IBM launches new security solutions

Today at the IBM Innovate 2010 conference in Orlando, IBM introduced new software and services that help organizations build security into the initial design of their applications, rather than bolt it on as an afterthought when it becomes more costly to fix.

Teresa Cook, Director of Security Products; David Grant, Marketing Executive, Security & Compliance; Mark Van Zadelhoff, Director, IBM Security Services

Today’s announcements include several new offerings:

• Access Management: Software that can help organizations provide users with secure access to their servers, applications and environments, across new service delivery platforms, including cloud computing
• Security Testing: Software that enables businesses to automatically test source code and identify potential security and compliance risks during the earliest stages of software development
• Source Code Assessment Services: Services that help clients assess their application security, identify vulnerabilities and provide recommendations for resolution
• Secure Engineering Framework: A proven blueprint for building and deploying secure software.

IBM is introducing new updates for the Tivoli Access Manager family to help organizations provide centralized authentication, policy management and access control services across several new service delivery platforms, such as cloud computing and Service Oriented Architecture (SOA) as well as complex portal and Web application environments.

These new updates can also help protect access to critical data across an organization. As delivery models continue to shift and cause more complexity, these new enhancements can help organizations securely manage access to business-critical applications and data while giving users fast, convenient access to the information they need.

For organizations that lack in-house application security expertise or prefer to outsource testing security assessments, IBM also launched Application Source Code Security Assessment. These new services are designed to help clients understand and improve their regulatory compliance and reduce risk by providing a baseline assessment of the source code of applications to encourage building security into the SDLC.

Through this new service, IBM consultants test applications for clients, identify security vulnerabilities and provide recommendations for prioritization and detailed remediation steps to resolve the vulnerabilities. As a result, organizations can gain a rapid understanding of the security of these tested applications.