Kyndryl unveils incident response and forensics service, AWS threat intelligence collaboration

IT infrastructure services provider Kyndryl has announced a new cybersecurity incident response and forensics (CSIRF) service as well as a new threat intelligence collaboration with AWS. The CSIRF will help customers proactively prepare for and respond to threats by applying the latest threat intelligence and experience from Kyndryl’s security experts, the firm said. Its partnership with AWS will combine operational IT data across cybersecurity, compliance, and resilience to provide actionable insights and security intelligence driven by industry standards and best practice methods, it added.

CSIRF service offers incident response, threat intelligence, compliance monitoring

Kyndryl’s new CSIRF service helps customers investigate and respond to detected security incidents by leveraging capabilities such as incident triage, incident response, threat intelligence, and compliance monitoring and management, the firm said in a press release. Customers also have the option to select proactive services that may reduce the time to respond to an incident, it added.

In the event of an occurrence such as ransomware, for example, Kyndryl’s CSIRF experts will provide on-demand, hands-on support to assist in resolving threats to a customer’s business, according to the company. The CSIRF service complements Kyndryl’s existing Recovery Retainer Service, which is designed to help customers recover and rebuild their environments after catastrophic events.

Kyndryl, AWS threat intelligence collaboration powered by Amazon Security Lake

Kyndryl collaboration with AWS sees the launch the Security Operations Platform, the firm wrote in a blog. Powered by Amazon Security Lake, Kyndryl’s open integration platform Kyndryl Bridge, and the Open Cybersecurity Schema Framework (OCSF) standard, the platform will provide actionable insights and security intelligence to help support security resilience for customers. Kyndryl said it cyber experts will manage the infrastructure and monitor the environment for security events and, in the event of a major attack, will implement recovery platforms to ensure minimal interruptions to core business platforms.

Last week, AWS announced the general availability of Amazon Security Lake, a service that centralizes an organization’s security data from across its AWS environments. More than 55 customers and partners currently integrate with Amazon Security Lake including SentinelOne, Splunk, and Wiz, according to Amazon. Trellix and Netskope both recently announced new Amazon Security Lake support to enhance threat detection and remediation for their customers.