Name: Video H13zWZrstCk
Uploaded: 2025-12-31
Duration: 310 s

Video H13zWZrstCk

5m • Unknown Channel • other • other • intermediate • Watch on YouTube ↗

Sections

Full Transcript

# Video H13zWZrstCk **Source:** [https://www.youtube.com/watch?v=H13zWZrstCk](https://www.youtube.com/watch?v=H13zWZrstCk) **Duration:** 00:05:10 ## Sections - [00:00:00](https://www.youtube.com/watch?v=H13zWZrstCk&t=0s) **Untitled Section** - - [00:03:10](https://www.youtube.com/watch?v=H13zWZrstCk&t=190s) **Untitled Section** - ## Full Transcript

0:00Did you know the global average cost of a breach is $4.42M USD? 0:05And it takes on average 287 days to identify and contain a breach? 0:11The problem is many of the tools in the marketplace today 0:13fail to adequately stop and prevent breaches. 0:16Hi, my name is Tim Brantner and I'm with IBM Cloud. 0:19Today I have the honor of talking to you about the IBM Cloud Security and Compliance Center 0:23and how it can help you solve this problem in one view. 0:27As customers encounter moving regulated workloads to the cloud, 0:30they have to keep several things in mind and achieve. 0:33They want to manage risk and compliance 0:36with as much automation and standardization as possible 0:39to increase effectiveness and lower costs. 0:42They want to ensure data protection with concepts like zero trust 0:45by implementing least privilege for their identity access management, 0:49or ensuring storage is encrypted. 0:51They want to automate continuous detection and response for their misconfiguration of cloud resources 0:56to reduce the probability of being the next big data breach in the news. 1:01They want to make it simple to infuse security and privacy for their cloud developers with DevSecOps. 1:07But before we get into IBM Cloud Security and Compliance Center (SCC), 1:10first, we have to talk about CSPM, or cloud security posture management. 1:14It is a category of security products 1:16designed to identify misconfigurations and compliance risks in the cloud. 1:21CSPM tools work by examining a cloud environment against a defined set of best practices 1:27and known security risks. 1:29It helps cloud applications be more secure 1:31and ensure compliance with regulatory or corporate compliance standards. 1:36We have a video entirely on the CSPM subject done by one of our great team members, Janet Van. 1:41What is SCC? 1:43SCC is IBM Cloud's answer for simplified and centralized security compliance posture. 1:48It is geared for enterprises with regulated workloads needing to accelerate public cloud adoption. 1:54We want your workloads to be secure by default 1:57with the easiest onboarding experience. 1:59That's why we made SCC part of the IBM Cloud platform. 2:02No installing, no instances to provision, just there by default. 2:06And with every IBM Cloud account. 2:09From there, it's simple to start seeing results. 2:12IBM Cloud is the only cloud service provider that has the ability to scan other clouds. 2:16The only one that has depth in IBM Cloud, 2:19and continue to expand our hybrid multi-cloud capabilities with IBM Cloud Satellite. 2:24SCC is the central way to proactively enforce or prevent misconfiguration 2:29for all IBM Cloud services. 2:32All this while providing the best level of production experience: 2:36stable, reliable, scalable and extensible 2:39through APIs and Terraform templates. 2:42As well as integrations with cool leading partners like Tanium, Caveonix, NeuVector, 2:47Twistlock and our OpenShift compliance operator. 2:50So, let's dig in. 2:52First, how do I access SCC? 2:54Well, it's as easy as logging into IBM Cloud on ibm.com 2:58and go into the left-hand hamburger menu to find "Security and Compliance". 3:02Or, in this example, 3:03you can click on the Security and Compliance widget that gives you a quick snapshot 3:07of your security score and ops detractors. 3:10Or, you can click "Manage" in the top nav and select "Security and Compliance". 3:14Once you get into the SCC experience, there's several ways to get started. 3:18We have several examples, videos and links directly to documentation. 3:23And besides, we're constantly making onboarding experience easier and easier. 3:27When monitoring for configuration compliance, 3:30you'll start off by selecting a pre-defined profile or creating a profile of your own. 3:35A profile is a grouping of control implementations that we call "goals". 3:40Once you have what you want to check, 3:42you'll need to identify what resources you want to run those checks on. 3:46We call those set of resources a "scope". 3:48Then once that is ready, you'll set up a collector and scan details. 3:53At that point, you have an automated scan providing continuous compliance and your compliance score. 3:59So let's say you're monitoring, but want to be a little bit more proactive. 4:03That is where our configuration governance capabilities come into play. 4:07Configuration governance enables you to define, manage, enforce 4:12and monitor the configuration rules of your IBM Cloud resources. 4:15It's set up by defining, customizing and enabling those configuration rules, 4:19or you can group them together in what we call "configuration rule" templates. 4:24Once you have set up compliance scans, enabled configuration rules, and set security alerts, 4:29you'll have a nice dashboard -- like this one. 4:32This one dashboard provides a quick view of all three capability areas of SSC 4:37and allows you to manage your security and compliance posture from one place. 4:41Or, if UI not your thing, 4:43we have a full list of APIs and CLIs available to interopt with your security tools. 4:48So there you have it. 4:49You just had a whirlwind tour of the IBM Cloud Security Compliance Center. 4:52Honestly, there's so much more value inside of it that I want you to go check out, but just keep this in mind: 4:58it's IBM Cloud's answer for centralized security and compliance posture 5:02for enterprises with regulated workloads 5:05needing to accelerate public cloud adoption. 5:07Thanks for watching and hope to catch you in the next video.