April 13, 2017 By Christopher Kalamaras 3 min read

This weekend, Sergio Garcia won his first Major at the Masters, finally earning himself the coveted Green Jacket after 74 starts at a major. But while Sergio was making strides on the course, IBM’s Watson was hard at work behind the scenes, helping the Masters digital team defend against cybersecurity threats.

During the 20 years that IBM has been helping the Masters manage its digital platforms, the cybersecurity landscape has changed dramatically. Attacks have become more sophisticated as hackers collaborate across geographies and use increasingly advanced infrastructure and techniques. So it goes without saying that the tools that we use to defend against them must also adapt to keep pace. Enter Watson for Cyber Security.

A team of IBM analysts monitor the Masters digital platforms around the clock and are faced with the daunting task of analyzing tens of thousands of potential security threats per day. As with most high-profile events, the prominence of the Masters makes it a target for hackers seeking fame or fortune. Nearly every year, Masters.com is threatened by outside forces, and it’s up to our team to ensure that Masters.com remains up and running for the millions of fans who use it to view the latest scores on the leader board, watch live video, view highlights, and read articles.

What goes on behind the scenes to protect Masters.com? Using their unique skills and experience, our team of analysts must comb through vast amounts of security data to prioritize and respond to the most pressing threats, separating them from a sea of potential incidents. During the week of the Masters, that volume of data increases significantly.

This year, for the first time ever, our analysts had a new teammate in their corner: Watson for Cyber Security. Watson is a cognitive technology that has been trained to understand the language of security by reading and interpreting over a million cybersecurity-related documents. This not only allows Watson to stay up to date on the latest security research that is being published every day, but also to make unique correlations between current threat research and security events happening within the Masters cloud environment.

For example, during the Masters, our team was analyzing a denial-of-service (DoS) attempt where the attacker was using an outdated method of attack that is, in most cases, no longer relevant. So why would a criminal even bother attempting this type of outdated attack? Our lead security analyst, Johnathan Van Houten, explained it best, saying, “The denial-of-service attempt was a cover for the malware, spam and minimal port scanning that they were also doing in secret. The idea is misdirection — by attempting to distract our team with a noisy DoS attempt, they’re hoping we don’t look to find the man behind the curtain.”

Now, even with Johnathan’s 20+ years of experience in IT security, it would have been difficult and time-consuming for him to see beyond that initial attack attempt. In this case, it was the insights generated by Watson that expanded on the initial attack with the click of the button, bringing to light the man behind the curtain.

This is just one of many examples throughout the event where Watson gave us the power of cognitive insights to see beyond what our analysts would see, and in a much shorter amount of time. In events such as these, speed is our most critical resource — even a few minutes of downtime can mean a negative experience for Masters.com users. Our team used Watson for Cyber Security to investigate these incidents in a matter of minutes.

Essentially, Watson helps bring the power of man and machine together to prioritize the most critical threats and investigate them more quickly, allowing our team of specialists to focus on what matters most — the user experience. With the help of Watson for Cyber Security, we rounded off yet another successful year for the Masters, keeping all IT assets running smoothly so that fans around the world could focus on what matters most to them: the golf.

More from

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

4 ways to bring cybersecurity into your community

4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept of a culture of cybersecurity and take it from where it currently stands as an organizational responsibility to a global perspective.When every person who uses technology — for work, personal use and school — views cybersecurity as their responsibility, it…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today