Solution Value Statement
Expand IBM Concert’s auto-discovery capabilities to include Microsoft Azure environments. Specifically Azure Red Hat OpenShift (ARO), Azure VMs, and .NET applications - to support applications, resilience metrics, continuous compliance, certificate lifecycle automation, and broader market adoption in Azure-centric regions.
Problem Description
Concert’s current auto-discovery features are primarily focused on AWS (e.g., ROSA, EKS) and IBM Cloud (IKS, ROKS), leaving a gap in support for Microsoft Azure, which is the dominant cloud platform in many regions, including Northern Europe. Customers deploying workloads on Azure ARO and Azure VMs lack native auto-discovery integration, requiring manual ingestion of data and reducing the effectiveness of continuous compliance and automation workflows. Additionally, .NET applications—common in Azure environments—are not explicitly supported for auto-discovery, limiting visibility into their posture and risk.
Proposed Solution
Introduce auto-discovery workflows and ingestion jobs for Azure ARO clusters and Azure VMs. These workflows should automatically detect deployed applications, certificates, and runtime configurations, and generate initial resilience and compliance postures. Concert should also support ingestion of SBOMs and scan data for .NET applications, enabling posture generation and integration into existing automation rules. Certificate lifecycle management should be extended to Azure environments, allowing Concert to track, assess, and automate renewal workflows for discovered certificates.
Customer Impact / Business Value
Enables continuous compliance and resilience posture tracking for Azure-based workloads.
Reduces manual effort in onboarding Azure environments into Concert.
Supports certificate lifecycle automation and policy enforcement across Azure assets.
Expands Concert’s relevance in Azure-dominant regions, supporting broader market penetration.
Strengthens Concert’s value proposition for enterprise customers seeking multi-cloud support.
Pilot or Validation Context
Initial validation can be scoped to Azure ARO clusters and Azure VMs in Northern Europe. Concert should connect to Azure environments using credentials, discover applications and certificates, and generate posture assessments. .NET applications should be onboarded via SBOM ingestion and scan data. Certificate expiration and policy compliance should be tracked and remediated using Concert Workflows.
Key Functional Requirements
Auto-discovery for resilience metrics from Azure ARO clusters and Azure VMs.
Support for .NET application SBOM ingestion and scan-based posture generation.
Certificate discovery and lifecycle management for Azure environments.
Visualization of discovered assets in Arena view and Action Center.
Metrics for Success
Adoption rate in Azure-centric customer segments.
Reduction in manual onboarding time for Azure assets.
Number of Azure ARO clusters and Azure VMs auto-discovered.
Number of certificates discovered and managed in Azure environments.
Number of tickets auto-generated for certificate expiration and compliance issues.
