IBM EC-XTAS-S-B-003 Merkblatt
Z125-7848-01 10/2008
Page 2 of 2
The daily assessment is delivered by e-mail to each Customer registered security contact Monday
through Friday, United States Eastern Time. The e-mails provide information about the day’s
identified issues, in addition to a customized list of identified vulnerabilities, threats, and news
articles that pertain to the Customer’s business. As breaking news about critical vulnerabilities or
threats emerges, IBM may send separate e-mail notifications to inform Customers about an alert, an
advisory, or other security issues.
through Friday, United States Eastern Time. The e-mails provide information about the day’s
identified issues, in addition to a customized list of identified vulnerabilities, threats, and news
articles that pertain to the Customer’s business. As breaking news about critical vulnerabilities or
threats emerges, IBM may send separate e-mail notifications to inform Customers about an alert, an
advisory, or other security issues.
b.
Daily assessment and vulnerability watch alert customization
Through the Virtual-SOC, Customers can enable e-mail notifications and customize the content
delivered in the daily assessment. Customization options include logical categories of information,
such as business sector, region, and affected product (such as operating system, hardware,
application, browser, and Web server).
delivered in the daily assessment. Customization options include logical categories of information,
such as business sector, region, and affected product (such as operating system, hardware,
application, browser, and Web server).
c.
Comprehensive information about vulnerabilities, active threats, and other security news
The Virtual-SOC provides comprehensive and easily searchable information about known
vulnerabilities documented in the X-Force database, malware, Web defacements, security news,
port activity, and alerts/advisories published by X-Force and by the United States Computer
Emergency Readiness Team (“US-CERT”).
vulnerabilities documented in the X-Force database, malware, Web defacements, security news,
port activity, and alerts/advisories published by X-Force and by the United States Computer
Emergency Readiness Team (“US-CERT”).
d.
IBM X-Force Threat Insight Quarterly
The IBM X-Force Threat Insight Monthly is designed to highlight some of the most significant known
threats and challenges facing security professionals today. This report is a product of IBM
Managed Security Services and is compiled by the X-Force security intelligence team. Each issue
focuses on one or more issues and provides a recap of recent significant, identified, online threats.
threats and challenges facing security professionals today. This report is a product of IBM
Managed Security Services and is compiled by the X-Force security intelligence team. Each issue
focuses on one or more issues and provides a recap of recent significant, identified, online threats.
2.2.3 Virtual-SOC
The Virtual-SOC is a Web-based interface designed to enable delivery of key Service details and on-
demand protection solutions. The Virtual-SOC is designed to help deliver a consolidated view of the
Customer’s overall security posture. The portal is capable of merging data from multiple geographies and
technologies into a common interface, allowing for comprehensive analysis, alerting, remediation, and
reporting of identified threats and issues.
demand protection solutions. The Virtual-SOC is designed to help deliver a consolidated view of the
Customer’s overall security posture. The portal is capable of merging data from multiple geographies and
technologies into a common interface, allowing for comprehensive analysis, alerting, remediation, and
reporting of identified threats and issues.
The Virtual-SOC is designed to provide real-time access for communications including ticket creation,
security event handling, incident response, data presentation, report generation, and trend analysis.
security event handling, incident response, data presentation, report generation, and trend analysis.
2.2.4
Virtual SOC Integration
IBM makes available a Simple Object Access Protocol (“SOAP”) based Web services application
programming interface (“API”) for integration of XFTAS data into Customer environments. The API
provides a neatly formatted XML data stream that can be used by the Customer to pull XFTAS data from
the Virtual-SOC. Such data may then be included in Customer data sources for internal usage only.
Distribution licenses must be in place for all unique individuals who may have access to the data set. IBM
is responsible for ensuring that the API will deliver neatly formatted Extensible Markup Language (“XML”)
data for all data elements represented within the API documentation. Customer is responsible for all
aspects of data integration and understands that XML data feeds are provided as-is.
programming interface (“API”) for integration of XFTAS data into Customer environments. The API
provides a neatly formatted XML data stream that can be used by the Customer to pull XFTAS data from
the Virtual-SOC. Such data may then be included in Customer data sources for internal usage only.
Distribution licenses must be in place for all unique individuals who may have access to the data set. IBM
is responsible for ensuring that the API will deliver neatly formatted Extensible Markup Language (“XML”)
data for all data elements represented within the API documentation. Customer is responsible for all
aspects of data integration and understands that XML data feeds are provided as-is.
3. Customer
Responsibilities
The Customer is responsible for keeping their user ID and password information confidential and not
sharing it with anyone else.
sharing it with anyone else.
The Customer agrees to adhere to their licensing agreement and not forward XFTAS information to
individuals who do not have a proper license.
individuals who do not have a proper license.
The Customer is responsible for maintaining current contact information in the Account Management
section of the Virtual-SOC, configuring their e-mail alerting preferences, and tailoring their alerting
preferences for vulnerabilities and news that pertain to their organization (optional).
section of the Virtual-SOC, configuring their e-mail alerting preferences, and tailoring their alerting
preferences for vulnerabilities and news that pertain to their organization (optional).