Pragmatic, intelligent, risk-based practices

  • IBM Bluemix on developerWorks

    Apps, code, tutorials, and videos. Everything you need to start innovating today.

  • Try IBM Security AppScan

    Manage vulnerability testing throughout the software development life cycle.

developerWorks Premium: Exclusive tools to build your next great app. Learn more.


  • Manage security alerts with IBM DevOps Track & Plan

    95Track  & Plan is predominately used during  application development. However, it can also  be used by the applications to inform the  administrator when they are under attack. In  this tutorial, you learn the coding to make  this happen.

    Ori Pomerantz / 23 November 2015

  • Best security content from fourth quarter 2015

    95It's  been a busy fourth quarter so far at the  developerWorks Security zone. Producing the  most relevant and recent content is our top  priority as we continue our focus on helping  developers with all things security related.  We continue to produce content on helping  developers secure their Bluemix  applications through the security offerings  on Bluemix, teaching developers secure  engineering techniques, and helping IT  security practitioners assess their IT risks.  Here are some of the recent highlights from  the Security zone.

    developerWorks security editors / 17 November 2015

  • Verify server certificates in a Node.js Bluemix application

    95Applications often need to communicate with  remote servers and exchange information with  them. However, with the use of remote servers  comes the risk of masquerading. Attackers can  pretend to be the legitimate partners and  steal or falsify information. In this  article, you learn how to use certificates  from within your Node.js application that is  running in Bluemix to prevent such  masquerading.

    Ori Pomerantz / 05 November 2015

  • Connect to your data center with the Bluemix Secure Gateway service

    95This  tutorial shows how to configure a TLS tunnel  by using the Bluemix Secure Gateway  service, with encryption and authentication,  between a Bluemix application and data  center. The tunnel can then be used for a  database  connection.

    Ori Pomerantz / 29 October 2015

  • 10 essential security practices from IBM

    95Organizations face an ever-changing set of  risks in a world with rapidly changing  technology, and business models that call for  innovation, new platforms like cloud, and a  desire to connect systems with the world at  large. All of this adds to the complexity of  securely protecting the enterprise. Beth  Dunphy, Worldwide Strategy and Offering  Executive at IBM, introduces 10  essential security practices from IBM – a  flexible framework that helps organizations  simplify the challenge of designing a  balanced security  program.

    developerWorks security editors / 22 October 2015

  • Manage account approval in a Node.js Bluemix application

    95In  many circumstances, such as  business-to-consumer applications, it is best  to have users register on their own and then  have an administrator approve or reject the  account or specific account permissions. I  teach you how to implement such a system in  this article.

    Ori Pomerantz / 20 October 2015