Expanded Posture Management for IBM Cloud Now Available in IBM Cloud Security and Compliance Center Workload Protection
Confidently unify and manage your security and compliance posture across your hybrid multicloud environment including IBM Cloud.
As enterprises are modernizing through their hybrid multicloud journey, they are continually facing rising challenges gaining visibility into and managing security risks efficiently and quickly across their critical workloads.
For example, cloud misconfigurations account for 15% of initial attack vectors in security breaches—the third most common initial attack vector in the breaches analyzed in IBM’s Cost of a Data Breach report. Implementing a robust compliance and governance strategy tailored for cloud environments ensures that such breaches are minimized.
IBM Cloud Security and Compliance Center (SCC) Workload Protection provides a comprehensive and unified cloud security and compliance solution, enabling organizations to centrally manage and secure across hybrid multicloud environments and critical workloads.
What is SCC Workload Protection?
SCC Workload Protection is IBM Cloud’s Cloud-Native Application Protection Platform (CNAPP) designed for hybrid multicloud environments. This comprehensive security solution offers centralized visibility and inventory, cloud security posture management (CSPM), and cloud workload protection(CWP) and vulnerability management(VM) across multicloud setups.
What’s New: Expanded Posture Management (CSPM) for IBM Cloud with SCC Workload Protection
Throughout 2024, there have been significant enhancements to SCC Workload Protection.
-
Providing organizations with a unified posture view across hybrid and multicloud environments, cloud security posture management (CSPM) now extends to IBM Cloud. Note: AWS, Microsoft Azure and Google Cloud were already supported.
-
Auto-discovery feature to simplify asset inventory, granting easy access to critical security findings.
-
Comprehensive set of out-of-the-box policies, offering insights into passing scores, failing controls, and impacted resources. Similar compliance semantics can be applied across hosts/Kubernetes/workloads or for any cloud assets.
-
Customizable zones enable the definition of policies tailored to specific environments.
-
Customization of policies with parameterized controls or create custom controls to meet their unique business, auditory or forensic requirements.
-
Detailed remediation guidance and streamlined risk acceptance flows help security, cloud and compliance teams to respond effectively.
Unique differentiators
-
Only CNAPP solution supporting hybrid multicloud including IBM Cloud and critical workloads (IaaS, IKS/ROKS, PowerVS, and VMware)
-
Out-of-the-box (OOTB) policies tailored to IBM Cloud including the CIS Benchmark for IBM Cloud, IBM Cloud Framework for Financial Services, and AI ICT and Security Guardrail policies. The AI Guardrail policies enable you to manage security risk and compliance as you scale your use of AI within your environment plus monitor related data controls required to handle AI and generative AI workloads.
-
Agentless scanning for IBM Cloud: Eliminates the need for agent installation simplifying deployment within IBM Cloud and across your hybrid multicloud environment.
Get started with IBM Cloud SCC Workload Protection
-
Navigate to the IBM Cloud Catalog.
-
Select the Security and Compliance Center Workload Protection tile.
-
Create an instance and automatically get the results for recommended IBM policies.
For more detailed instructions, see the documentation.
Related resources
Set of curated resources which give further details of the SCC Workload Protection:
-
KuppingerCole Ranks IBM Security and Compliance Center as a Leader in Cloud Native Application Protection
-
Product listing on IBM Marketplace
-
Janet Van - ‘Easily secure your IBM Cloud for VMware Cloud Foundation as a Service (VCFaaS) Linux Hosts with IBM Cloud Security and Compliance Center Workload Protection’: https://community.ibm.com/community/user/cloud/blogs/janet-van/2024/08/21/secure-vcfaas-with-scc-workload-protection
-
Janet Van - ‘Easily secure your IBM Cloud for VMware Cloud Foundation as a Service (VCFaaS) Linux Hosts with IBM Cloud Security and Compliance Center Workload Protection’: https://community.ibm.com/community/user/cloud/blogs/janet-van/2024/08/21/secure-vcfaas-with-scc-workload-protection
-
Best practices for posture management.
-
Tip: If you’re working with IBM Cloud resources, you can get started directly in the Security and Compliance Center.
-
PowerVS and Workload Protection
Authors and Contributors
- Janet Van, Product Manager for IBM Cloud, IBM
- Stephanie Schmader, Offering Management Lead for Industry and Security, IBM
- Jorge Salamero Sanz, VP Products, Sysdig
- Carlos Tolon, Manager, Solution Architecture, Sysdig
- Durgesh Shukla, Sr. PMM, Sysdig