to eliminate false positives. It might be intriguing to use AI to spot new types of attacks, but where security teams need help at the moment is in interpreting the massive amounts of data being generated by the network.
Watson will be at the heart of a new Cognitive SOC platform that IBM is offering. Humans will tap Watson through a tool called QRadar Advisor, which uses natural-language processing to glean information from blogs and research papers.
Also in the human-interface realm, IBM has announced a voice-powered assistant called Havyn. Still in the research stage, Havyn will run on IBM Cloud and the company’s BlueMix platform-as-a-service (PaaS).