Know The Threats That May Lurk Within Your IBM Product

Grab a hot cup of Java, lock your physical and digital doors, and listen to the tail of the threat that potentially lurks within your IBM product. Your IBM product may not be all it seems.

Many IBM products are shipped with applets – lightweight applications provided and designed to support implementation and integration. However, these applications can also introduce potential risk to the integrity of your environment by introducing vulnerabilities and unmonitored dark corners where threat actors can lurk.

No ‘silver-bullet’ exists and risk can never be zero, so what can you do!? Before you reach for the garlic and wooden stakes, here are a few tricks and treats (proactive actions) that you can take so your application doesn’t go ‘bump in the night’.

Treat: Reduce the Risk

Ask yourself, “what do I need from this IBM product to deliver operations?” Then get an understanding of the context and determine what functionality is required. Record and track the true risk. Once you have this, employ the Principle of Least Functionality (PoLF).

Consider employing Defence in Depth (DiD) to help mitigate actions across the ecosystem and take multiple mitigation actions to achieve your desired risk appetite. This enables gradual change, resiliency, and agility along with the implementation of mitigating actions at your own tempo aligned to your own security maturity journey.

Cautiously, so as to not impact operations, remove unwanted functionality, applets and code, then confirm all is working on completion. This will reduce the risk of an unknown, or known vulnerability being present, and therefore, potentially reduce the risk of exploitation. It also reduces the risk of a licensing non-compliance issue and could subsequently save you money from licensing, support costs and potential fines. Furthermore, it provides the opportunity to remove ‘bloat’ from your ecosystem and therefore introduce potential efficiencies.

Trick: Expelling the Vulnerabilities

Many applets are Open Source, meaning many new vulnerabilities are identified and shared far and wide at a regular tempo. An IBM specific would be Java vulnerabilities.

There is no guarantee that software vendors will hear about these vulnerabilities first, which would result in less time to respond with a patch or fix. Nor is there any obligation for them to respond at all. Furthermore, patch/fixes are developed for the majority, not for the individual, and therefore introduce the potential risk of other vulnerabilities or integration issues.

Origina provides a myriad of vulnerability busting tools and services including access to products and security SMEs, Hardening Guides and vulnerability advisories providing a clear and concise selection of mitigating actions across your ecosystem – thus enabling a tailored approach to your risk management, and one that is on your terms.

Reach out to us before your IBM products go ‘bump in the night’ and your CISO runs out of the office screaming.


Customer demand inspires third-party software support and maintenance (TPSM) provider to extent its proven methodology to a wider range of IBM products.

Thanks to their unparalleled stability and reliability, mainframes still power the world’s leading businesses. Learn more about third-party support for IBM Z series mainframes

For the latest technology tips subscribe to our NEWSLETTER- THE UPTIME

Gain insight into industry-only news, access to webinars, tips and tricks, blog posts, podcasts, and guides, surrounding topics like cybersecurity, reducing software support and maintenance costs and much more, all delivered to your inbox each month.

Sign up for the Origina Newsletter

Wait! Don't forget to subscribe to our Newsletter- The Uptime for the latest technology tips!