With the release of this integration with the IBM Cloud Security and Compliance Center, IBM Cloud further expands its cloud security capabilities, enabling customers to do the following:
In short, Workload Protection is a Cloud Workload Protection Platform (CWPP) that encompasses multicloud compliance and security posture management (CSPM) with threat detection and vulnerability scanning into one solution. Through the capabilities offered, customers can now have a unified view into risk across their infrastructure—be it containers, Kubernetes, or virtual or physical hosts across clouds (including IBM Cloud, Amazon Web Services, Google Cloud and Microsoft Azure). Furthermore, the service provides out-of-the-box rules to verify container and cloud compliance.
Workload Protection helps customers better understand and measure their progress against regulatory standards and leverages CIS Benchmarks for Kubernetes to provide guided remediation tips to help you maintain or quickly re-establish compliance.
Workload Protection ingests data from multiple data sources—including system calls, orchestrator and container audit logs, and cloud logs—to trigger alerts and enrich events with cloud, container and Kubernetes context. Insights from across your cloud environments are collected in a Software‑as‑a‑Service (SaaS) backend residing on IBM Cloud and available via an intuitive web interface to help you prevent, detect and respond at cloud speed:
Workload Protection is built on open standards for cloud-native security and control, including Falco (the open-source standard for cloud threat detection) and Open Policy Agent (OPA) (the open-source standard for Policy as Code).
Workload Protection helps organizations secure and accelerate cloud innovation by providing deep visibility into cloud-native workloads and infrastructure to enable security use cases from source to run, including the following:
To start using Workload Protection, you can create an instance through the IBM Cloud catalog:
For more detailed instructions, see the documentation.
Tip: If you’re working with IBM Cloud resources, you can get started directly in the Security and Compliance Center.
In order to ensure that we are helping you to deliver on your own mission, we’d like to hear from you with any feedback that you might have. To share your questions with us, you can open a GitHub issue from a link at the top of any page in the IBM cloud documentation, open a ticket with IBM Cloud Support or reach out directly through email.
Learn more about the IBM Cloud Security and Compliance Center.