Keeping up with security

Body

At IBM we often get asked about security vulnerabilities and how our products are impacted. Did you know there is a pro-active step you can take to stay informed? IBM has a community, similar to the Asset Management one, where you can subscribe to security alerts and bulletins. Here you can find IBMs response to all of the things that you may hear of on the news and resources for improving security in your own organization.

Customers and outside organizations report possible issues to IBM and then uses standards similar to the Common Vulnerability Reporting Framework (CVRF) (link resides outside of ibm.com) to communicate information about how these things do or do not impact our products via security bulletins. There is a fine line we need to walk when publishing information – we need to provide enough detail for you to protect yourselves but not so much that we are aiding potential hackers. We also score the risk to help you make an assessment using the Common Vulnerability Scoring System (CVSS) (link resides outside of ibm.com). For more information on the process and to review current bulletins and sign up for future notifications visit the link below.

http://www-03.ibm.com/security/secure-engineering/bulletins.html