By Janet Van Jorge Salamero Sanz Vivek Kinra 3 min read
April 14, 2023

We’re taking another step forward in our mission to help you achieve continuous security and compliance by introducing Workload Protection.

With the release of this integration with the IBM Cloud Security and Compliance Center, IBM Cloud further expands its cloud security capabilities, enabling customers to do the following:

  • Find and prioritize vulnerabilities across CI/CD pipelines, registries and runtimes.
  • Detect and respond to cloud and container threats.
  • Manage configurations, permissions and compliance.

What is Workload Protection?

In short, Workload Protection is a Cloud Workload Protection Platform (CWPP) that encompasses multicloud compliance and security posture management (CSPM) with threat detection and vulnerability scanning into one solution. Through the capabilities offered, customers can now have a unified view into risk across their infrastructure—be it containers, Kubernetes, or virtual or physical hosts across clouds (including IBM Cloud, Amazon Web Services, Google Cloud and Microsoft Azure). Furthermore, the service provides out-of-the-box rules to verify container and cloud compliance.

Workload Protection helps customers better understand and measure their progress against regulatory standards and leverages CIS Benchmarks for Kubernetes to provide guided remediation tips to help you maintain or quickly re-establish compliance.

How does it work?

Workload Protection ingests data from multiple data sources—including system calls, orchestrator and container audit logs, and cloud logs—to trigger alerts and enrich events with cloud, container and Kubernetes context. Insights from across your cloud environments are collected in a Software‑as‑a‑Service (SaaS) backend residing on IBM Cloud and available via an intuitive web interface to help you prevent, detect and respond at cloud speed:

Workload Protection is built on open standards for cloud-native security and control, including Falco (the open-source standard for cloud threat detection) and Open Policy Agent (OPA) (the open-source standard for Policy as Code).

What are the key Workload Protection use cases?

Workload Protection helps organizations secure and accelerate cloud innovation by providing deep visibility into cloud-native workloads and infrastructure to enable security use cases from source to run, including the following:

  • Detection of OS and non-OS vulnerabilities (e.g., Python, Node and Java packages) with in-depth image scanning across CI/CD pipelines, registries and runtimes.
  • Out-of-the-box policies to identify suspicious activity to detect, respond and implement requirements for compliance frameworks (e.g., PCI, NIST, SOC 2, ISO, etc.).
  • Cloud workload protection (CWP) for containers, Kubernetes and VMs across any cloud provider, including support for IBM Cloud Kubernetes Service, RedHat OpenShift Kubernetes Service, Amazon Elastic Kubernetes Service (EKS), Google Kubernetes Engine (GKE) and Azure Kubernetes Service (AKS).
  • Kubernetes network security validation and policy generation ​to help teams implement least-privilege and stop lateral movement threats.
  • Compliance and configuration management to validate against policies, including CIS Benchmarks for Kubernetes platforms, OWASP Top Ten, DISA guidelines and NSA/CISA hardening guides.
  • Incident response and forensics, capturing detailed activity records to investigate events and quickly respond, even after containers are no longer running.

How do I get started?

To start using Workload Protection, you can create an instance through the IBM Cloud catalog:

  1. Navigate to the IBM Cloud catalog.
  2. Select the Security and Compliance Center Workload Protection tile.
  3. Create an instance limited to us-east for this release.
  4. Deploy the agent.
  5. Start evaluating your resources.

For more detailed instructions, see the documentation.

Tip: If you’re working with IBM Cloud resources, you can get started directly in the Security and Compliance Center.

Feedback

In order to ensure that we are helping you to deliver on your own mission, we’d like to hear from you with any feedback that you might have. To share your questions with us, you can open a GitHub issue from a link at the top of any page in the IBM cloud documentation, open a ticket with IBM Cloud Support or reach out directly through email. 

Learn more about the IBM Cloud Security and Compliance Center.

Categories

Cloud  |  Security
Janet Van
Product Manager, Cloud Security and Compliance
Jorge Salamero Sanz
Vice President of Product Management at Sysdig
Vivek Kinra
Director of Product, Security and Compliance

More from Cloud
September 26, 2023

IBM Cloud VMware as a Service introduces multitenant as a new, cost-efficient consumption model

4 min read - Businesses often struggle with ongoing operational needs like monitoring, patching and maintenance of their VMware infrastructure or the added concerns over capacity management. At the same time, cost efficiency and control are very important. Not all workloads have identical needs and different business applications have variable requirements. For example, production applications and regulated workloads may require strong isolation, but development/testing, training environments, disaster recovery sites or other applications may have lower availability requirements or they can be ephemeral in nature,…

September 26, 2023

IBM accelerates enterprise AI for clients with new capabilities on IBM Z

5 min read - Today, we are excited to unveil a new suite of AI offerings for IBM Z that are designed to help clients improve business outcomes by speeding the implementation of enterprise AI on IBM Z across a wide variety of use cases and industries. We are bringing artificial intelligence (AI) to emerging use cases that our clients (like Swiss insurance provider La Mobilière) have begun exploring, such as enhancing the accuracy of insurance policy recommendations, increasing the accuracy and timeliness of…

September 26, 2023

IBM NS1 Connect: How IBM is delivering network connectivity with premium DNS offerings

4 min read - For most enterprises, how their users access applications and data is an essential part of doing business, and how they service those application and data responses has a direct correlation to revenue generation.    According to We Are Social’s Digital 2023 Global Overview Report, there are 5.19 billion people around the world using the internet in 2023. There’s an imperative need for businesses to trust their networks to deliver meaningful content to address customer needs.  So how responsive is the…

September 21, 2023

Kubernetes version 1.28 now available in IBM Cloud Kubernetes Service

2 min read - We are excited to announce the availability of Kubernetes version 1.28 for your clusters that are running in IBM Cloud Kubernetes Service. This is our 23rd release of Kubernetes. With our Kubernetes service, you can easily upgrade your clusters without the need for deep Kubernetes knowledge. When you deploy new clusters, the default Kubernetes version remains 1.27 (soon to be 1.28); you can also choose to immediately deploy version 1.28. Learn more about deploying clusters here. Kubernetes version 1.28 In…