Click here for a new Wiki entry introducing a video by Chris Meenan of IBM Security Systems. This video provides an extensive demonstration of the IBM Security QRadar Intelligence Platform.
Security on developerWorks
CalvinPowers 120000A09D Tags:  security infosphere data data-protection guardium 3 Comments 9,848 Views
See below for an announcement from Kathryn Zeidenstein about some new video tutorials on InfoSphere Guardium policies
Hi community members
Back in 2011 or so the lab services team had done a LotusLive education session on policies that was very well received. I have taken the first of these presentations and broken it into 4 modules that are now hosted on the InfoSphere Guardium YouTube channel.
You can find links to all 4 of the modules on this new page on the InfoSphere Guardium community wiki. http://ibm.co/16ATMLO (Must be logged into developerWorks for this direct link to work).
Here are the direct links:
Break out the popcorn!!
Have a great weekend.
Nilesh Patel has just published a new how-to guide on the security on developerWorks community titled "Auto-Assigning QRadar Offenses." This people will be of interest to security admins that have large volumes of QRadar offenses to manage.
Here's the abstract:
In today's dynamic infrastructure world, every organization runs with multiple Line-Of-Business(LOB) such as Network, Application, Platform and so on. The Security Intelligence is the layer which actually seats on the top of all LOB; and the product like IBM Security QRadar, vastly expands the capabilities of traditional SIEM’s by incorporating new analytics techniques and broader intelligence. Unlike any other SIEM in the market today, IBM Security QRadar captures all activity on the network for assets, users and attackers before, during, and after an exploit and analyse all suspected incidents in this context. The IBM Security QRadar notifies a user about 'Offenses', which are a correlated set of incidents with all associated network, asset, vulnerability and identity context. This article explains a solution to automatically assign offenses to QRadar user, who could belong to Security Operation Center(SOC) team or LOB.
Exciting news out of the #IBMSecuritySummit that signifies our journey into the era of #CognitiveSecurity – Watson for Cyber Security is a new version of Watson trained in the language of security and delivered via the IBM Cloud. http://ibm.biz/cognitive_security_w3
Read the blog post over at IBM Security at https://w3-connections.ibm.com/wikis/home?lang=en-us#!/wiki/Wf71b7cc4e557_4105_94e3_cc8d792dbd02/page/Watson%20for%20Cyber%20Security.
You can read more about Cognitive Security here.
Biometric Update recently published a Special Report on Biometrics in Healthcare.
Read about how leading healthcare organizations are migrating to biometric technology.
Leyla Aravopoulos, Kenneth Cheung, and William Frontiero have just published a new how-to guide that shows how to use the application import feature of AppScan Source to import a deployed application's binaries into AppScan Source for static analysis. This approach avoids the typical pitfalls of static web application scanning associated with compilation features, missing libraries, etc., while improving application coverage. This how to guide will be of interest to anyone anyone who has faced challenges with traditional configuration of Static Analysis tools.
Arxan Technologies has posted to their blog about the recent OWASP fnding that lack of binary protection is a "Mobile Top 10 Risk for 2014." Mobile environments are especially susceptible to binary integrity attacks and mobile specific countermeasures are necessary for this growing problem. In their blog post, Arxan shines more light on this problem and the types of strategies a company can put in place to address them.
You might also be interested in....
Defending against malware: A holistic approach to one of today’s biggest IT risks
This white paper will examine the changing strategies that malware has employed in recent years, explain the typical sequence of events that occurs during an attack, and describe how an integrated defense can help keep the enterprise safe from these advanced persistent threats.
CalvinPowers 120000A09D Tags:  access-manager security amp5100 ibmsecurity iam 1 Comment 9,512 Views
Tolly Enterprises recently published their evaluation of the IBM Security Access Manager Proxy AMP 5100 Web Gateway Appliance and their evaluation showed the effectiveness of the AMP5100's capabilities. From the Tolly evaluation:
Tolly engineers evaluated the AMP 5100's effectiveness in blocking the most common threats as defined by OWASP. Tolly found the AMP5100 to be 100% effective in blocking in-line preventable attacks.
Tolly specifically validated the AMP5100is able to prevent all forms of SQL injection attacks, XSS, and broken authentication attacks. The Tolly evaluation goes into more details about the AMP510's ease of use and performance characteristics.
You can download and read the full report to see the details of the Tolly evaluation.
David Jarvis, senior consultant at the IBM Center for Applied Insights discusses the key guidance in IBM's report, "Cybersecurity education for the next generation."
About the report
To understand how cybersecurity academic programs, throughout the world, are evolving-- and in the process identify both challenges and emerging leading practices -- IBM interviewed faculty members and department heads from 15 programs in six different countries. Study participants were selected from over 200 programs followed by the IBM Cyber Security Innovation initiative. To fairly represent a diversity of perspectives, we selected programs from various geographies with varying levels of maturity.
Understanding the Need:
JeroenTiggelman 27000186A5 Tags:  qradar gdpr racf siem z/os disa-stig zsecure security security-intelligence 5,031 Views
Pervasive encryption support extensions for:
* z Encryption Readiness Technology (zERT)
* Integrated Cryptographic Services Facility
* Coupling Facility encryption policy compliance
Extended compliance auditing capabilities:
* Full coverage for RACF Security Technical Implementation Guide (STIG) 6.36
* General Data Protection Regulation support
Integration enhancements for:
* Micro Focus ArcSight
* IBM Security QRadar SIEM
Details can be found on zSecurity Community Blog in this entry by Jeroen Tiggelman.
JeroenTiggelman 27000186A5 Tags:  z14 qradar security-intelligence security z siem compliance zert z/os gdpr icsf zsecure 7,710 Views
A Service Stream Enhancement to zSecure 2.3.0 has been released.
Extended security intelligence capabilities:
* Security Information and Event Management feed without the need for SMF log streams
* additional data set encryption, Integrated Cryptographic Services Facility, and z Encryption Readiness Technology events
Additional pervasive encryption support:
* key labels for migrated/backup data sets
* auditing Coupling Facility structures
More compliance features:
* sensitivity tagging ease of use features
* sensitivity type for the General Data Protection Regulation
You can find details on the Service Management Connect - System z blog, in this entry.
JeroenTiggelman 27000186A5 Tags:  z compliance security acf2 zsecure siem zert db2 z/os security-intelligence qradar cics 9,295 Views
A Service Stream Enhancement to zSecure 2.3.0 has been released.
This provides enhanced ACF2 support:
* analysis of protection of CICS transactions
* mapping of z/OS UNIX UIDs and GIDs to ACF2 logonids and groups
* user interface extensions (divisions; installation defined LID fields)
And enhanced compliance features:
* easy checking of individual DB2 object permissions
* automatically tagging data sets with multiple sensitivities
* reporting improvements
And more zERT connection encryption data is sent to IBM QRadar SIEM
You can find technical details on the Service Management Connect - System z blog, in this entry.
It's been a whirlwind this past year for me as I managed the developerWorks Security hub. As we close out 2017, I thought I'd post here on all the stuff you might have missed out on:
If you are interested in writing for developerWorks Security for 2018, please email me at firstname.lastname@example.org.
JeroenTiggelman 27000186A5 Tags:  z/os analytics zsecure z14 mfa security-intelligence siem z ioaz db2 icsf cics zert disa-stig security 11,104 Views
It provides currency support for z/OS 2.3 and RACF:
* policies for pervasive encryption of data with key labels
* connection protection with z Encryption Readiness Technology (zERT)
* extended reporting for Integrated Cryptographic Services Facility
* extended multi-factor authentication (MFA) options
It extends security intelligence and analytics capabilities:
* a zSecure Alert feed to HPE Security ArcSight
* a zSecure Admin Access Monitor feed to IBM Operations Analytics for z Systems
It provides currency support for:
* Db2 12
* Security Technical Implementation Guide (STIG) 6.31
Details can be found on the Service Management Connect - System z blog
in this blog entry by Jeroen Tiggelman.
Jina Kim 310000Y5H7 Tags:  tv json security revoke dwtv jwts tokens event live coding developerworks web 10,284 Views
JSON Web Tokens (JWTs) are a popular option in the authentication space, but there are some inherent risks. While you gain flexibility by using a JWT, you lose the ability to revoke a token once it’s issued. To minimize the time between an administrator locking a user account and the time at which a previously issued token expires, the JWT should be short lived. This time window, while designed to be brief is a common security concern. Traditional solutions to this problem defeat the benefits of using a portable identity. Inversoft has come up with a novel way to solve this issue in a complementary method. Brian Pontarelli will cover how to implement this JWT revoke strategy to reduce the vulnerability window.
Missed the live coding event? See the replay here: https://developer.ibm.com/tv/learn-how-to-revoke-json-web-tokens/