IBM injecte du zero trust au service Cloud Pak for Security

The latest version of Cloud Pak for Security unveiled by IBM targets customers who want to deploy zero trust security installations to protect corporate resources. IBM Cloud Paks bring together elements of Red Hat’s Kubernetes-based OpenShift Container Platform with Red Hat Linux and various technologies. They make it easy to deploy and manage containers on the private or public cloud of their choice, especially AWS, Microsoft Azure, Google Cloud Platform, Alibaba, and IBM Cloud. Cloud Pak for Security includes, among other things, open source threat detection technology, plus automation capabilities to accelerate response to cyber attacks, and it concentrates the data collected by security products running on the Internet into a single console. existing customer endpoints.

Integration of several security models

The SaaS version of Cloud Pak for Security added by IBM now includes security models with a roadmap of security capabilities, plus guidance on how to integrate them into a zero trust architecture. For example, an insider threat model implements enterprise-level proactive management of insider threats by detecting anomalies in user behavior and enforcing security policies. In addition, to secure Android, Windows, iOS, and Mac apps and content, IBM also added behavior-based mobile threat detection, a feature borrowed from the Watson-based Security MaaS360 system.

“This zero trust approach allows employees to connect and work securely from any location, from any device, and access data on any infrastructure,” wrote Mary. O’Brien, Managing Director of IBM Security, in a zero trust blog. “We can thus offer fluid and dynamic customer experiences based on confidentiality and security or confidently migrate operations to the cloud by integrating security controls and ensuring cross-domain visibility,” she added. .

A foray into SASE with Zscaler

With these models, organizations can use Cloud Pak for Security to define or limit user access to data and help reduce their exposure in the event of a compromise. This connection will more easily generate information about data usage and privacy risk, enforce security policies, automate remediation responses, but also help businesses detect and respond effectively to risk issues. and compliance. This latest version of IBM Cloud Pak for Security also includes a more comprehensive set of data security features from the Security Guardium service which, according to Big Blue, “prevents data leaks from databases, data warehouses and environments. Big Data like Hadoop, guarantees information integrity and automates compliance checks in heterogeneous environments ”. Cloud Pak for Security is available now.

This upgrade includes a partnership with Zscaler, the backbone of zero trust security, which enables Big Blue to step into the emerging Secure Access Service Edge (SASE) service. “By working with the IBM Security Services service group, which supports various security components including Cloud Pak, customers can implement SASE security services or other enterprise zero trust initiatives,” said IBM. Specifically, IBM integrates Zscaler Private Access and Internet Access secure web services to support different types of tasks ranging from access management and threat detection to remediation. “Today, the only way to truly secure digital businesses is to adopt a zero trust security model, which combines user identity validation with company policies to grant direct access to applications and authorized resources, ”Jay Chaudhry, CEO of Zscaler, said in a statement.