郑磊:IBM安全漫谈

郑磊
熟悉安全产品技术特点,十余年售前工作经验。
熟悉安全体系,从大型系统集成商,到外企厂商。
扎根销售一线,紧贴用户需求,持续跟踪市场变化。
对新兴技术有浓厚兴趣,关注并长期接触新技术公司

大家好,在今年初的时候接到这篇命题作文,讲讲自己对IBM安全的观察和理解,思前想后,想来想去,一下就想了好久,导致这篇文章讲的过于零碎,就难免导致文章结构乱糟糟,断断续续的写了好久,可能读起来还是有点痛苦。这里,感谢大家理解。因为,个人工作视角受限,不可能通盘考虑太多,因此,这里仅代表自己的所见。

郑重声明,本文所涉及内容及信息均来自 IBM 公司网站的公开发布信息。

撰写本文仅作为个人学习兴趣及研究,所述内容与本人服务的组织无相关联关系。

前言:

在2016年的一次安全圈活动中,在演讲中介绍过百年老店的安全架构演进。截止到2021年已经110岁的IBM公司,是如何设计和构建安全的呢?IBM以方法论和运营经验见长。因此,还是有很多年长的工程师,通过看红宝书来学习和观察 IBM 的方法论。
当时有将本红宝书的内容进行一些简短的展示。sg248100 IBM Security Framework and IBM Security Blueprint http://www.redbooks.ibm.com/redbooks/这本书很多人推荐,虽然老旧但是有种经典永流传的感觉。

文章开篇从公司安全开始,到业务安全,安全业务。这里,我也思考很久。安全和业务的关系不能是割裂的,所以,在谈到 IBM 安全需要从多个角度和维度进行介绍。文章里面的中文不是很多,很多内容都原汁原味的保留英文版本,并不是要炫耀英文,只是想留下这些词汇的原始概念,方便大家理解。当然,我是说中文的,欢迎大家面临和沟通,相互学习共同成长。

开篇部分:

这家成立于1911年的老牌外企,拥有大型机(Z系列计算机),那么Z的安全由谁来保证呢?IBM 提供Zsecure安全套件和红队的渗透测试服务。好像这里只是技术层面,大家可以看看红宝书 Z 的专刊。

IBM 目前同时运营云服务及 AI(人工智能)等相关产品,这些产品的安全是如何保障?

IBM 做为一家国际化的公司,自身的企业安全和数据,隐私,合规是如何工作的呢?

IBM 做为一家提供共有云服务的公司是如何实现自身的安全?
IBM 做为一家安全公司,如何实现安全咨询,产品及服务?

带着这些问题,我开始准备本篇文章,同时进行一定程度的介绍和总结。

我们从一个技术人员的视角,由外到内,慢慢展开。

目前IBM在全球数十万万员工,分布于全球多个国家。负责IBM安全的部门也非常繁杂。除律师职位,有负责内部安全的,有负责IBM对外提供产品安全的,也有IBM Security负责对外销售安全产品和服务的部门,在GBS和GTS还有专业的安全咨询和服务管理团队。

第一部分 公司安全:

这里先丢出来一个网站,https://www.ibm.com/trust ,这里,我就先把这个网站好好研究一下。IBM Trust Center–Protecting our customers and business with security and privacy practices。

网站里面讲述 IBM 如何保护公司的客户和业务方面安全和隐私。

这个网站有两个大的分支,两大板块为,安全和隐私。

IBM公司安全

https://www.ibm.com/trust,首页主要讲述,IBM是如何履行承诺,用于保护数据,以及维护企业、产品和服务的安全和隐私。包括有关IBM内部IT安全管理计划、隐私框架以及产品和服务的行业标准的相关信息。

IBM Business Conduct Guidelines 这项主要对员工商业道德和遵守法律进行要求。划重点。Principles of business ethics and lawful conduct for all employees

IBM 对员工的诚信负责体现在公司的方方面面,Integrity and Compliance是这家百年企业的一个要素。Integrity and compliance are vital to IBM’s success.

https://www.ibm.com/investor/att/pdf/IBM_Business_Conduct_Guidelines.pdf

IBM Corporate Responsibility 企业责任

Pursuit of the highest standards supporting and empowering employees, working with customers and suppliers, and governing our company. 可以查看2020 年 IBM企业责任报告https://www.ibm.org/responsibility/2020

IBM Principles for Trust and Transparency 诚信和透明的原则

Core principles for handling client data and insights, and building trust in AI and emerging technologies.

IBM AI Ethics 人工智能伦理学

Embedding ethical principles into AI applications and processes to build systems based on trust.

https://www.ibm.com/artificial-intelligence/ethics Trusted AI 这里我们略过。

IBM Security and Privacy by Design (SPbD@IBM) 在 IBM 产品中安全和隐私的安全设计 Designing security and privacy into the core of IBM products. https://www.ibm.com/trust/security-spbd

设计安全部分在 IBM 产品和内部都有很详细的培训和指导,从设计开始就要考虑安全和隐私合规。这里从设计开始就将安全设计考虑进入,是业界普遍的做法和最佳(良好)实践。

https://www.ibm.com/trust/security-psirt

PSIRT Product Incident Response Team (PSIRT) 产品应急响应团队 提供产品级别的安全响应和处置。Product DevSecOps & Compliance Product Security Operations 还提供报告漏洞的联系方式和途径。

https://www.ibm.com/trust/security-psirt-securitybulletins
Bulletins 通告(公告)是同客户进行沟通和漏洞通知的渠道和工具。在IBM对产品进行分析并发布修复和/或缓解措施之前,IBM不会公开披露或确认安全漏洞,IBM将配合客户修补或者缓解漏洞风险。

用户可以通过订阅来查看当前已知漏洞,包括 Z 系列产品(需认证帐户)。https://www.ibm.com/blogs/psirt/

IBM Secure Engineering Practices 安全开发的良好实践,看起来没什么特别之处,评估,测试,审查。Threat Assessments, Security Testing,Release Review.

IBM Privacy
IBM对数据隐私承诺和管理

Commitments to data privacy and how you can manage your privacy preferences.

https://www.ibm.com/trust/privacy

网站有 IBM Chief Privacy Officer的一段文字,讲到key privacy policies and principles。
隐私保护和合规在外企看来隐私如同公司信誉一样重要,因此,从内到外,从上到下,格外关注和重视。
网站内容罗列如下:

IBM Privacy Statement

Data Privacy Policy

IBM Principles for Trust and Transparency

IBM Controller Binding Corporate Rules for your Personal Information

IBM Controller Binding Corporate Rules for employees

IBM Corporate Responsibility Reports

网站最下面有介绍一些产品和服务,IBM Privacy Products and Services.大部分都是咨询和顾问服务。

还有大家最关心的 GDPR 的内容,https://www.ibm.com/data-responsibility/gdpr/The IBM GDPR Framework 有五个阶段,Assess,Design,Tansform,Operate,Conform.
IBM GDPR Path way 详细介绍IBM 是如何针对性的部署和实施。
IBM Pathways for GDPR Readiness https://www.ibm.com/downloads/cas/QE2NL4GP
IBM Privacy Portal. https://www.ibm.com/privacy/portal/cn-zh 可以用 IBMID 登陆查看个人档案,这里可以查询到已经订阅和使用的产品,个性化服务,查看个人档案。访问 IBM 隐私门户网站以访问并更正个人数据和首选项。
https://www.ibm.com/privacy 这里是 IBM 隐私声明清单,感兴趣可以自己去看看。

IBM Data Privacy
数据隐私,这几年数据安全和数据隐私是行业热点话题。

Data Security and Privacy Principles – IBM

https://www-03.ibm.com/software/sla/sladb.nsf/pdf/7745WW2/$file/Z126-7745-WW-2_05-2017_en_US.pdf

Privacy Baseline 国际化公司需要应该多个国家的相关法案。https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-365-apps-for-enterprise-v2104/ba-p/2307695

同第三方合作的免费课程,有兴趣可以去学习一下英语。
IBM Data Privacy for Information Architecture

https://www.coursera.org/learn/ibm-data-privacy

IBM Enterprise IT Security

IBM企业 IT 安全制度,这里有详细的模块和组件介绍。

Principles necessary to protect our enterprise.
为保护 IBM 的企业安全,都有哪些要素和关注方面呢?

这个部分大家可以看做是 IBM 内部 IT 安全的一个总览或者简介。

https://www.ibm.com/trust/security
IBM has an enterprise-level, IT security management program, including policies, practices, controls, employee education, incident reporting, and reviews, that endeavors to mitigate the risk of loss and misuse of IBM critical information and help prevent the disruption of IBM’s business operations.
这段内容,强调 IBM 安全体系服务于 IBM 的安全运营,这里剧透一下 IBM 还拥有 BISO (Business Information Security Officer) 的职位,有专职的业务安全官,负责对业务安全保障。(https://newsroom.ibm.com/index.php?s=34178&item=31829) 这里是 BISO 的专访。

compliance and business continuity 在合规和业务可持续性方面,BISO 的责任也灰常的大。
The program takes a broad range of potential security risks into consideration such as, technological, human, and natural. The program’s structure is influenced by several industry security standards and frameworks, such as National Institute of Standards and Technology (NIST) and International Organization for Standardization (ISO).

这里介绍基于安全风险去考量技术,人和自然,当然也有行业标准和框架,比如参考 NIST 和 ISO。
IBM Chief Information Security Officer, CISO有一段内容来介绍,最后讲到保护 IBM 和 IBM 客户数据。
Security Principles for Protecting Our Enterprise 保护企业安全的原则部分如下:

· Data and Asset Classification and Protection 数据和资产的识别和保护

· Asset Management 资产管理

· Access Control 访问控制

· Use of Encryption 使用加密

· Operations Security 运营安全

· Network Security 网络安全

· Physical and Environmental Security 物理和环境安全

· Supplier Management 供应链安全

· Security Incidents 安全事件(incident)

· Compliance and Certifications 合规和认证

· Security and Use Standards for IBM Personnel 安全和使用标准对人员

· Organization and Governance 组织和治理

IBM Cloud Compliance Programs
IBM云环境合规

IBM Cloud infrastructure and IBM Cloud Platform-as-a-Service (PaaS)
https://www.ibm.com/cloud/compliance
这个网站有 IBM 云基础架构和云服务所有经过认证和评估的报告合集。
https://www.ibm.com/cloud/compliance/global
https://www.ibm.com/cloud/compliance/government
https://www.ibm.com/cloud/compliance/industry
https://www.ibm.com/cloud/compliance/regional

其中 CIS® IBM Cloud Foundations Benchmark NIST,CSA, ISO, SOC,等标准都是 IBM 安全建设的依据和参考标准。

IBM Terms标准条款

https://www.ibm.com/support/customer/csol/terms/#此站点包含可在线访问和查看的 IBM 标准条款。
下面是此站点上保存的标准条款的汇总列表:

《IBM 客户关系协议》(CRA) 是购买大多数 IBM 产品时会使用的一种协议。

CRA 系列协议通过仅提供支持所购买产品所需的条款, 使客户能够灵活地购买一组特定的产品。CRA 系列协议包括但不限于《云服务协议》(CSA) 和 CRA – 服务。

CRA 系列协议的附件。如果客户将其中一种 CRA 系列协议用于仅涉及特定产品的先前交易, 并在后来选择扩展其 CRA 系列协议的条款以便涵盖其他产品, 那么他们可通过在需要时添加包含这些补充条款的附件来实现此目的。

《IBM 数据处理附录》(DPA) 和《有限保证声明》(SoLW) 以及 要求满足特定法规、法律和产品特定需求的其他标准。

可以使用过滤功能,通过选择相应的类别、国家或地区和语言来查看特定内容。
IBM 数据安全性和隐私原则,数据安全性和隐私 (DSP)
IBM Server Workload Protection 文档类型: IBM 安全性产品支持与维护
IBM Security Services Managed Security Service 系列文档,大家可以自己去网站查看,部分文档有中文版本。
至此, IBM Trust Center 这个网站的信息就差不多分享完成,中间有跳过和漏过一些内容,烦请自行完善。

IBM Research
https://www.research.ibm.com/blog?tag=security

https://www.research.ibm.com/blog/integrity-shield-for-kubernetes

IBM 研究院也有专门进行安全研究的人员,不过我能看懂的不多,哈。大家自己看看吧。

至此,第一部分看完,虽然有点走马观花的感觉,但是细细品味一下,有很多都是简单易懂的安全原则和战略目标。
很多时候,架构和管理,战略和原则,都是大道至简的感觉。比拼的还是落地实现能力。

下面一章,我们开始看看有那些安全技术用于保障 IBM 公司的业务。业务是公司生存的土壤,安全一直如此重要。

第二部分 业务安全:

IBM 云安全

https://www.ibm.com/cloud/learn/security
https://www.ibm.com/cloud/security

云安全能力建设:

Security and compliance management 安全合规管理
https://www.ibm.com/cloud/security-and-compliance-center
Data security 数据安全
https://www.ibm.com/software/sla/sladb.nsf/sla/dsp

Privacy IBM 2020 Law Enforcement Requests Transparency Report
https://www.ibm.com/downloads/cas/DAGAKDJG

IBM Cloud 提供如下云安全功能:(其实真不算多哦)
Manage access 访问管理 身份管理

IBM Cloud offers identity and access management capabilities designed to strengthen compliance management and reduce risk in today’s cloud environment.

IBM Cloud App ID

IBM Cloud Identity Connect

Protect data 数据保护功能

IBM Cloud 为保障数据安全提供硬件及密钥管理技术。

IBM Cloud Hyper Protect Services https://www.ibm.com/cloud/confidential-computing 机密计算

IBM Cloud Hardware Security 硬件安全 https://www.ibm.com/cloud/hardware-security-module
IBM HSM 7.0 能支持FIPS 140-2 Level 3 compliant 硬件密钥存储和加密操作

IBM Key Protect 密钥保护 https://www.ibm.com/cloud/key-protect 密钥生命周期管理

IBM Cloud Data Shield https://www.ibm.com/cloud/data-shield 为容器工作负载提供“数据使用中”保护。支持 Intel SGX 和enclaves可信环境在云环境及容器中执行程序。

IBM Security Guardium Data Encryption Guardium 数据加密

Gain visibility 安全可视化 证书管理 活动追踪

IBM Cloud has built-in capabilities to provide you with the visibility you require. Enable and proactively monitor security intelligence across your hybrid cloud deployments.

IBM Cloud Security Advisor https://www.ibm.com/cloud/security-advisor 安全一体化仪表板

IBM Cloud Certificate Manager https://www.ibm.com/cloud/certificate-manager

IBM Cloud Activity Tracker https://www.ibm.com/cloud/activity-tracker

IBM Cloud Security and Compliance Center IBM 云安全和合规中心

云安全和合规中心,提供一站式管理云平台的安全和合规。

https://www.ibm.com/cloud/security-and-compliance-centerhttps://cloud.ibm.com/docs/security-compliance?topic=security-compliance-getting-started (文档中心)
目标,达到持续安全和合规,提供仪表板,

Automate security and compliance postures 自动化安全和合规

Enable configuration governance 开启配置治理

Detect vulnerabilities and threats 检测漏洞和威胁

功能列表:

Configuration rules 配置规则,IBM cloud 有提供规则供参考和使用

Predefined profiles

Custom profiles

Insights

Reports

Custom tools

很遗憾,我也没有特别多的使用经验,也是主要以看视频为主。有机会再深度琢磨一下。https://www.ibm.com/support/customer/csol/terms/#

terms 我们这里就不多说,这个网站可以直接看到各种条款的文档,部分有中文。

IBM Data Security and Privacy Principles

https://www-03.ibm.com/software/sla/sladb.nsf/pdf/7745WW2/$file/Z126-7745-WW-2_05-2017_en_US.pdf
文档比较详细,可以下载回去,看看云服务的原则和基本条款。
在云环境的数据安全话题,是云安全的永恒话题,
IBM 通过一系列产品和解决方案保护云数据安全。
https://www.ibm.com/cloud/smartpapers/securing-data-in-the-cloud/

· 管理和保护数据-数据是企业最有价值资产

· 数据所在位置很重要-经常被忽视的位置信息

· IBM全球云数据中心

· 安全和快速移动数据

· 云提供商必须承诺致力于其客户数据的安全和隐私

这里有部分是产品和功能的介绍,我们就先暂时忽略。
https://www.ibm.com/cloud/compliance 合规介绍网站内容很多,在前一章有简要介绍。
网站可以看到 IBM 云基础架构和云服务所有经过认证和评估的报告合集。
https://www.ibm.com/cloud/compliance/global 针对全球运营的认证和评测 (CIS CSA ISO SOC)
https://www.ibm.com/cloud/compliance/government 针对政府监管(US)
https://www.ibm.com/cloud/compliance/industry 针对全球行业监管
https://www.ibm.com/cloud/compliance/regional 针对全球地区法规要求

https://www.ibm.com/cloud/privacy 云环境的隐私保护

推荐对机密计算感兴趣的朋友,看看这个网站。
https://www.ibm.com/cloud/confidential-computing
机密计算服务均有硬件 TEE 可信执行环境。trusted execution environment (TEE).
IBM Cloud® Data Shield 支持容器应用安全支持 Enclave 在 TEE 可信环境执行。

IBM Cloud® Hyper Protect Crypto Services HSM 平台密钥管理

IBM Cloud® Hyper Protect Virtual Servers 基于 Linux 虚拟机的TEE 运行环境,内存保护,Data-at-rest and data-in-flight数据加密。

IBM Cloud® Hyper Protect DbaaS 数据库服务支持 MongoDB PostgreSQL 在 Linux one 平台

IBM® Secure Execution for Linux 安全加固 Linux 在 TEE 可信环境执行 https://www.ibm.com/downloads/cas/O158MBWG

IBM云安全Resource

资源页面提供 安全开发及架构设计的相关资料。
https://www.ibm.com/cloud/security/resources
https://www.ibm.com/cloud/architecture/architectures/securityArchitecture
https://www.ibm.com/cloud/learn/grc (Governance, risk and compliance services)
治理,风险,合规

应用开发安全相关资料

https://cloud.ibm.com/docs/solution-tutorials?topic=solution-tutorials-extended-app-security
https://cloud.ibm.com/docs/solution-tutorials?topic=solution-tutorials-cloud-e2e-security

https://cloud.ibm.com/docs/solution-tutorials?topic=solution-tutorials-multi-region-webapp

Blog:
https://www.ibm.com/cloud/blog/security
Learn:

https://www.ibm.com/cloud/learn/security
https://www.ibm.com/cloud/learn/devsecops

IBM云安全架构:
云架构设计

https://www.ibm.com/cloud/architecture
Design your solution using decision guides,IBM给出很多有建设性的架构设计,有空可以去看看。

页面有详细讲解 IBM Security 是如何理解和建议的云安全架构,在云服务不同的层面,安全关注的细节也不相同。
https://www.ibm.com/cloud/architecture/architectures/securityArchitecture

在云上的安全,IBM 更多强调 control,有很多云原生和云上的安全控制点。Security in the cloud 和 Security on the cloud,是云原生和第三方安全不同的视角和效果。
我们需要带着那些私有云和数据中心里面的已经在使用的系统和认证。我们需要在混合云环境进行安全架构设计。数据,那些重要和关键的数据在那里,那些应用程序是在云中的 SaaS 和私有云环境。
特别是在混合云环境下,安全的持续性控制从私有云到公有云,在混合云环境下,我们安全的控制颗粒度和策略一致性,在多云混合架构下,安全架构需要从架构上特别关注和思考。

在混合云环境下, 云原生安全+云安全解决方案形成立体安全防护体系,在云里(in the cloud) 和云上 (on the cloud),不同的业务形态带来不同业务安全风险。
云安全概念,连接,保护,管理,现代化,这四个组件是构成 IBM 安全的重要组成部分。
align, protect, manage, and modernize components.
IBM Cloud Pak® for Security,我们后面单独讲这个产品。

· A conceptual architecture for cloud security 云安全架构概念

· Align your security strategy to your business 连接安全战略到业务 为当前业务评估安全风险。

· Protect your critical digital assets 保护您的关键数字资产

· Manage your security detection and response 管理安全检测和响应

· Modernize your business offerings and your entire security program. 现代化的业务提供和安全程序

安全架构在管理监测和响应部分,混合云和其他环境下的安全都可以共享当前安全架构体系。

现代化的安全架构在Risk 风险管理 ,SOAR 安全自动化编排与响应,UBA 用户行为分析 ,Threat Intelligence威胁情报。
IBM 给出IBM Cloud Pak for Security解决方案。(在后面详细讲述)

IBM Security reference architecture 安全架构指南
https://www.ibm.com/cloud/architecture/architectures/securityArchitecture/IBM Security Architecture 给出非常详细的设计和经验分享。

https://www.ibm.com/cloud/architecture/architectures/securityArchitecture/reference-architecture

云应用安全架构,Security architecture for cloud applications
https://www.ibm.com/cloud/architecture/architectures/securityArchitecture/related-arch

Code patterns 网页有很多,模式介绍,使用指南,培训系列。网页 link 如下。
https://developer.ibm.com/patterns/category/security/
https://developer.ibm.com/series/category/security/
https://developer.ibm.com/tutorials/category/security
Security constituent architectures 安全架构构成,这里面每一项都有图片,欢迎参观。
https://www.ibm.com/cloud/architecture/architectures/securityArchitecture/related-arch
https://www.ibm.com/cloud/architecture/architectures/secure-data-and-compliance-solution
Multicloud identity and access management architecture 多云环境下的身份和访问管理架构
Network security architecture 网络安全架构
Application security architecture 应用安全架构
Data security architecture 数据安全架构
Secure DevOps architecture 安全开发架构
Security monitoring and intelligence architecture 安全监控架构

Security policy and compliance architecture 安全策略和合规架构

Physical security architecture 物理安全架构
虽然这里都是架构的设计图片,但是有一些知识和经验还是可以借鉴的,有空多看看。
https://cloud.ibm.com/docs
在线文档:

IBM 金融云安全

https://www.ibm.com/cloud/financial-services

IBM 金融云提供预定义控制规则,机密计算,数字化供应链。

Pre-configured controls
Confidential computing
De-risking the digital supply chain

IBM金融云有两个特点,在设计之初就是 NIST 的标准和行业监管的控制点 control point。
https://www.ibm.com/cloud/learn/nist-cybersecurity-framework
https://www.ibm.com/cloud/learn/security-controls

IBM Cloud for Financial Services solution. The following services are required for a validated architecture when using IBM Cloud™ Virtual Private Cloud services.

IBM Cloud Activity Tracking (requires the use of IBM Cloud Object Storage)

IBM Cloud Application Load Balancer for VPC

IBM Cloud Flow Logs for VPC

IBM Cloud® Identity and Access Management

IBM Cloud Object Storage or IBM® Cloud Block Storage for Virtual Private Cloud

IBM Cloud Transit Gateway

IBM Cloud™ Virtual Private Cloud

IBM Cloud Virtual Private Endpoint (VPE) for VPC

IBM Cloud Virtual Private Network (VPN) for VPC or IBM Cloud Direct Link (Connect and Dedicated 2.0)

IBM Hyper Protect Crypto Services

Red Hat OpenShift on IBM Cloud or IBM Cloud™ Virtual Servers for Virtual Private Cloud

Security 部分虽然安全产品不算多,但是整个金融云的合规和安全标准确是最严格的

Be secure at the source leveraging Keep-Your-Own-Key (KYOK) and in control of your security and compliance profiles.

IBM Cloud® Hyper Protect Crypto Services (TEE) https://www.ibm.com/cloud/data-shield

IBM Cloud® Security and Compliance Center
行业最佳实践及监管最新要求。推荐看看下面的网站。
https://www.ibm.com/cloud/learn/nist-cybersecurity-framework
https://www.ibm.com/cloud/learn/security-controlshttps://www.ibm.com/cloud/architecture/architectures/security-policy-and-compliance-arch
https://www.ibm.com/cloud/architecture/architectures/secure-data-and-compliance-solution

IBM Cloud for Financial Services Ecosystem

这里,再多提一句,金融云的商业生态建设发展很快,已经在 2021 年 6 月份突破 100 家合作伙伴。

IBM Cloud for Financial Services Reaches Milestone with 100+ Ecosystem Partners
https://www.ibm.com/cloud/blog/ibm-cloud-for-financial-services-reaches-milestone

IBM Cloud Framework for Financial Services 金融云框架及白皮书

https://www.ibm.com/downloads/cas/JYB6MQRB推荐大家抽空,看看这部白皮书。书中有仔细细致介绍,IBM cloud 在金融云服务的出发点和合规考虑。从技术发展背景,监管压力和风险所有权做为监管机构的首要任务;利益攸关人的实际视角和立场出发,不同业务视角的不同需求;关键的监管要求和金融行业基础框架;不同国家和地区的合规要求;梳理和介绍 IBM 金融云服务的责任分工。

持续合规驱动Compliance-as-Code

想要一套完善的架构,需要能支持未来很多年的监管和策略变化,合规和监管要求不断的变化下,持续改进和完善架构。

云计算弹性 (备份和灾备)
https://www.ibm.com/cloud/architecture/architectures/resilience

IBM Infrastructure security 基础架构安全
一提到,基础架构安全,很多人会想到很多网络安全产品。这里 IBM 还是依托硬件产品和服务保障基础架构安全,毕竟在主机(大型机)和小型机,以及存储领域 IBM 还是有一些技术储备和优势。
特别是在混合云架构下,那些关键数据(皇冠上的明珠)还需要在可靠的环境进行运算和存储。

https://www.ibm.com/it-infrastructure/solutions/security

Secure IT for hybrid cloud 混合云的安全

Build your enterprise hybrid cloud strategy with trusted platforms.https://www.ibm.com/it-infrastructure/solutions/hybrid-cloud
https://www.ibm.com/it-infrastructure/z/technologies/pervasive-encryption

Mainframes for security 主机(大型机)的安全
https://www.ibm.com/it-infrastructure/z/capabilities/enterprise-security

Trusted Execution Environment (TEE). 机密计算

https://www.ibm.com/cloud/learn/confidential-computing
IBM 是Confidential Computing Consortium (CCC)的重要成员。Intel SGX (Software Guard Extensions)
这里,篇幅有限,可信计算环境这块,我们略过,详情大家可以去看国内的可信计算相关发展情况。

Confidential computing and IBM Cloud
IBM Cloud® Hyper Protect Crypto Services
IBM Cloud HPC Cluster
IBM® Secure Execution for Linux https://www.ibm.com/cloud/hpc
IBM Cloud Data Shield https://www.ibm.com/cloud/data-shield

存储安全

https://www.ibm.com/products/data-protection-and-recovery这里也推荐一本红宝书,针对安全事件管理的关联分析能力在安全事件发生后,快速恢复业务数据。

Enhanced Cyber Resilience Threat Detection with IBM FlashSystem Safeguarded Copy and IBM QRadar

Blueprint Published 13 August 2021

http://www.redbooks.ibm.com/redpapers/pdfs/redp5655.pdf

第三部分 安全业务:

开篇还是先推荐一个网站,这个网站汇聚 IBM Security 大部分的文章和资料。
https://securityintelligence.com/

IBM 安全产品
https://www.ibm.com/security 官网
https://www.ibm.com/cn-zh/security (中文网站)

IBM Security (独立的BU business unit)
https://www.ibm.com/security/products
网站上有IBM Security产品目录,这里我们略过,不做产品方面的介绍。
这里,仅针对 Cloud pak for Security 进行一个分析,之前有好几位朋友表示没看懂这个产品的特点。

IBM Cloud Pak for Security(之前提过两次后面会有详细介绍,那这里我们详细介绍一下)

支持 OpenShift 部署 Use pre-integration with Red Hat® OpenShift® to deploy on premises or on cloud.

Cloud Pak for Security 这个名字比较难理解,这里我们把产品功能简单做个总结。
首先,这个产品可以是 SaaS 方式部署和私有云部署两种场景。支持混合云环境,将公有云和私有化的安全相关数据汇集,汇聚其它第三方安全产品数据及功能,实现威胁和风险管理。简单理解为统一管理门户,one console 的感觉。

A unified dashboard across threat management tools 支持威胁情报仪表板(威胁一览)。

The ability to run federated search across all connected data sources, with IBM Security Data Explorer

Data Explorer 模块可以将 Cloud Pak for Security 的所有已连接数据源进行搜索和展现。

The ability to gain tailored threat intelligence, with IBM Security Threat Intelligence Insights
利用威胁情报服务能力,有针对性的讲这些安全事件,安全日志综合进行威胁分析和洞察。
The ability to create custom incident response playbooks and orchestrate incident response, with IBM Security SOAR  这里就是 SOAR 部分,支持安全事件的响应剧本和自动化编排事件响应。

The ability to protect and defend the environment using QRadar advanced threat management capabilities 支持利用 Qradar 的高级威胁能力,支持 Qradar on Cloud 。

EDR 能力和 MDR 能力的对接,这里补充一点, Cloud Pak for Security 支持将第三方安全产品对接入平台,比如终端检测与响应的 EDR,甚至 MDR 那些托管的终端服务,还有组织在内部已经使用的一些安全平台和态势感知平台,都可以进行数据汇总。目前更多强调从威胁统一分析的角度进行汇总管理和处置。

帮助企业客户做到基于风险的检测和更快速的事件响应能力。

到这里,产品部分,我们就此打住。

IBM Security+IBM Security Services 安全产品和服务在一起,目前 Security Solution 分两大类,Threat Management,Digital Trust。

下面再从 solution 的角度展开。

https://www.ibm.com/security/solutions

Align,Protect,Manage, Modernize

· Protect Identities and Apps +Protect Client Data

· Modernize Threat Management and Operations

IBM Security solutions 解决方案部分

· Security platform

· Data security https://www.ibm.com/security/data-security/guardium

· Identity and access management https://www.ibm.com/security/identity-access-management

· Services

· SIEM

· SOAR https://www.ibm.com/security/intelligent-orchestration

Zero Trust
https://www.ibm.com/security/zero-trust

IBM Security at Cloud +IBM Security at SaaS

IBM Security QRadar® on Cloud SaaS 版本的 Qradar 产品。

IBM Security Verify 提供 MFA ,One time password,app 认证。

IBM Cloud Pak for Security (IBM Security SOAR) 目前 SaaS 版本的 Resilience 已经集成。

https://www.ibm.com/products/cloud-pak-for-security/threat-intelligence-insights
https://www.ibm.com/products/cloud-pak-for-security/data-explorer

https://www.ibm.com/products/cloud-pak-for-security/soar

IBM 安全咨询
全球咨询和服务部门,目前提供Strategy and Risk,Security Strategy等咨询服务。

https://www.ibm.com/services/consulting

车库IBM Garage Methodologyhttps://www.ibm.com/garage/services
如果对 IBM Design Thinking 或者 IBM Garage 比较感兴趣可以多看看这些方法论。

https://www.ibm.com/cloud/architecture/content/field-guide/ibm-garage-field-guide
在Garage Methodology中有一些安全部分的方法论。
https://www.ibm.com/garage/method/practices/learn/dynamic-vulnerability-scanning/
https://www.ibm.com/garage/method/practices/code/secure-coding-validate-inputs-and-output

IBM Garage For security 有一个专门针对安全方面零信任框架的Garage 车库创新实践活动。
Implementing a zero trust strategy requires that different security teams collaborate, including aligning on priorities and sharing information.

Put a zero trust approach into action to secure your business

SOC 建设咨询服务

Security intelligence operations center consulting
https://www.ibm.com/security/services/security-intelligence-operations-center-consulting

IBM 安全服务
https://www.ibm.com/security/services

IBM 安全服务的内容有风险控制方面,业务创新方面(Journey to cloud),还有服务托管(MSS)。

Manage risk and accelerate your business innovation and security at the same pace

这里是网站所罗列的安全服务清单,每一个服务都有单独介绍,感兴趣的可以自己去看看。

· Security Expert Labs

· Security Strategy, Risk and Compliance Services https://www.ibm.com/security/services/security-governance

· X-Force Command Center

· Zero Trust Services

· Application Security Services

· Data Security Services

· Identity and Access Management Services

· Infrastructure and Endpoint Services

· Incident Response and Intelligence Services (https://www.ibm.com/downloads/cas/ORNVG2PM)

· Offensive Security Services (red team 渗透测试) (X-Force Red offensive security services)

· Security Intelligence Operations and Consulting Services (SIOC)帮助设计和建设 SOC

· Threat Management Services

· Managed Detection and Response https://www.ibm.com/security/services/managed-detection-response

· Cloud Security Services

https://www.ibm.com/topics/incident-response

https://www.ibm.com/topics/cybersecurity

https://www.ibm.com/topics/siem

IBM Security Command Centers IBM 安全指令中心
https://www.ibm.com/security/services/managed-security-services/security-operations-centers
X-Force Cloud Security Services 威胁情报云服务

https://www.ibm.com/security/services/threat-intelligence
IBM Security X-Force® Incident Response and Threat Intelligence Services
https://www.ibm.com/security/services/ibm-x-force-incident-response-and-intelligence
https://www.ibm.com/security/services/threat-intelligence

数据安全和应用安全部分
https://www.ibm.com/security/services/data-and-application-security
https://www.ibm.com/security/services/data-security
身份认证服务
https://www.ibm.com/security/services/identity-access-management
风险管理部分
https://www.ibm.com/security/digital-assets/services/risk-quantification-smartpaper
https://www.ibm.com/security/services/security-governance/risk-management

零信任部分
IBM Security Zero Trust Acceleration Services
https://www.ibm.com/security/services/zero-trust-acceleration
https://www.ibm.com/security/zero-trust

IBM Cloud Pak for Security as a Service and Zero Trust

在前文,我有介绍 Cloud Pak for Security,这里把服务部分引申一下。在 SaaS 环境和混合云环境下,组织面临安全平台的异构化和复杂化,云上和云下是否要打通,保证安全策略的一致性和统一性。组织需要有能力,威胁统一视角,将威胁管理和数据安全一同考虑。同时,在安全运营中心 SOC 中,利用工具,提升安全运营工作效率。在零信任安全框架的要求下,灵活实现组织的安全运营。

Incident response solutions应急事件响应解决方案

https://www.ibm.com/security/incident-response

Privacy breach preparation and response

https://www.ibm.com/security/intelligent-orchestration/soar/privacy-breach-preparation-response

IBM Security Services for SAP
https://cloud.ibm.com/docs/sap

OT Security

https://www.ibm.com/security/operational-technology

https://www.ibm.com/security/services/industrial-control-systems-testing

X-Force Red adversary simulation services 红队的渗透测试服务
https://www.ibm.com/security/services/adversary-simulation-services
IBM Security Service Partner 来自第三方的安全服务

https://www.ibm.com/partnerworld/security/services-alliance-program

Managed Security Services 全球安全托管服务

https://www.ibm.com/security/services/managed-security-services
https://www.ibm.com/downloads/cas/blg0ro2x
https://www.ibm.com/downloads/cas/KPEG6J8Q

Security Strategy, Risk and Compliance Services
https://www.ibm.com/downloads/cas/GKN51N92
https://www.ibm.com/downloads/cas/YG7MKEAR

Cloud Security Services 云安全服务
https://www.ibm.com/cloud/security
https://www.ibm.com/security/services/cloud-security-services
Cloud security strategy serviceshttps://www.ibm.com/security/services/cloud-security-strategy
Consulting and system integration系统集成和安全集成服务
https://www.ibm.com/security/services/consulting-and-systems-integration

Transform your business and manage risk with trusted advisors

https://www.ibm.com/security/digital-assets/transform-business-and-manage-risk-with-cybersecurity-services/

IBM 安全生态

X-Force 威胁情报平台,IBM的威胁情报平台,可以集成威胁情报分享和订阅。这个免费的平台可以查询和推送威胁情报数据,支持 API的Commercial API方式。同时,它还支持威胁情报的交互格式,可以使用业界通用的模式把这些信息与自己现有的产品方案或学习工具进行集成。

https://www.ibm.com/security/community/app-exchange
https://www.ibm.com/products/xforce-exchange/faq

X-Force Threat Intelligence Index 2021年度安全威胁报告

https://www.ibm.com/account/reg/signup?formid=urx-42703

2021 Cost of a Data Breach Report

https://www.ibm.com/account/reg/signup?formid=urx-50915
X-Force Threat Intelligence Research Hub
https://www.ibm.com/security/xforce/research-hub
Open Security
https://www.ibm.com/security/campaign/open-connected-security合作伙伴

https://www.ibm.com/security/community/partners
https://www.ibm.com/partnerworld/security/services-alliance-program

https://www.securitylearningacademy.com/

Cybersecurity Alliance

https://www.ibm.com/security/campaign/open-connected-security
IBM is contributing the STIX-shifter federated search technology to OCA, which is a core capability offered in IBM CloudPak for Security.

The Open Cybersecurity Alliance community promotes interoperability of cybersecurity products.
https://securityintelligence.com/news/open-cybersecurity-alliance-an-open-source-initiative-for-enabling-improved-interoperability

http://www.opencybersecurityalliance.org/

Redhat
Red Hat Enarx project. Enarx一个为使用TEE保护应用程序提供硬件独立性的项目

https://enarx.github.io/
https://next.redhat.com/2019/08/16/trust-no-one-run-everywhere-introducing-enarx/

Red Hat Secure linux

Security-Enhanced Linux (SELinux) is a security architecture for Linux® systems
https://www.redhat.com/en/topics/linux/what-is-selinux

https://developers.redhat.com/topics/secure-coding

How to deploy a comprehensive DevSecOps solution

https://www.redhat.com/en/resources/deploy-comprehensive-devsecops-solution-overview

机密计算(confidential computing)的话题,我们这里就不讨论了。
Linux基金会在2019年成立了机密计算联盟。其目的是为机密计算进行定义并制定标准,以支持和推广开源CC工具和框架的开发。联盟成员包括阿里巴巴、AMD、Arm、Facebook、Fortanix、谷歌、华为、IBM(红帽)、英特尔、微软、甲骨文、瑞士电信、腾讯和VMware等厂商。

第四部分 办公安全:

不知不觉已经写到第四部分,我知道大家最感兴趣的是 IBM 安全是如何在内部进行运营和管理的。但比较遗憾的是,这部分资料在互联网的不多,更多内容都在内网。
作为旁观者和观察者,我这里也就自己的亲身体会进行一些整理。

其实,从文章开始的公司安全和 Enterprise IT Security 部分就能够看出,整个 IBM 安全在公司内部的轮廓。

首先,安全是红线,在公司的地位很高,重视程度很高,同 BCG (Business Conduct Guidelines)一样。

其次,公司的文化,诚信负责自始至终贯穿所有业务单元,各项标准化都有人去执行和检查。

最后,人的因素,我们很多时候都在强调,安全是人的因素,安全专家是人才,但是每个员工才是这家公司的最重要的资产和财富。

合规Compliance
IT Security Standard IT标准化,信息系统安全标准。
Compliance 合规 ISO 的认证,内部外部定期审计

EAL Enterprise Application lifecycle 用软件生命周期进行管理
标准化持续推动内部标准制定和持续完善发布
National Institute of Standards and Technology (NIST) Cybersecurity Framework (Identify, Protect, Detect, Respond, and Recover)
Development of a Cyber Resilience Framework (Learn, Respond, Monitor, and Anticipate)

Security Design by XX
CI/CD is in improving our overall cybersecurity posture through automated threat detection and application of security controls.

这里罗列一些,IBM 在疫情期间的安全提升和强调。https://newsroom.ibm.com/2021-06-15-IBM-Survey-Pandemic-Induced-Digital-Reliance-Creates-Lingering-Security-Side-Effects

Footprint and tag 垃圾邮件防护 来自外部的邮件自动标记。

开启两步验证 MFA one time password。

SDWAN+Trust Zero 网络不断升级改造,零信任架构设计

持续打补丁,包括移动设备。

BYOD 有条件的支持,不反对,需要安装安全客户端和注册设备。
Training 培训,有强制培训, 有主动培训,有兴趣学习的在线课程。
IBM | Data Privacy Policy GDPR 培训。

定期安全规章制度培训。

定期安全教育培训。

防止钓鱼演练定期举行邮件钓鱼演练模拟钓鱼。
好吧,因为篇幅的原因,我们这里打住。细节面聊。

Think like a hacker
https://developer.ibm.com/conferences/digital-developer-conference-security/application-security/application-security-tech-talk-3-think-like-a-hacker-securing-containers-theyre-just-like-vms-except-when-they-are-not/
Think like a hacker 给研发和技术人员准备的培训课程。
像黑客一样思考,在开发阶段注重安全设计。
https://developer.ibm.com/conferences/digital-developer-conference-security/

方法论:
整体来看方法论非常简单,做到还是需要全员参与。

Risk 风险角度

Compliance 合规角度

Security & Privacy by Design 设计角度

Training持续培训

看完内部安全部分,大家可以回头去看看,第一部分的 IBM Enterprise IT Security,其实大的框架和内容都有。目前这里大家看到的都是公开的资料,内部的学习和管理制度也都大同小异,不存在什么差别。

人才引进:

最近貌似在招聘IBM CIO – Cybersecurity Resiliency Center (CRC) – Information Protection Officer (IPO)

https://www.linkedin.com/jobs/view/information-protection-officer-southbury-ct-at-ibm-2677280661

第五部分 其它安全技术

Quantum 量子计算
抱歉目前没有看到什么特别的在安全方面
AI Watson
人工智能在安全

https://securityintelligence.com/category/artificial-intelligence/

https://www.ibm.com/security/artificial-intelligence

Watson for Security

· IBM Watson Augments Security Analysts With Machine Learning Capabilities In font fo SOC

· QRadar Advisor with Watson

· IBM MaaS360 With Watson

· IBM Security SOAR

Edge 边缘计算
https://www.ibm.com/cloud/blog/security-at-the-edge
https://www.ibm.com/cloud/blog/architecting-at-the-edge

新闻:

在2021 年9 月份,IBM CEO 发表文章,《The Time To Prioritize Cybersecurity Is Now》,他在近期参加美国总统的安全峰会中,提到 IBM 安全五个关键。

https://www.linkedin.com/pulse/time-prioritize-cybersecurity-now-arvind-krishna

Five key commitments and initiatives that IBM is pledging to help address this national imperative.

  1. 建立更强大、更多样化的网络安全队伍Building a more robust and diverse cyber workforce : There are nearly 500,000 unfilled cybersecurity jobs across the nation (Source: NIST). To help prepare more American students and workers for those vital roles, IBM will train more than 150,000 people in cybersecurity skills over the next three years through a range of programs, such as SkillsBuild. We also will partner with more than 20 Historically Black Colleges & Universities to establish Cybersecurity Leadership Centers to build a more diverse U.S. cyber workforce.
  2. 度量流程和结果Measuring progress and results: We need to go beyond cybersecurity commitments and focus on measuring tangible progress and results. Measurement tools already exists in Environmental, Social, and Governance (ESG) reporting. In the same way, IBM is today calling for the establishment of voluntary public reporting standards on cybersecurity practices. We believe the cyber framework developed by the National Institutes of Standards and Technology (NIST) could serve as a strong starting point for building such a reporting system.
  3. 保护关键基础架构Protecting critical infrastructure: Dealing with a cybersecurity crisis is a matter of when, not if. To help critical infrastructure organizations better prepare for and recover from ransomware attacks, we are announcing IBM Safeguarded Copy—a new data storage solution that can shorten the time it takes for organizations to recover from days to hours. IBM is already working with industries that operate critical infrastructure and will expand this offering to other clients.
  4. 加速量子安全密码学Accelerating quantum-safe cryptography: While quantum computers will help solve new categories of problems that are beyond the reach of even today’s most powerful traditional computers, they will also make our current encryption methods obsolete. As we prepare for a quantum world, IBM is committed to developing and deploying new, quantum-safe encryption methods such as lattice-based cryptography.
  5. 技术供应链安全Securing the Technology Supply Chain: Finally, IBM committed our participation in an effort led by the National Institute of Standards and Technology (NIST) to develop a comprehensive framework to improve the security of the technology supply chain. This work builds on IBM’s engagement with NIST on software supply chain security following the president’s recent cybersecurity executive order, and it also will include a focus on open source technology in which IBM has decades of expertise.

参考资料网址
公司安全

https://www.ibm.com/trust

https://www.ibm.com/trust/privacy

https://www.ibm.com/trust/security

https://www.ibm.com/trust/security-psirt
https://www.ibm.com/trust/security-psirt-securitybulletins

https://www.ibm.com/blogs/psirt/

https://www.ibm.com/investor/att/pdf/IBM_Business_Conduct_Guidelines.pdf

BISO的简介:https://securityintelligence.com/author/john-wheeler/

IBM 隐私和数据安全
https://www.ibm.com/privacy/portal

https://www.ibm.com/blogs/policy/wp-content/uploads/2017/10/IBM_DataResponsibility-USLetter_WEB.pdf

Read IBM’s full statement on data responsibility at ibmpolicy.com/dataresponsibility-at-ibmhttps://www.ibm.com/data-responsibility/gdpr/
IBM Pathways for GDPR Readiness
https://www.ibm.com/downloads/cas/QE2NL4GP

Security & Privacy by Design(SPBD)
https://www.ibm.com/trust/security-spbd
https://www.redbooks.ibm.com/redpapers/pdfs/redp4641.pdf

IBM | Data Privacy Policy GDPR 培训 Privacy Baseline 国际化公司需要应该多个国家的相关法案。
https://techcommunity.microsoft.com/t5/microsoft-security-baselines/security-baseline-for-microsoft-365-apps-for-enterprise-v2104/ba-p/2307695

https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf

BCG

https://www.ibm.com/cloud/architecture/architectures/securityArchitecture/security-policy-governance-risk-compliance

Data Security and Privacy Principles – IBM

https://www-03.ibm.com/software/sla/sladb.nsf/pdf/7745WW2/$file/Z126-7745-WW-2_05-2017_en_US.pdf

IBM Cloud Compliance Programs 云环境合规
IBM Cloud infrastructure and IBM Cloud Platform-as-a-Service (PaaS)
https://www.ibm.com/cloud/compliance
这个网站有 IBM 云基础架构和云服务所有经过认证和评估的报告合集。
https://www.ibm.com/cloud/compliance/global
https://www.ibm.com/cloud/compliance/government
https://www.ibm.com/cloud/compliance/industry
https://www.ibm.com/cloud/compliance/regional

https://www.ibm.com/cloud/privacy

IBM Terms标准条款

https://www.ibm.com/support/customer/csol/terms/#

https://www.ibm.com/blogs/policy/trust-principles/

从业安全认证
https://www.ibm.com/cloud/compliance/global

As seen in the VPC SOC 3 report system diagram and description (see pages 7 and 8), IKS (and ROKS!) were in scope for the VPC SOC 2 Type 2 audit:
https://www.ibm.com/downloads/cas/ZVYQK9N5

https://www.ibm.com/policy/government-access-to-data/

https://www.ibm.com/downloads/cas/DAGAKDJG

Private POV

Privacy and Protection Regulations.

https://developer.ibm.com/solutions/security/articles/s-gdpr2/

IBM Privacy Statement https://www.ibm.com/privacy?lnk=flg-priv-usen

IBM Cloud

https://www.ibm.com/cloud/compliance/global

云安全 IBM Cloud Security
https://www.ibm.com/cloud/security
https://www.ibm.com/cloud/security/resources
https://www.ibm.com/cloud/learn/devsecops
https://www.ibm.com/cloud/architecture/architectures/securityArchitecture
https://www.ibm.com/cloud/security-and-compliance-center

IBM FS Cloud 金融云安全IBM Cloud for Financial Services

https://ibm.co/3gIREue

https://cloud.ibm.com/docs/security-compliance?topic=security-compliance-getting-started

https://www.ibm.com/cloud/blog/isv-and-saas-partners-for-ibm-financial-services-ready-public-cloud

https://w3.ibm.com/w3publisher/financial-services-cloud/fs-blogs/b8c94800-bc95-11eb-9bed-739ba3329b54

https://www.ibm.com/cloud/compliance/global

https://www.ibm.com/privacy

IBM Security (独立的BU business unit)

IBM Security+IBM Security Services
https://www.ibm.com/security/products
https://www.ibm.com/topics/incident-response

https://www.ibm.com/topics/cybersecurity

https://www.ibm.com/topics/siem

IBM Security Services
IBM Security Zero Trust Acceleration Services
https://www.ibm.com/security/services/zero-trust-acceleration
https://www.ibm.com/security/zero-trust

Cloud Pak for Security as a Service

https://mediacenter.ibm.com/media/t/1_t2hrdyum
https://community.ibm.com/community/user/security/blogs/christopher-collard1/2021/05/05/getting-security-right-with-ibm-cloud-pak-for-secu

2020 X-Force Threat Intelligence Index Report
https://www.ibm.com/account/reg/signup?formid=urx-42703

2021 Cost of a Data Breach Report

https://www.ibm.com/account/reg/signup?formid=urx-50915
X-Force Threat Intelligence Research Hub
https://www.ibm.com/security/xforce/research-hub
IBM SOC (MSSP 服务托管)
https://www.ibm.com/security/services/managed-security-services
IBM Security Command Centers IBM 安全指令中心
https://www.ibm.com/security/services/managed-security-services/security-operations-centers
X-Force Cloud Security Services 威胁情报云服务

https://www.ibm.com/security/services/threat-intelligence
IBM Security X-Force® Incident Response and Threat Intelligence Services
https://www.ibm.com/security/services/ibm-x-force-incident-response-and-intelligence
https://www.ibm.com/security/services/threat-intelligence
Virtual security operations centers (V-SOC)
https://www.ibm.com/security/services/virtual-security-operations-center-soc

MDR
https://www.ibm.com/security/services/managed-detection-response
https://www.ibm.com/downloads/cas/MRLBYZZE

Incident response solutions 应急事件响应解决方案

https://www.ibm.com/security/incident-response

Privacy breach preparation and response

https://www.ibm.com/security/intelligent-orchestration/soar/privacy-breach-preparation-response

IBM Security Services for SAP
https://cloud.ibm.com/docs/sap

OT Security

https://www.ibm.com/security/operational-technology

https://www.ibm.com/security/services/industrial-control-systems-testing
X-Force Red adversary simulation services 红队的渗透测试服务
https://www.ibm.com/security/services/adversary-simulation-services
IBM Security Service Partner 来自第三方的系统集成和安全集成服务

https://www.ibm.com/partnerworld/security/services-alliance-program

Managed Security Services 全球安全托管服务

https://www.ibm.com/security/services/managed-security-services

Security Strategy, Risk and Compliance Services
https://www.ibm.com/downloads/cas/GKN51N92
https://www.ibm.com/downloads/cas/YG7MKEAR

数据安全和应用安全部分
https://www.ibm.com/security/services/data-and-application-security
https://www.ibm.com/security/services/data-security
身份认证服务
https://www.ibm.com/security/services/identity-access-management
风险管理部分
https://www.ibm.com/security/digital-assets/services/risk-quantification-smartpaper
https://www.ibm.com/security/services/security-governance/risk-management
Cloud Security Services 云安全服务
https://www.ibm.com/security/services/cloud-security-servicesCloud security strategy services
https://www.ibm.com/security/services/cloud-security-strategy
Consulting and system integration系统集成和安全集成服务
https://www.ibm.com/security/services/consulting-and-systems-integration

Transform your business and manage risk with trusted advisors

https://www.ibm.com/security/digital-assets/transform-business-and-manage-risk-with-cybersecurity-services/

IBM Center for Government (client center)

US Federal agency customers seeking more information on the IBM Center for Government Cybersecurity should speak to their IBM representative or visit: http://ibm.biz/us-federal-cyber-center

https://newsroom.ibm.com/2021-06-02-IBM-TO-ESTABLISH-NEW-CYBERSECURITY-CENTER-FOR-US-FEDERAL-CLIENTS

https://www.ibm.com/security/services/us-federal-cybersecurity-center

IBM To Establish New Cybersecurity Center For US Federal Clients

IBM Center for Government Cybersecurity to help agencies navigate current and future threats

Convenes advisory group of former government officials for expanded expertise

Open Source (开源+Redhat)

https://www.ibm.com/security/community

https://www.ibm.com/support/pages/open-cybersecurity-alliance
https://developers.redhat.com/topics/secure-coding

https://enarx.github.io/
https://next.redhat.com/2019/08/16/trust-no-one-run-everywhere-introducing-enarx/

IBM Security Services Alliance Program

https://cloudsecurityalliance.org/star/registry/ibm-cloud/

https://www.cisecurity.org/partner/ibm/

https://www.ibm.com/cloud/compliance/global
AI人工智能
https://www.ibm.com/security/artificial-intelligence

红宝书:

http://www.redbooks.ibm.com/redbooks/pdfs/sg248100.pdf

http://www.redbooks.ibm.com/redbooks/epubs/sg248100.epub

https://www.redbooks.ibm.com/redpapers/pdfs/redp4641.pdfhttp://www.redbooks.ibm.com/redbooks/pdfs/sg247210.pdfhttp://www.redbooks.ibm.com/redpapers/pdfs/redp5363.pdf

http://www.redbooks.ibm.com/redpapers/pdfs/redp5655.pdf

白皮书:
https://www.ibm.com/downloads/cas/GKN51N92
https://www.ibm.com/downloads/cas/YG7MKEAR
https://www.ibm.com/downloads/cas/ORNVG2PM
https://www.ibm.com/downloads/cas/JYB6MQRB
https://www.ibm.com/downloads/cas/O158MBWG
https://www.ibm.com/downloads/cas/QE2NL4GP
https://www.ibm.com/downloads/cas/blg0ro2x
https://www.ibm.com/downloads/cas/DAGAKDJG
https://www.ibm.com/downloads/cas/KPEG6J8Q

Video:

https://mediacenter.ibm.com/media/0_ox88ethl

https://mediacenter.ibm.com/media/t/1_t2hrdyum
https://mediacenter.ibm.com/media/Cyber+Resiliency+with+IBM+qRadar+and+IBM+FlashSystem+%28Safeguarded+Copy%29/1_ikm4o0pz

Topic:

https://www.ibm.com/topics/incident-response

https://www.ibm.com/topics/cybersecurity

https://www.ibm.com/topics/siem

Threat modeling with STRIDE

https://developer.ibm.com/components/redhat-openshift-ibm-cloud/articles/threat-modeling-microservices-openshift-4/

Build Secure

https://developer.ibm.com/solutions/security/

来源:君哥的体历

第一时间获取面向IT决策者的独家深度资讯,敬请关注IT经理网微信号:ctociocom

   

除非注明,本站文章均为原创或编译,未经许可严禁转载。

相关文章:
标签:


关于作者

隐私已经死去,软件正在吃掉世界,数据即将爆炸

X