IBM Cloud Pak for Security V1.2 offers more connectivity, enhanced core services, new threat intelligence and detection capabilities, and expert labs assistance to provide threat management across hybrid multicloud environments

IBM Europe Software Announcement ZP20-0068
February 24, 2020

Table of contents

	Overview		Technical information
	Key requirements		Ordering information
	Planned availability date		Terms and conditions
	Description		Prices
	Program number		Announcement countries
	Publications

(Corrected on March 17, 2020)

Revised Availability of national languages section and Ordering information section.

At a glance

IBM Cloud Pak™ for Security V1.2 delivers:

A new Threat Intelligence Insights application
Improved platform and core services
Flexible implementation services for deployment
Enhancements to Data Explorer to streamline federated search and investigation use cases
Access to IBM Resilient® Security Orchestration, Automation and Response (SOAR) with the latest enhancements
Access to industry-leading security analytics with IBM QRadar®

As clients move their businesses to the cloud, security data is spread across different tools, clouds, and on-premises IT environments. This creates gaps that can cause threats to be missed and require costly, complex integrations to close the holes.

Cloud Pak for Security V1.2 provides a platform that helps more quickly integrate clients' existing security tools to help generate deeper insights into threats across hybrid multicloud environments. By using an infrastructure-independent common operating environment that runs anywhere within a hybrid multicloud environment, clients can quickly search for threats, orchestrate actions, and automate responses, all while leaving their data where it resides.

In addition, Cloud Pak for Security V1.2 provides the following benefits:

Connects disparate data sources to help uncover hidden threats and improve risk-based decisions while leaving the data where it resides. Through the use of open standards and IBM innovations, clients can access IBM and third-party tools to search for threat indicators across any cloud or on-premises location.
Connects client workflows with a unified interface to help respond faster to security incidents. Enables clients to orchestrate and automate security responses so they can better prioritize their teams' time.
Comprises containerized software that includes the Red Hat® OpenShift® enterprise application platform that has been adopted by more than 1,000 organizations worldwide.
Optimized to operate on the Red Hat OpenShift Container Platform, which is included with Cloud Pak for Security V1.2.

Key requirements

Workstation with a supported operating system
Supported web browser

For additional details, see the Technical Information section.

Planned availability date

March 26, 2020

See the Availability of national languages section for national language availability.

Description

Cloud Pak for Security is a platform that helps you uncover hidden threats, make more informed risk-based decisions, and prioritize your teams' time. Key features and capabilities of Cloud Pak for Security V1.2 include:

Improved platform and core services:
- Refined installation experience to reduce time to deploy.
- Enhancements to core services to support new use cases and facilitate application development.
- Ability to support higher query volumes.
- Enriched security analysis experience with core capability to facilitate summary views.
- Expanded connectivity of the platform with additional connectors. See Connecting a data source web page.
Flexible implementation services for deployment:
- IBM Security Expert Labs Implementation Services to deploy Cloud Pak for Security.
- Expert Lab services span adoption, expansion, and optimization with operational readiness and enterprise scale-out programs.
- Expert on-demand services to assist with architecture, implementation, and guidance on connecting data sources and federated search.
Enhancements to Data Explorer to streamline federated search and investigation use cases:
- Flexibility to use Data Explorer for federated search and investigation, providing top-down, ad hoc threat hunting activities to inspect all connected data sources.
- Log Insights View displays all available attributes from logs and events without navigating a table and column view.
- Incremental usability enhancements.
Access to Resilient SOAR with the latest enhancements:
- Support for user-defined user interface themes, including dark mode.
- Simplifies the measurement of your teams' operational performance to identify bottlenecks and areas for improvement with easily configurable time tracking.
Addition of a Threat Intelligence Insights application:
- Enables you to generate the latest X-Force® IRIS (Incident Response and Intelligence Services) analyst-curated threat intelligence reports on threat activity, malware analysis, and threat groups.
- Enables you to prioritize threats with X-Force Threat Score, an adaptive score based on relevance, severity, penetration, impact, and environmental sightings.
- Enables you to identify threats active in your environment with Am I Affected, which runs continuous and automated searches across connected data sources.
Access to the IBM QRadar Security Intelligence Platform:
- Intelligent security analytics. Enables visibility, detection, and investigation for a wide range of known and unknown threats.
- Event analytics. Ingests, parses, normalizes, correlates, and analyzes log and event data to detect indicators of threats, identify anomalous activities, automatically connect related threat activity, and alert security teams to potential threats.
- Flow analytics. Collects, extracts, and normalizes valuable network flow data and packet metadata to augment log-based security insights and identify network and application level threat activity, such as phishing, lateral movement, and data exfiltration.

With this release, the statement of direction as announced in Software Announcement ZP19-0126, dated February 12, 2019, has been satisfied.

Accessibility by people with disabilities

A US Section 508 Voluntary Product Accessibility Template (VPAT) containing details on accessibility compliance can be found on the IBM Accessibility website.

Reference information

For additional information about Cloud Pak for Security, see Software Announcement ZP19-0157, dated November 12, 2019.

For additional information about Resilient SOAR Platform, formerly known as Resilient Incident Response Platform, as an on-premises offering, see the following Software Announcements ZP19-0288, dated June 11, 2019, and ZP19-0134, dated April 16, 2019.

Availability of national languages

Description	Language
IBM® Resilient SOAR Platform	Brazilian Portuguese, English, French, German, Italian, Japanese, Korean, Russian, Simplified Chinese, Spanish, and Traditional Chinese
IBM Security Data Explorer	Brazilian Portuguese, English, French, German, Italian, Japanese, Korean, Russian, Spanish, Simplified Chinese, and Traditional Chinese
IBM Security Threat Intelligence Insights	Brazilian Portuguese, English, French, German, Italian, Japanese, Korean, Russian, Spanish, Simplified Chinese, and Traditional Chinese
IBM QRadar	Brazilian Portuguese, English, French, German, Italian, Japanese, Korean, Simplified Chinese, Spanish, and Traditional Chinese

Translation information, if available, can be found at the Translation Reports website.

Program number

Program number	VRM	Program name
5737-L74	1.2.0	IBM Cloud Pak for Security
Not applicable	1.2.0	IBM Security Data Explorer
Not applicable	1.2.0	IBM Security Threat Intelligence Insights
5737-A52	Not applicable	IBM Resilient Security Orchestration, Automation, and Response (SOAR) Platform
5737-B52	Not applicable	IBM QRadar Software
5737-B54	Not applicable	IBM QRadar Event Capacity
5737-B54	Not applicable	IBM QRadar Flows Capacity
5737-D10	Not applicable	IBM QRadar Software Node
5737-B35	Not applicable	IBM QRadar Network Insights Software
5737-D34	Not applicable	IBM QRadar Data Store
5900-A3J	Cloud service	IBM Security Threat Intelligence Insights
5900-A8T	Services	IBM Expert Labs for IBM Cloud Pak for Security

Education support

See IBM Security Learning Academy for training on Cloud Pak for Security, Resilient SOAR Platform and QRadar.

Offering Information

Product information is available on the IBM Offering Information website.

More information is also available on the Passport Advantage® and Passport Advantage Express® website.

Publications

For documentation within this announcement, see IBM Knowledge Center for the following offerings:

Services

Global Technology Services

Contact your IBM representative for the list of selected services available in your country, either as standard or customized offerings for the efficient installation, implementation, or integration of this product.

Technical information

Specified operating environment

Hardware requirements

For hardware requirement details, see IBM Knowledge Center, beginning March 26, 2020.

Software requirements

For software requirement details, see IBM Knowledge Center, beginning March 26, 2020.

Such information is provided subject to the following terms. IT system security involves protecting systems and information through prevention, detection, and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated, or misused, or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service, or security measure can be completely effective in preventing improper use or access. IBM systems, products, and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products, or services to be most effective.

Important: IBM does not warrant that any systems, products, or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

IBM Support

IBM Support is your gateway to technical support tools and resources that are designed to help you save time and simplify support. IBM Support can help you find answers to questions, download fixes, troubleshoot, submit and track problem cases, and build skills. Learn and stay informed about the transformation of IBM Support, including new tools, new processes, and new capabilities, by going to the IBM Support Insider.

Planning information

Packaging

This offering is delivered through the internet as an electronic download. There is no physical media.

Ordering information

For ordering information, consult your IBM representative or IBM Business Partner, or go to the Passport Advantage website.

This product is only available through Passport Advantage. It is not available as shrinkwrap.

These products may only be sold directly by IBM or by IBM Business Partners.

To locate IBM Business Partners in your geography, see the Find a Business Partner page.

Passport Advantage

IBM Cloud Pak for Security (5737-L74)

Program name/Description	Part number
IBM Cloud Pak for Security (Gen 2) 100 Managed Virtual Server License + SW Subscription & Support 12 Months	D27Q1LL
IBM Cloud Pak for Security (Gen 2) 100 Managed Virtual Server SW Subscription & Support Reinstatement 12 Months	D27Q2LL
IBM Cloud Pak for Security (Gen 2) 100 Managed Virtual Server Annual SW Subscription & Support Renewal	E0QWYLL
IBM Cloud Pak for Security (Gen 2) 100 Managed Virtual Server Committed Term License	D27PCLL
IBM Cloud Pak for Security (Gen 2) 100 Managed Virtual Server Committed Term License Upgrade	D27PKLL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery 100 Managed Virtual Server License + SW Subscription & Support 12 Months	D27Q5LL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery 100 Managed Virtual Server SW Subscription & Support Reinstatement 12 Months	D27Q6LL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery 100 Managed Virtual Server Annual SW Subscription & Support Renewal	E0QX0LL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery 100 Managed Virtual Server Committed Term License	D27PELL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery 100 Managed Virtual Server Committed Term License Upgrade	D27PMLL

IBM Security Threat Intelligence Insights (5900-A3J)

Program name/Description	Part number
Threat Intelligence Insights Advanced for Cloud Pak for Security 100 Managed Virtual Servers per Month	D016DZX
Threat Intelligence Insights Advanced for Cloud Pak for Security 100 Managed Virtual Servers Overage	D02CMZX
Threat Intelligence Insights for IBM Cloud Pak for Security Service Level Agreement	D016EZX

IBM Expert Labs for IBM Cloud Pak for Security (5900-A8T)

Program name/Description	Part number
IBM Security Expert on Demand for IBM Cloud Pak for Security per Engagement	D02CNZX

Passport Advantage trade up

You must have previously acquired a license for at least one of the individual products in this platform offering to be eligible to acquire an equivalent license of the trade-up product.

IBM Cloud Pak for Security (5737-L74)

Program name/Description	Part number
IBM Cloud Pak for Security (Gen 2) 100 Managed Virtual Server From Eligible Program Trade Up License + SW Subscription & Support 12 Months	D27QHLL
IBM Cloud Pak for Security (Gen 2) for IBM Z 100 Managed Virtual Server From Eligible Program Trade Up License + SW Subscription & Support 12 Months	D27QILL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery 100 Managed Virtual Server From Eligible Program Trade Up License + SW Subscription & Support 12 Months	D27QJLL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery for IBM Z 100 Managed Virtual Server From Eligible Program Trade Up License + SW Subscription & Support 12 Months	D27QKLL

Clients must have current Software Subscription and Support (S&S) in place for all of the licenses that will be traded up by the use of the trade-up part numbers.

Consult your IBM representative or IBM Business Partner if you have any questions.

Cross-platform product for use on IBM Z®

This set of part numbers provides the identical supply and authorization as the other set in this announcement. They should be used by IBM Z sellers when ordering this offering.

IBM Cloud Pak for Security (5737-L74)

Program name/Description	Part number
IBM Cloud Pak for Security (Gen 2) for IBM Z 100 Managed Virtual Server License + SW Subscription & Support 12 Months	D27Q3LL
IBM Cloud Pak for Security (Gen 2) for IBM Z 100 Managed Virtual Server SW Subscription & Support Reinstatement 12 Months	D27Q4LL
IBM Cloud Pak for Security (Gen 2) for IBM Z 100 Managed Virtual Server Annual SW Subscription & Support Renewal	E0QWZLL
IBM Cloud Pak for Security (Gen 2) for IBM Z 100 Managed Virtual Server Committed Term License	D27PDLL
IBM Cloud Pak for Security (Gen 2) for IBM Z 100 Managed Virtual Server Committed Term License Upgrade	D27PLLL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery for IBM Z 100 Managed Virtual Server License + SW Subscription & Support 12 Months	D27Q7LL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery for IBM Z 100 Managed Virtual Server SW Subscription & Support Reinstatement 12 Months	D27Q8LL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery for IBM Z 100 Managed Virtual Server Annual SW Subscription & Support Renewal	E0QX1LL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery for IBM Z 100 Managed Virtual Server Committed Term License	D27PFLL
IBM Cloud Pak for Security (Gen 2) Disaster Recovery for IBM Z 100 Managed Virtual Server Committed Term License Upgrade	D27PNLL

Charge metric

Charge metric for licensed products

The charge metrics for this licensed product can be found in the following License Information document:

Program identifier	License Information document title	License Information document number
5737-L74	IBM Cloud Pak for Security V1.2.0	L-GBLK-BLBNHU
5737-L74	IBM Cloud Pak for Security Disaster Recovery V1.2	L-GBLK-BLNS5J

Select your language of choice and scroll down to the Charge Metrics section. Follow-on releases, if any, may have updated terms. See the License Information documents website for more information.

Charge metric for cloud services

The charge metrics for this cloud service can be found in the following Service Description document:

Program identifier	Service Description document title	Service Description document number
5900-A3J	IBM Security Threat Intelligence Insights for IBM Cloud Pak for Security	7393-06
5900-A8T	IBM Expert Labs for IBM Cloud Pak for Security	8730-01

Select your language of choice and scroll down to the Charge Metrics section. Follow-on releases, if any, may have updated terms. See the Cloud Services terms website and search using the four-digit base Service Description number.

Terms and conditions

Terms and conditions for the licensed product

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction with IBM are contained in the applicable contract documents such as the IBM International Program License Agreement, IBM International Passport Advantage Agreement, and the IBM Agreement for Acquisition of Software Maintenance.

This product is only available through Passport Advantage.

Licensing

IBM International Program License Agreement including the License Information document and Proof of Entitlement (PoE) govern your use of the program. PoEs are required for all authorized use. Part number products only, offered outside of Passport Advantage, where applicable, are license only and do not include Software Maintenance.

This software license includes Software Subscription and Support (also referred to as Software Maintenance).

Software Maintenance

This program is licensed under the IBM Program License Agreement (IPLA) and the associated Agreement for Acquisition of Software Maintenance, which provide for support with ongoing access to releases and versions of the program. IBM includes one year of Software Subscription and Support (also referred to as Software Maintenance) with the initial license acquisition of each program acquired. The initial period of Software Subscription and Support (also referred to as Software Maintenance) can be extended by the purchase of a renewal option, if available. These programs have a one-time license charge for use of the program and an annual renewable charge for the enhanced support that includes telephone assistance (voice support for defects during normal business hours), as well as access to updates, releases, and versions of the program as long as support is in effect.

License Information number

For License Information documents, see the IBM Software License Agreement website.

Program number	License Information document title	License Information document number
5737-L74	IBM Cloud Pak for Security V1.2	L-GBLK-BLBNHU
5737-L74	IBM Cloud Pak for Security Disaster Recovery V1.2	L-GBLK-BLNS5J

Limited warranty applies

Yes

Limited warranty

IBM warrants that when the program is used in the specified operating environment, it will conform to its specifications. The warranty applies only to the unmodified portion of the program. IBM does not warrant uninterrupted or error-free operation of the program or that IBM will correct all program defects. You are responsible for the results obtained from the use of the program.

IBM provides you with access to IBM databases containing information on known program defects, defect corrections, restrictions, and bypasses at no additional charge. For further information, see the IBM Support Guide.

IBM will maintain this information for at least one year after the original licensee acquires the program (warranty period).

Program technical support

Technical support of a program version or release of a specific program within this offering will be available as long as:

The program is still supported
Your Software Subscription and Support for this offering is in effect

Program technical support terms

Technical support of a program product version or release is available for a minimum of one year from the general availability date, as long as your Software Subscription and Support (also referred to as Software Maintenance) is in effect. This enables you to obtain assistance (by telephone or electronic means) from IBM for product-specific, task-oriented questions regarding the installation and operation of the program.
Software Subscription and Support (Software Maintenance) also provides you with access to versions, releases, and updates of the program.
You will be notified, through an announcement letter, of discontinuance of support with six months' notice.

For additional information on this support lifecycle, see the IBM Cloud Pak for Security Support Lifecycle Policy website.

Money-back guarantee

If for any reason you are dissatisfied with the program and you are the original licensee, you may obtain a refund of the amount you paid for it, if within 30 days of your invoice date you return the program and its PoE to the party from whom you obtained it. If you downloaded the program, you may contact the party from whom you acquired it for instructions on how to obtain the refund.

For clarification, note that (1) for programs acquired under the IBM International Passport Advantage offering, this term applies only to your first acquisition of the program and (2) for programs acquired under any of IBM's On/Off Capacity on Demand (On/Off CoD) software offerings, this term does not apply since these offerings apply to programs already acquired and in use by you.

Volume orders (IVO)

Passport Advantage applies

Yes, information is available on the Passport Advantage and Passport Advantage Express website.

Software Subscription and Support applies

Yes. Software Subscription and Support, also referred to as Software Maintenance, is included with licenses purchased through Passport Advantage and Passport Advantage Express. Product upgrades and Technical Support are provided by the Software Subscription and Support offering as described in the Agreements. Product upgrades provide the latest versions and releases to entitled software, and Technical Support provides voice and electronic access to IBM support organizations, worldwide.

IBM includes one year of Software Subscription and Support with each program license acquired. The initial period of Software Subscription and Support can be extended by the purchase of a renewal option, if available.

While your Software Subscription and Support is in effect, IBM provides you assistance for your routine, short duration installation and usage (how-to) questions, and code-related questions. IBM provides assistance by telephone and, if available, electronic access, only to your information systems (IS) technical support personnel during the normal business hours (published prime shift hours) of your IBM support center. (This assistance is not available to your users.) IBM provides Severity 1 assistance 24 hours a day, 7 days a week. For additional details, see the IBM Support Guide. Software Subscription and Support does not include assistance for the design and development of applications, your use of programs in other than their specified operating environment, or failures caused by products for which IBM is not responsible under the applicable agreements.

Unless specified otherwise in a written agreement with you, IBM does not provide support for third-party products that were not provided by IBM. Ensure that when contacting IBM for covered support, you follow problem determination and other instructions that IBM provides, including in the IBM Support Guide.

For additional information about the International Passport Advantage Agreement and the IBM International Passport Advantage Express Agreement, go to the Passport Advantage and Passport Advantage Express website.

Other support

Passport Advantage

Variable charges apply

Educational allowance available

Education allowance does not apply. Education software allowance does not apply. Special education prices are available for qualified clients through Passport Advantage.

Terms and conditions for the cloud service

The information provided in this announcement letter is for reference and convenience purposes only. The terms and conditions that govern any transaction for the acquisition of Cloud Services from IBM consist of either the IBM Cloud™ Services Agreement and the applicable offering Service Description or the IBM International Passport Advantage Agreement or the International Passport Advantage Express Agreement and the IBM Terms of Use - General Terms for Cloud Offerings and the applicable offering Service Description.

Technical support

Technical support is provided for Cloud Services and enabling software, as applicable, during the subscription period. Any enhancements, updates, and other materials provided by IBM as part of any such technical support are considered to be part of the Cloud Service, as applicable, and therefore governed by the applicable agreement as defined in Client's quote or transaction document. Technical support is included with the Cloud Service and is not available as a separate offering.

Additional technical support information for this Cloud Service offering may be found in the IBM Support Guide or in service-specific documentation.

Service Description

The following Service Description document apply to this offering in this announcement.

Program identifier	Service Description document title	Service Description document number
5900-A3J	IBM Security Threat Intelligence Insights for IBM Cloud Pak for Security	8731-01
5900-A8T	IBM Expert Labs for IBM Cloud Pak for Security	8730-01

Follow-on levels of these cloud services, if any, may have updated terms. See the Cloud Services terms website and search using the four-digit base Service Description numbers.

Limited warranty

See the warranty defined in the applicable agreement governing client's acquisition for this offering.

Money-back guarantee

Volume orders (IVO)

Passport Advantage applies

Yes, information is available on the Passport Advantage and Passport Advantage Express website.

Usage restrictions

Yes

For any usage restrictions, see the Service Description documents listed in this Terms and conditions section.

Other support

Passport Advantage

Educational allowance available

No.

Statement of good security practices

IT system security involves protecting systems and information through intrusion prevention, detection, and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, or misappropriated or can result in misuse of your systems to attack others. Without a comprehensive approach to security, no IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a regulatory compliant, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products, or services to be most effective.

Important: IBM does not warrant that any systems, products, or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.

Prices

For all local charges, contact your local IBM representative or IBM Business Partner.

Business Partner information

If you are an IBM Business Partner acquiring products from IBM, you may link to Passport Advantage Online for resellers where you can obtain Business Partner pricing information. An IBMid and password are required to access the IBM Passport Advantage or IBM PartnerWorld® website.

Passport Advantage

For Passport Advantage information and charges, contact your IBM representative or IBM Business Partner. Additional information is also available on the Passport Advantage and Passport Advantage Express website.

IBM Global Financing

IBM Global Financing offers competitive financing to credit-qualified clients to assist them in acquiring IT solutions. Offerings include financing for IT acquisition, including hardware, software, and services, from both IBM and other manufacturers or vendors. Offerings (for all client segments: small, medium, and large enterprise), rates, terms, and availability can vary by country. Contact your local IBM Global Financing organization or go to the IBM Global Financing website for more information.

IBM Global Financing offerings are provided through IBM Credit LLC in the United States, and other IBM subsidiaries and divisions worldwide to qualified commercial and government clients. Rates are based on a client's credit rating, financing terms, offering type, equipment type, and options, and may vary by country. Other restrictions may apply. Rates and offerings are subject to change, extension, or withdrawal without notice.

Announcement countries

All European, Middle Eastern, and African countries, except Islamic Republic of Iran, Sudan, and Syrian Arab Republic.

Trademarks

IBM Cloud Pak and IBM Cloud are trademarks of IBM Corporation in the United States, other countries, or both.

Resilient, QRadar, IBM, Global Technology Services, PartnerWorld, Passport Advantage, Express, X-Force and IBM Z are registered trademarks of IBM Corporation in the United States, other countries, or both.

Red Hat and OpenShift are registered trademarks of Red Hat Inc. in the U.S. and other countries.

Other company, product, and service names may be trademarks or service marks of others.

Terms of use

IBM products and services which are announced and available in your country can be ordered under the applicable standard agreements, terms, conditions, and prices in effect at the time. IBM reserves the right to modify or withdraw this announcement at any time without notice. This announcement is provided for your information only. Reference to other products in this announcement does not necessarily imply those products are announced, or intend to be announced, in your country. Additional terms of use are located at

For the most current information regarding IBM products, consult your IBM representative or reseller, or go to the IBM worldwide contacts page

IBM Directory of worldwide contacts