Enhancing posture management and delivering full-stack protection across hybrid multicloud environments with exclusive coverage for IBM Cloud clients
Introduction
In today's complex cloud landscape, security can be siloed and challenging with no one-size-fits-all approach. Organizations are increasingly deploying workloads across public cloud, private infrastructure, and everything in between.
As organizations accelerate digital transformation, cloud environments have become more dynamic, distributed, and complex. Traditional security tools that only monitor cloud configuration are no longer sufficient. At IBM, we’re committed to helping our customers stay ahead of this change—by evolving our cloud security and compliance solution that protects what matters most, wherever it runs.
We are excited to announce to our IBM Cloud clients that cloud security posture management coverage for IBM Cloud, originally delivered in the first generation of IBM Cloud Security and Compliance Center, has fully transitioned and expanded into the second generation of IBM Cloud Security and Compliance Center, also known as IBM Cloud Security and Compliance Center Workload Protection, a more powerful and comprehensive hybrid, multicloud cloud-native application protection (CNAPP) solution. While the first generation users will continue to receive support during their transition, we encourage them to move to IBM Cloud Security and Compliance Center Workload Protection, the second generation solution, as soon as they can to leverage its expanded capabilities.
Why This Change Matters
Traditional CSPM tools have played a crucial role in helping organizations identify misconfigurations, enforce policy, and meet compliance goals. However, as security risks and threats have become more dynamic and workloads more complex, CSPM alone is no longer sufficient.
Workload Protection represents a significant shift—from static posture scanning to active, context-aware protection across the entire lifecycle of cloud-native workloads. This transition reflects a broader movement across the industry toward CNAPP (Cloud-Native Application Protection Platform) architectures that integrate multiple layers of security intelligence and enforcement. Learn more about the second generation of Security and Compliance Center and its recognized leadership in the CNAPP market by KuppingerCole.
Introducing the second generation of the IBM Cloud Security and Compliance Center
Also known as IBM Cloud Security and Compliance Center Workload Protection, this comprehensive and powerful solution brings together:
-
Integrated CSPM + CWPP: Unify cloud security posture management, identify misconfigurations, and protect workloads against active vulnerabilities and real-time threats, all from one dashboard.
This unified experience ensures that DevOps, security, and compliance teams can collaborate on a single platform—improving both protection and agility. Security and Compliance Center Workload Protection also extends to support your hybrid multicloud security strategy. Whether you’re running regulated workloads in IBM Cloud, modernizing your Power environment with PowerVS, orchestrating microservices in RedHat OpenShift, or extending controls to AWS and Azure, this offering ensures end-to-end visibility, security and control.
Next Steps for Customers
If you're currently using the first generation of the Security and Compliance Center (SCC), we encourage you to start planning your transition to Security and Compliance Center Workload Protection, the second generation platform, by 16 June 2025. . The process of onboarding to Security and Compliance Center Workload Protection is automated and available in the catalog provisioning experience. Customers can easily connect their IBM Cloud accounts and enable CSPM with automated monitoring against IBM Cloud best practices.
Looking Ahead
By transitioning to Security and Compliance Center Workload Protection, the second generation of the Security and Compliance Center, you will be leveraging a solution that keeps pace with the complexity of today’s applications and the sophistication of modern security risks and threats. This step forward enables a modern, extensible, and hybrid-ready foundation for protecting critical cloud-native applications—without compromise.
We thank you for your trust in IBM, and we look forward to continuing this journey with you—stronger, smarter, and more secure.