IBM Cloud Global

Cloud Global

Our mission is to provide clients with an online user community of industry peers and IBM experts, to exchange tips and tricks, best practices, and product knowledge. We hope the information you find here helps you maximize the value of your IBM Cloud solutions.

 View Only

Strengthening Cloud Posture: Superior Security Posture Management with a Full-Stack Cloud-Native Protection Platform (CNAPP)

By JANET VAN posted Fri May 16, 2025 11:03 AM

  

Enhancing posture management and delivering full-stack protection across hybrid multicloud environments with exclusive coverage for IBM Cloud clients 

Introduction 

In today's complex cloud landscape, security can be siloed and challenging with no one-size-fits-all approach. Organizations are increasingly deploying workloads across public cloud, private infrastructure, and everything in between.  

As organizations accelerate digital transformation, cloud environments have become more dynamic, distributed, and complex. Traditional security tools that only monitor cloud configuration are no longer sufficient. At IBM, we’re committed to helping our customers stay ahead of this change—by evolving our cloud security and compliance solution that protects what matters most, wherever it runs. 

We are excited to announce to our IBM Cloud clients that cloud security posture management coverage for IBM Cloud, originally delivered in the first generation  of IBM Cloud Security and Compliance Center, has fully transitioned and expanded into the second generation of IBM Cloud Security and Compliance Center, also known as IBM Cloud Security and Compliance Center Workload Protection, a more powerful and comprehensive hybrid, multicloud cloud-native application protection (CNAPP) solution. While the first generation  users will continue to receive support during their transition, we encourage them to move to IBM Cloud Security and Compliance Center Workload Protection, the second generation solution, as soon as they can to leverage its expanded capabilities.  

Why This Change Matters 

Traditional CSPM tools have played a crucial role in helping organizations identify misconfigurations, enforce policy, and meet compliance goals. However, as security risks and threats have become more dynamic and workloads more complex, CSPM alone is no longer sufficient. 

IBM Cloud Security and Compliance Center Workload Protection represents a significant shift—from static posture scanning to active, context-aware protection across the entire lifecycle of cloud-native workloads. This transition reflects a broader movement across the industry toward CNAPP (Cloud-Native Application Protection Platform) architectures that integrate multiple layers of security intelligence and enforcement. Learn more about the second generation of Security and Compliance Center and its recognized leadership in the CNAPP market by KuppingerCole.

Introducing the second generation of the IBM Cloud Security and Compliance Center  

Also known as IBM Cloud Security and Compliance Center Workload Protection, this comprehensive and powerful solution brings together: 

  • Deep workload visibility: Monitor runtime behaviors and detect anomalies across hybrid multicloud including Kubernetes/OpenShift containers, PowerVS and VMware critical workloads and virtual machines. 

  • Integrated CSPM + CWPP: Unify cloud security posture management, identify misconfigurations, and protect workloads against active vulnerabilities and real-time threats, all from one dashboard. 

  • Enhanced compliance posture management: Monitor compliance posture with broader multicloud native support with auto-remediated guidance and audit readiness reporting. 

  • Robust set of policies and controls: Customize policies and leverage over 100 additional industry benchmarks and regulatory framework policies available out-of-the-box across IBM Cloud, hybrid multicloud. 

  • Policy enforcement across build and runtime: Enable secure development pipelines with policy-as-code controls and manage adherence to standardized policies. 

  • Risk-based prioritization: Identify the most critical vulnerabilities and misconfigurations that could impact your business to focus on first. 

  • Automated compliance workflows: Stay audit-ready with real-time evidence collection and reporting for compliance posture and security state. 

  • Flexible pricing model: Predictable, flexible and affordable pay-as-you-go pricing model. 

This unified experience ensures that DevOps, security, and compliance teams can collaborate on a single platform—improving both protection and agility. Security and Compliance Center Workload Protection also extends to support your hybrid multicloud security strategy. Whether you’re running regulated workloads in IBM Cloud, modernizing your Power environment with PowerVS, orchestrating microservices in RedHat OpenShift, or extending controls to AWS and Azure, this offering ensures end-to-end visibility, security and control. 

Next Steps for Customers 

If you're currently using the first generation of the Security and Compliance Center (SCC), we encourage you to start planning your transition to Security and Compliance Center Workload Protection, the second generation platform, by 16 June 2025.  . The process of onboarding to Security and Compliance Center Workload Protection  is automated and available in the catalog provisioning experience. Customers can easily connect their IBM Cloud accounts and enable CSPM with automated monitoring against IBM Cloud best practices. 

To get started: 

  • Learn more about IBM Cloud CSPM in Security and Compliance Center Workload Protection

Looking Ahead 

By transitioning to Security and Compliance Center Workload Protection, the second generation of the Security and Compliance Center, you will be leveraging a solution that keeps pace with the complexity of today’s applications and the sophistication of modern security risks and threats. This step forward enables a modern, extensible, and hybrid-ready foundation for protecting critical cloud-native applications—without compromise. 

We thank you for your trust in IBM, and we look forward to continuing this journey with you—stronger, smarter, and more secure. 

0 comments
75 views

Permalink

https://community.ibm.com/community/user/blogs/janet-van/2025/05/16/superior-cspm-and-full-stack-cnapp