IBM Z Software
Hide about this portal


This portal is to open public enhancement requests against IBM Z Software products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

zSecure Audit

Showing 22 of 8836

Provide Size/Number of Bytes of Encrypted vs NonEncrypted Data

I am working with a Federal Client in the US assisting in their encryption project. Early on we were looking for a mechanism to track progress of encryption. They wanted to see both the number of files encrypted vs files yet to encrypt, but also, ...
23 days ago in zSecurity / zSecure Audit 0 Submitted

zSecure Audit - CIS Benchmark - CIS-OS-1.2.12 Expired Certificate - show label

While the current control CIS-OS-1.2.12 checks for expired certificates it only lists the 'real' resource with the serial number. However, like IP addresses they do not mean a lot for an end user. Hence, I would suggest that not only the serial nu...
10 days ago in zSecurity / zSecure Audit 0 Submitted

New/Updated RACF tests for Guardium that align with IBM's CIS guidance for DB2 z/OS

All federal agencies have to comply with STIG/CIS guidance to harden database systems. This includes privileges. IBM worked with CIS to develop guidance for DB2 z/OS which impacts RACF privileges assigned to DB2 z/OS databases. zSecure Audit for R...
11 months ago in zSecurity / zSecure Audit 1 Planned for future release

Modify RA.3.4 Report to show when a User has multiple groups that grant access to a profile.

When using RA.3.4 to list a User's access via direct permit or connect (Option2), the report does not indicate that the user may have access to the same resource via multiple groups. Would like to see a version of the code to be able to show the r...
9 months ago in zSecurity / zSecure Audit 2 Future consideration

Update STIG checks to perform scope expansion

Improve the scope expansion functionality for configuration files when running STIG checks. Currently it is a 1-to-1 comparison between the ID (user or group) listed in the config file versus the access list check. It would be greatly improved by ...
about 1 year ago in zSecurity / zSecure Audit 0 Planned for future release

Provide a NEWLIST for all IBM-Defined and Site-Defined Sensitivity Types

Provide a NEWLIST for all IBM-defined and Site-defined Sensitivity Types that lists all sensitivity types, and selected attributes, regardless of the current access entitlements in the ACF2/RACF database.
3 months ago in zSecurity / zSecure Audit 4 Under review

zSecure - Do Not Truncate Audit Trail Information

When checking the Audit Trail from a User the details for all group connects and removals are quite large. When displaying the Audit Trail with a 'LU <user>' the Audit Trail is complete and simple to read. As we removed users to perform 'LU'...
almost 2 years ago in zSecurity / zSecure Audit 3 Future consideration

Improve the message CKR1403

We are in the middle of rolling out zSecure 3.1 (from 2.5) and zOS 3.1. Some of our production jobs running Carla are starting to get RC04 on this message: CKR10403. Its unclear that this message is pointing out an issue to be resolved or just inf...
4 months ago in zSecurity / zSecure Audit 1 Planned for future release

Add filtering for reporting on severity/priority in zSecure Audit

We have a need to report monthly on priority 30. It would be beneficial for us to create a report for only priority 30 etc... Currently the UI does not support filtering on Severity/Priority.
almost 2 years ago in zSecurity / zSecure Audit 5 Not under consideration

Option to include content of allowlists in printed Compliance reports.

Currently, for printed Compliance reports, used for auditing purposes, the allow lists, nor their contents are included in the reports. In previous versions of STIG compliance reports, the details were visibile, and we are pursueing having those a...
about 1 year ago in zSecurity / zSecure Audit 0 Future consideration

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.