On February 16, 2016 IBM announced authentication enhancements for z Systems, including a new product IBM Multi-Factor Authentication for z/OS (5655-162), with a planned availability date of March 25, 2016.
IBM z/OS Security Server Resource Access Control Facility (RACF) provided enabling infrastructure updates for z/OS V2R1 and V2R2.
IBM Security zSecure suite provided supporting updates for zSecure 2.1, 2.1.1, and 2.2.
Multi-Factor Authentication raises the level of assurance of mission-critical systems by requiring authentication with multiple factors during the logon process.
Each authentication factor must be from a separate category of credential types:
1) Something you know (e.g. a password or PIN code),
2) Something you have (e.g. an ID badge or a cryptographic key),
3) Something you are (e.g. a fingerprint or other biometric data).
More details can be located through this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.
You might also be interested in the zSec
Comment (1) Visits (689)
Exciting news out of the #IBMSecuritySummit that signifies our journey into the era of #CognitiveSecurity – Watson for Cyber Security is a new version of Watson trained in the language of security and delivered via the IBM Cloud. http
Read the blog post over at IBM Security at http
You can read more about Cognitive Security here.
An assessment of recent data from IBM Managed Security Services (IBM MSS) reveals some interesting findings about attack vectors that don’t make headlines anymore: "Footprinting and Password Brute Force Attack Patterning."
IBM Security Guardium® leads the way in providing a monitoring and auditing solution for NoSQL database systems. In this article by Kathryn Zeidenstein and Sundari Voruganti, the authors provide an overview of one popular NoSQL database, Apache Cassandra, and explain how and why Guardium can help organizations protect Cassandra data and automate compliance reporting and sign-offs. This article includes detailed instructions and a sample security policy to help you configure Guardium and extract value immediately.
Too often, we hear of huge corporations being attacked and losing valuable client information. What can be done if this happens to you? What can be learned from others' mistakes?
Ori Pomerantz's new tutorial discusses how to write an application in the Bluemix Time Series Database. This application allows you to view information quickly from a dashboard and generate time-stamped statistics. By creating reports on events by time, components, and hosts, you can determine if there are any patterns by looking at current and past malicious activity. With this in mind, use analytics from these reports to determine future malicious behavior. Then you'll know how to better prepare yourself and your organization from future attacks, safeguarding your most precious data.
Short URL for this post: http
IBM provides advance notification of End Of Support (EOS) dates allowing customers reasonable time to complete software upgrades or to refresh appliance products. To view upcoming EOS dates by product segment, click a link in the list below.
Important EOS Announcement: Effective July 31, 2016 IPS firmware versions prior to 4.6.1 will reach End of Support.
View all IBM Software EOS announcements for 2016 and 2017.
Q: What are the major Support Lifecycle milestones?
A: The major Support Lifecycle milestones are:
Q: How do you determine if your installed software is still supported?
A: Search by product name or keyword using the Supp
Q: What happens when EOS is announced?
A: Often, there is a newer version of the software available for download. In most cases, you’ll have sufficient time to plan for and install the latest version. For more information on the lifecycle stages, including EOS, view this short YouTube video on the IBM
Q: What is the standard version format for IBM Software products?
A: The full product version is expressed by a four-digit code known as the IBM Version, Release, Modification and Fix Level structure, or VRMF. View this Technote for additional information and description of each element. You may also find this Glossary of product support and maintenance terms helpful.
Q: Where can you view additional details on product updates or replacement information?
A: Using the Support Lifecycle Search, search for your product, select View for details and click the EOS announcement link to view Repl
Q: What are your options if you are unable to upgrade or refresh your current products before the EOS date?
A: You can request a Support Extension. Support Extensions are available for Customers who are unable to migrate to a supported version, release or appliance platform prior to EOS. For more information, visit the IBM
Q: How do you stay connected for future product announcements?
A: There are several ways to receive product announcements:
Q: How can you connect with IBM Security on social media?
A: Follow us on Twitter - http
Q: Where can you find more information on IBM Support policies?
A: You can view and download the IBM
The IBM Support Lifecycle Policy sets forth the minimum length of time IBM will provide security content and technical support for a product version and release. Click the applicable product segment link below to view the Support Lifecycle Policy.
Ori Pomerantz has just published a new tutorial on developerWorks describing how to incorporate Google's reCAPTCHA tool into your node.js application running on Bluemix. He shows you step by step how to integrate with the Google service and provides sample code that you can download and use as a starting point for your own projects.
Rahul Relan, Nnaemeka Emejulu, and Parag Gokhale have just published a ne
Ori Pomerantz has written a new tutorial on multi-factor authentication in the context of a node.js application running on Bluemix. If you need a step by step guide that wlks you through a simple example of implementing multifacotr auth, this is a good tutorial for you to check out. One of the added bonuses in this tutorial is that it also introduces you to the concept of risk analysis for deciding when an additional authentication factor is needed. It's a very simple example, but sometimes it's the simple examples that help clarify your thinking the most and give you a starting point for your own code.
Sulakshan Vajipayajula and Ravi Muthukrishnan have just released a ve
Carsten Hagen has updated one of the longest-running and most popular tutorials on the dW security zone:
Using ISAM security appliances to implement context-based strong authentication for website security
Learn how to secure a website with context-based two-factor authentication by integrating and configuring IBM Security Access Manager (ISAM) for Web and IBM Security Access Manager for Mobile. The authors will demonstrate how to use ISAM for Mobile's context-based authorization and one-time password (OTP) interface to enable security architects to apply intelligent stronger authentication access decisions across an organization's website.
If you already have an internal IT infrastructure, it quite likely contains an LDAP server to serve user identities. In many cases, it is best to continue to use that directory, even when your application sits on Bluemix®. In this tutorial , Ori Pmerantz shows you how to do that while describing the basics of the LDAP protocol itself.
When hackers attempt to break into a web application, they usually first map it out by following every link to find all the valid paths. Then, they attempt to enter various invalid values in the input fields to see whether the application suffers from any of the well-known code injection vulnerabilities. In this new tutorial by Ori Pomerantz,, you learn how to detect these attacks. Once you detect them, you can shut down access from the attacking IP address, redirecting it into a slow "tar pit," or perform other actions to become a harder target.
IBM’s XForce team categorizes 800K+ suspect IP addresses in different categories, such as Malware hosts, Spam sources, Anonymous proxies and Dynamic IP addresses along with their geographical location.
Tanmay Shah has just published a new white paper on the security on dW community that describes the IP reputation feature in IBM Security Network Protection appliances and some of the common use cases it addresses.