IBM Support

IBM MaaS360 Enhances Threat Management Features

Release Notes


IBM MaaS360 is making enhanced Threat Management Features available to customers. IBM MaaS360 modernizes existing Threat Management and Security Dashboard workflows by adding new detection capabilities, and responses in addition to near real-time processing of Threat Incidents and a new Security Centric policy.


  • New Detection Capabilities: SMS and Email Phishing, Excess App Permissions (Android), Windows, and Mac User & Privilege Detections.
  • New Endpoint Security Policy: A central policy to control and configure event detection and responses.
  • New Security Dashboard, Analytics, and Integration: Near Real-time processing and viewing of user and device risk and threat events.
  • Enhanced Processing and SIEM/SOAR Support: A new Security API that provides near real-time threat telemetry to broaden response and runbook processes.
  • Mobile Threat Telemetry Integration: Ingest 3rd party mobile threat telemetry and enrich with UEM device and user context.
Technical information and details, are located in the IBM Documentation repository here
Migration Information
The Endpoint Threat Management offering will be available to existing non-federal customers in a phased rollout. The migration rollout will start on 7 October 2022 and run through the end of November 2022.
The impact of the migration is based on services that are already configured in customer's MaaS360 account:
               Before migration            Services impact after migration
  • Threat Management - Yes
  • User Risk Management - No
  • Threat Management - Yes
  • User Risk Management - Yes
  • Threat Management - No
  • User Risk Management - No
  • Threat Management - No
  • User Risk Management - No
  • Threat Management - Yes
  • User Risk Management - Yes
  • Threat Management - Yes
  • User Risk Management - Yes


  • The new Threat Management features are not FedRamp Certified currently and as such are not available to US Federal customers.
  • Customers that require FedRamp Certification must not enable the new features. Instances that are used by US Federal customers have been blocked from enabling the new features.
  • FedRamp Certification of the new features is in process. Further communication to be provided when the certification is completed.
  • If you believe your portal is blocked in error and you would like to enable the ability to use the new features, contact Customer Service.
  • Customers who previously enabled User Risk Management under Setup -> Services in the MaaS360 portal will go through a migration process in the October 2022 timeframe.
  • After the migration, the new Security Policy and Event Processing features will be available in your portal.
  • The User Risk Management migration process results in previous Incident Event History to be lost.

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSXX","label":"IBM MaaS360"},"ARM Category":[{"code":"a8m3p000000LPP4AAO","label":"N\/A"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
07 October 2022