IBM X-Force Red is a group of security professionals and ethical hackers whose goal is to help businesses discover vulnerabilities in their computer networks, hardware and software applications before cybercriminals do. X-Force Red, part of IBM Security Services, also examines human security vulnerabilities in daily processes and procedures that attackers often use to circumvent security controls.

X-Force Red Introduces The Red Portal

Today, IBM X-Force Red is announcing The Red Portal, a cloud-based collaboration platform for clients and security professionals that presents an end-to-end view of security testing programs. Clients can view real-time testing project milestones, vulnerabilities across all assets, reports of findings and the overall status of their managed testing program.

The industry expertise of X-Force Red is central to successfully building and maintaining a top-notch security testing program, and the collaborative nature of The Red Portal makes it easier than ever for clients to be involved in the testing process.

The Dashboard

The Dashboard page provides a real-time view of the client’s overall security testing program. They can see how many tests have been conducted and the total number of findings that have been identified, including the number of critical and high-risk items.

Clients can also view how many tests are in each phase of the testing process and whether any are awaiting additional client input. Up-to-date test statuses are a simple login away, allowing clients to embed themselves in the testing process as little or as much as they want.

Scheduling a Test

The Red Portal centralizes and streamlines all communications with X-Force Red and eliminates the need to pass sensitive target information through insecure methods. All test requests are made via one simple, secure form, and required target information is also collected here. All target and finding information is encrypted. Clients can also define their desired testing start date with the built-in scheduling capability.

Reviewing Findings and the Final Report

Once the security test has begun, clients can view findings as the tester makes them available — meaning remediation can begin immediately on the most critical items. After the test is complete, an interactive final report is available from the dashboard. The final report contains all findings, including details about the vulnerabilities, evidence of exploitation and detailed guidance for remediation and prioritization.

More from X-Force

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

13 min read - As of March 2024, X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents crafted to imitate authentic documents of government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents associated with finance, critical infrastructure, executive engagements, cyber security, maritime security, healthcare, business, and defense industrial production. Beginning in November 2023, X-Force observed ITG05…

Why federal agencies need a mission-centered cyber response

4 min read - Cybersecurity continues to be a top focus for government agencies with new cybersecurity requirements. Threats in recent years have crossed from the digital world to the physical and even involved critical infrastructure, such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the public sector, which includes government agencies, is up to $2.6 million from $2.07 million in 2022. Government agencies need to move…

CVE-2023-20078 technical analysis: Identifying and triggering a command injection vulnerability in Cisco IP phones

7 min read - CVE-2023-20078 catalogs an unauthenticated command injection vulnerability in the web-based management interface of Cisco 6800, 7800, and 8800 Series IP Phones with Multiplatform Firmware installed; however, limited technical analysis is publicly available. This article presents my findings while researching this vulnerability. In the end, the reader should be equipped with the information necessary to understand and trigger this vulnerability.Vulnerability detailsThe following Cisco Security Advisory (Cisco IP Phone 6800, 7800, and 8800 Series Web UI Vulnerabilities - Cisco) details CVE-2023-20078 and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today