Skip to Main Content
Cloud Platform

This is an IBM Automation portal for Cloud Platform products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


WebSphere Automation

Showing 18

IDEA Fixpack Augmentation – Priority 1 The recommendation is to augment the remediation artifact to include the entire history of the available fixpacks that are applicable to a vulnerability which is not done today. The current view on the glass reflects IBM’s design decision taken from a security standpoint, that WSA will promote the latest fixpack as a best practice and will most likely remain as the default choice. Kaiser can work with the API approach to install fixpacks that are not at the latest level via API customization but it would be nice to have it in the UI visibility.

As an example of why this approach would be useful, consider Kaiser’s current approach offers developers the choice of n-1, n-2, and current fixpack version. A view on the glass that will show if eight of ten CVE’s are fixed in one fixpack, that K...
9 months ago in WebSphere Automation 1 Delivered

Support non-authenticated, non-TLS mail server (port 25)

To support simple POC setups, we should support "non-secured" (no Auth, no TLS) mail servers. These simpler mail server configurations are used in environments for tool-based / automated notifications.
about 2 years ago in WebSphere Automation 1 Delivered

Display what APARs / fix pack remediate a CVE

Display, within the UI, what remediates the CVE (e.g. which APARs and which fix packs resolve the vulnerability). I should be able to get the iFix/Fixpack info from within the GUI without having to click anything or leave the UI (no requirement to...
over 3 years ago in WebSphere Automation 1 Delivered

Provide an audit history of what CVEs were detected when, and when the iFix/APAR was applied to resolve it

Provide an audit history of what CVEs were detected when, and when the iFix/APAR was applied to resolve it. This might manifest in two ways: REST API to query the audit history of an individual (or collection of) server, install, CVE. A CSV report...
over 3 years ago in WebSphere Automation 0 Delivered

Add Recommended Fixes

Using the current version info, unresolved CVEs info and applied fixes, you should be able to provide the recommended ifixes or fixpacks that would resolve the CVE and provide the link to the fix.
almost 3 years ago in WebSphere Automation 2 Delivered

Support Standalone Deployment Manager

WebSphere Automation currently cannot register a WAS ND Deployment Manager but application servers only. If the Dmgr is running on a separate system, it will not be monitored. This introduces two risks: a) WSA shows the envronment as secure but th...
over 1 year ago in WebSphere Automation 0 Delivered

Manual Health Investigations

In addition to triggering actions when alerts are received for different problem types, users should be able to just launch an investigation manually. - use for triggering a mem leak investigation - use for running any of the mustgathers we automa...
over 2 years ago in WebSphere Automation 1 Delivered

WebSphere Automation air-gap configuration for self-secure

Document and support the approach for disconnected environments that are not able to connect directly to x-force or WAS security bulletin feed. For example automated but standalone capture of CVE/PSIRTs followed by out-of-band transfer and upload....
over 3 years ago in WebSphere Automation 1 Delivered