security

Security Containerized Workloads in IBM Cloud Using Aporeto

This blog was co-authored with Amir Sharif, co-founder of Aporeto. We’re excited to bring Aporeto’s capabilities to IBM Cloud Container Service, providing choice and flexibility to our users.

Continue reading

Complete run-time container security for production Kubernetes workloads

In this blog post we discuss how NeuVector integrates with IBM Cloud Container Service to provide complete run-time container security for your production Kubernetes workloads. We are excited to partner together to demonstrate how quickly and easily users can deploy a Kubernetes cluster in IBM Cloud and then secure those workloads in this new and ever-changing container and microservice world.

Continue reading

How to: Credentials in a serverless Slackbot app

Recently, I introduced you to a new tutorial for a database-driven Slackbot. Today, I am going to discuss security details, how the IBM Watson Conversation service is accessing a Db2 Warehouse service from within a dialog. It uses a serverless setup with IBM Cloud Functions. All the necessary credentials to execute the code and to access the Db2 database are automatically bound. Hence, the function code and the dialog don't need any account-specific changes and are generic.

Continue reading

Passport + Twilio: Two-factor authentication for Customer Identity Management

IBM is building the next generation cloud platform that provides necessary tools and services to application developers. IBM Cloud platform, built on open technology, gives developers the power they need to build without the traditional ‘do it yourself’ approach to feature development. When you build applications on IBM Cloud, you can leverage the ecosystem of tools they provide to add additional features to your application outside of your expertise.

Continue reading

Use your own branded UI for user sign-in with App ID

With IBM Cloud App ID’s Cloud Directory feature, you can create a user registry, and add sign-up and email/password sign-in to your mobile or web app. Cloud Directory comes with a pre-built sign-in widget that you can use, or if you prefer to use your own branding, you can replace it with your own custom UI. This blog will show you how to use Cloud Directory APIs and add your own custom sign-in screen to an Android application. You can find the Android Cloud Land App on GitHub.

Continue reading

Taking action to secure our IBM Cloud Container Service against recent Spectre and Meltdown security vulnerabilities

We’re taking action to secure our IBM Cloud Container Service against the recent Spectre and Meltdown security vulnerabilities. We’ve been working closely with our vendors and IBM Cloud Infrastructure teams concerning the security vulnerability announced on January 3, 2018. This vulnerability has the potential to allow those with malicious intent to gather sensitive data from computing devices. Intel believes these exploits do not have the potential to corrupt, modify, or delete data.

Continue reading

We’re taking action to secure our cloud against recent security vulnerabilities

We've been working closely with Intel to mitigate the security vulnerability announced on January 3, 2018. Here's how it affects customers.

Continue reading

Announcing IBM Key Protect London Region Release on IBM Cloud

Having the ability to protect applications and supporting data in a public cloud environment is a critical component of all organizations security governance protocols. On December 15, 2017 IBM added a new security service to the London Region to help you build data-at-rest security into the IBM Cloud. IBM Key Protect is now available on […]

Continue reading

Connecting your Kubernetes cluster to on-premises resources

Writing microservices in containers and deploying them to a Kubernetes cluster running on IBM Cloud is a great way to create greenfield applications. Frequently you'll also have mountains of useful data hosted by on-premises systems. What if you can’t migrate this data to the cloud due to compliance reasons, but you still want to allow your new microservice application to leverage it?

Continue reading