This is an IBM Automation portal for Cloud Platform products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
IDEA Fixpack Augmentation – Priority 1 The recommendation is to augment the remediation artifact to include the entire history of the available fixpacks that are applicable to a vulnerability which is not done today. The current view on the glass reflects IBM’s design decision taken from a security standpoint, that WSA will promote the latest fixpack as a best practice and will most likely remain as the default choice. Kaiser can work with the API approach to install fixpacks that are not at the latest level via API customization but it would be nice to have it in the UI visibility.
As an example of why this approach would be useful, consider Kaiser’s current approach offers developers the choice of n-1, n-2, and current fixpack version. A view on the glass that will show if eight of ten CVE’s are fixed in one fixpack, that K...
IDEA #2 - PRIORITY #2 - Enhance WSA to enable en masse remediation selection and application. Currently, WebSphere Automation provides the apply for a user to select a single vulnerability.
Upon selection of a single vulnerability, a user can select only a single registered WebSphere instance for remediation application. Unfortunately, this behavior is serial and singular that does not conform to scaling needs for a security operatio...
IDEA #1 - PRIORITY #1 - Enhance WSA to display entire available & applicable remediation artifacts. Currently, WebSphere Automation displays only the absolute latest remediation artifacts (like APARs, etc).
Additionally, WebSphere Automation selects (by default) the most recent but smallest remediation artifact. Unfortunately, this method and model assumes a security operational team can aligned with IBM recommendation.
Support WebSphere Automation install on an OpenShift FIPS Enabled Cluster
HCSC and many other customers that work with the government or other entities that work with the government are required to follow FEDRAMP standard. FIPS is a key part of FEDRAMP standard. When an OpenShift Cluster is created, these customers are ...
Request to potentially do a singular ifix remediation against many target servers; that is to do an en-mass group execution (one-to-many) of a CVE ifix.
To be able to select a group of servers to install an ifix to, rather than installing an ifix one server at a time. Something with maybe a check box list of servers that you that you can choose to push the ifix to, so that many servers are install...
At the moment backups are stored in ~/.wsa/backups . This is not a safe default - if the directory for the home user is on a small disk, there is risk that the disk will fill up or the backup would fail. The backup location should be customizeable...
Enhance patch automation to support tWAS instances installed by IM in Admin mode
Many tWAS instances were installed by IM in Admin mode. During WSA patch installation, the playbook terminated with error message:
>>> ValueError: Installation directory is not owned by wasadmin but IM accessRights is admin
The tWAS was ...
Do not place IBM confidential, company confidential, or personal information into any field.