Building a Successful Cloud Infrastructure Security and Compliance Practice

whitePaper | December 4, 2019

This paper describes a distributed anomaly detection approach designed to accurately track actions performed by adversaries across a network. The illustrated approach involves running multiple machine learning models on both endpoints and the network as well as on a centralized backend, and includes communication and replication of learned states between these models.

whitePaper | January 9, 2020

The malicious programs known as ransomware have attracted a significant amount of coverage in the mainstream media over the last few years, as major companies and organizations announced that their operations had been affected by the threat. Examples of affected businesses include hospitals, universities and major international corporations [2, 3]. Despite the alarming nature of the threat, the way ransomware gains entry onto a user’s device is actually no different from the methods used by other threats. Ransomware is most commonly spread by two methods.

whitePaper | December 15, 2019

IBM Cloud™ is IBM’s high-performing public cloud platform, with data centers around the world that deliver cloud computing options from infrastructure as a service (IaaS), platform as a service (PaaS) to software as a service (SaaS). Security is a fundamental design principle for our cloud platform with market-leading security capabilities enabled for regulatory workloads.

whitePaper | October 27, 2022

In many ways, the cloud1 is more secure than a traditional data center. Asset management, inventory, audit logging, two-factor access controls, connectivity redundancy and firewalls are built into the cloud provider platform. Servers are easier to patch and won’t become outdated within a few years; there aren’t any forgotten boxes sitting in a dark corner with a note reading, “DO NOT TURN OFF.” However, assets on the cloud continue to be compromised, just as those stored in traditional data centers.

whitePaper | August 25, 2022

These days, you can’t have a conversation about cybersecurity without talking about zero trust. The security concept requires that all individuals and devices on a network be continuously authenticated, authorized, and monitored. Gone are the days of letting someone in the front door, giving them a role with access privileges and then having them go about their merry way.

whitePaper | December 27, 2022

As threats intensify and SecOps teams are called upon to defend digital environments that keep growing in size and complexity, and with a defensible perimeter that has all but disappeared, cybersecurity vendors are responding with a new generation of software and service solutions.