Short URL for this post: http
IBM provides advance notification of End Of Support (EOS) dates allowing customers reasonable time to complete software upgrades or to refresh appliance products. To view upcoming EOS dates by product segment, click a link in the list below.
Important EOS Announcement: Effective July 31, 2016 IPS firmware versions prior to 4.6.1 will reach End of Support.
View all IBM Software EOS announcements for 2016 and 2017.
Q: What are the major Support Lifecycle milestones?
A: The major Support Lifecycle milestones are:
Q: How do you determine if your installed software is still supported?
A: Search by product name or keyword using the Supp
Q: What happens when EOS is announced?
A: Often, there is a newer version of the software available for download. In most cases, you’ll have sufficient time to plan for and install the latest version. For more information on the lifecycle stages, including EOS, view this short YouTube video on the IBM
Q: What is the standard version format for IBM Software products?
A: The full product version is expressed by a four-digit code known as the IBM Version, Release, Modification and Fix Level structure, or VRMF. View this Technote for additional information and description of each element. You may also find this Glossary of product support and maintenance terms helpful.
Q: Where can you view additional details on product updates or replacement information?
A: Using the Support Lifecycle Search, search for your product, select View for details and click the EOS announcement link to view Repl
Q: What are your options if you are unable to upgrade or refresh your current products before the EOS date?
A: You can request a Support Extension. Support Extensions are available for Customers who are unable to migrate to a supported version, release or appliance platform prior to EOS. For more information, visit the IBM
Q: How do you stay connected for future product announcements?
A: There are several ways to receive product announcements:
Q: How can you connect with IBM Security on social media?
A: Follow us on Twitter - http
Q: Where can you find more information on IBM Support policies?
A: You can view and download the IBM
The IBM Support Lifecycle Policy sets forth the minimum length of time IBM will provide security content and technical support for a product version and release. Click the applicable product segment link below to view the Support Lifecycle Policy.
This blog post has been updated and moved to:
I'm very happy to announce a three part series by Ori Pomerantz which shows you how to navigate Facebook's permission model and build an application that can post to a Facebook wall or make other sorts of interactions with Facebook on behalf of a user.
Ori has made his source code available on IBM DevOps Services so you can use his code as a starting point for your own Facebook application.
If you have ever had the need to automate Facebook posts, this article series is for you!
IBM Security Systems has just released a new how-to guide that show how SIEM events generated by QRadar can be used to "automagically" create new rules in Guardium policies and push them out where they need to go.
The solution is called QRGuardium and you can read all abut how to set up this solution guide in this new how-to guide. This guide will be of interest to anyone who wants a more responsive, dynamic data protection policy.
Have you visited the Tech
"I’d like to share some information about a TRS dW Content challenge option that we don’t see many of you taking: developerWorks Recipes.
Creating a dW Recipe is one of the fastest and easiest choices in the TRS program to both contribute technical content AND possibly earn a cash payment.
dW Recipes help developers solve specific problems using IBM products and services. Your Recipe should help developers create something useful, walking them through each part of the process."
Try it today, in three simple steps!
Need inspiration before you begin? Check out this selection of popular Recipes:
IBM Security Guardium® leads the way in providing a monitoring and auditing solution for NoSQL database systems. In this article by Kathryn Zeidenstein and Sundari Voruganti, the authors provide an overview of one popular NoSQL database, Apache Cassandra, and explain how and why Guardium can help organizations protect Cassandra data and automate compliance reporting and sign-offs. This article includes detailed instructions and a sample security policy to help you configure Guardium and extract value immediately.
It's kind of scary to think about all the sensitive data lying around in file system in spreadsheets and documents of various kinds.But it's also quite likely that most organizations haven't really thought about this situation or even taken the time to assess the risk.
Guardium V10 introduces a new product offering, Activity Monitor for Files, which can help you meet compliance obligations and reduce the risks of major data breaches. It provides insight into your document and file content and usage patterns. File activity monitor lets you discover, track, and control access to sensitive files on either local or networked file systems. File activity monitor complements database activity monitoring and leverages the core platform capabilities that exist in the flagship DAM offering. Join this tech talk and you will learn:
I hope you can join us for this discussion on this newest Guardium offering on October 22nd.
In the 3Q
It's a cliche' to say that IT security professionals need to get "proactive" about managing the security risks to their company or organization. If you spend every hour of every day reacting to the latest alerts from your monitoring infrastructure, you're never going to get there.
How do you stay ahead of the emerging threats? Where do you hear about trends in security attacks? What tools do you need? What are your sources of information?
This new information source from the IBM X-Force team will help you and your enterprise research threats, integrate actionable intelligence and collaborate with peers using its global threat intelligence. It's just the sort of clearinghouse you need to plan for tomorrow's security threats instead of reacting to yesterday's.
The IBM X-Force Exchange Team is hosting a live webinar on Wed, Apr 29, 2015 11:00 AM - 12:00 PM EDT.
You can regi
Here's an introductory video:
Comment (1) Visits (2239)
Leyla Aravopoulos, Kenneth Cheung, and William Frontiero have just published a new how-to guide that shows how to use the application import feature of AppScan Source to import a deployed application's binaries into AppScan Source for static analysis. This approach avoids the typical pitfalls of static web application scanning associated with compilation features, missing libraries, etc., while improving application coverage. This how to guide will be of interest to anyone anyone who has faced challenges with traditional configuration of Static Analysis tools.
Lesley Nuttal has just published a new white paper called "IBM
Regardless of whether IBM Security Access Manager (ISAM) has been rolled out in a large or small scale environment, it can be complex to deploy and manage in terms of both technology and processes. Requirements can alter and expand over time, skilled security personnel can move to other projects and capacity and/or performance targets may change, potentially leading to the ISAM Manager deployment being unable to meet current business objectives. To avoid this scenario, periodic health checks are recommended for all customers of IBM Security Access Manager. Regular health checks can help achieve the following:
Every deployment is unique therefore the priorities of such a health assessment may vary. Whether the target is improved performance, ensuring high availability, capacity planning, resolving pervasive issues or verifying if best practices are being used, this document should provide you with effective guidelines for reviewing the health of your ISAM v6.x or v7.x deployment.
I want to make sure everyone is aware of the latest X-Fo
As you might expect, there's a lot of post-heartbleed research and discussion in the report. In the video below, Michael Hamelin discusses some of the key findings in the report:
Many second factor authentication systems can be integrated with ISAM for Mobile. In ISAM for Mobile, the second factor authentication can be considered as an obligation. The obligation handler extension point provides integration with external second factor authentication systems. In this
You might also be interested in....
This whitepaper discusses how with an IBM suite of Intelligence Solutions, Cloud computing can be both attractive and secure.
Download this white paper to learn about:
You know you need to get a better handle on managing the security of your public facing web apps. But what does that mean exactly, how do you elevate your day to day activities that to something that doesn't resemble a chicken running around with it's head cut off? IBM Security Systems has a demo video that will help you think about what web app security management _should_ look like.
This demonstration video follows Steve, IT security manager for an online retailer, as he utilizes IBM Security AppScan® Enterprise to manage application security risk. The video demonstrates how Steve uses IBM Security AppScan Enterprise to review applications' security risk ratings, address PCI DSS compliance requirements, and gain a comprehensive view of application security risk in his organization.
You might also be interested in.....
IBM® Security AppScan® is a leading application security testing suite designed to help manage vulnerability testing throughout the software development life cycle. IBM Security AppScan automates vulnerability assessments and scans and tests for all common Web application vulnerabilities including SQL-injection, cross-site scripting, buffer overflow, and new flash/flex application and Web 2.0 exposure scans.
Appscan provides full coverage of the OWASP Top 10 for 2013. Our solution also includes support for industry-standard Transport Layer Security (TLS) protocol 1.2, and is compliant with Federal Information Publication Standard (FIPS) 140-2 and National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131a.
Download a trial version of AppScan Standard.