Cloud Management and AIOps


This is an IBM Automation portal for Cloud Management, Technology Cost Management, Network Automation and AIOps products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Under review
Workspace Concert
Created by Guest
Created on Oct 29, 2025

RELATED IDEAS

Support CBOM Format for Certificate Upload and Algorithm Metadata Integration

Solution Value Statement

Enable IBM Concert to ingest certificate data using the CBOM (Cryptographic Bill of Materials) format, including algorithm metadata, to improve automation, interoperability, and cryptographic posture visibility across enterprise environments.

Proposed Solution

Extend Concert’s ingestion pipeline to support CBOM-formatted certificate uploads via API and UI. This includes parsing algorithm metadata (e.g., RSA, ECC, SHA-256), validating cryptographic properties, and integrating CBOM data into the certificate inventory and policy compliance engine. Concert should also support CBOM schema validation and provide sample templates for integration with external tools.

Customer Impact / Business Value

  • Simplifies automation and integration with external certificate management tools.

  • Enhances cryptographic visibility and policy enforcement.

  • Reduces manual formatting and transformation of certificate data.

  • Supports enterprise security teams in tracking algorithm usage and compliance.

  • Aligns with emerging standards for cryptographic transparency and supply chain security.

Pilot or Validation Context

Initial validation can be scoped to clients using CBOM for certificate lifecycle management. Concert should ingest CBOM files via API, validate algorithm metadata, and surface compliance status in the Operations dimension. Pilot should include integration with GitHub-hosted CBOM examples and validation against Concert’s certificate policy engine.

Key Functional Requirements

  • Support CBOM JSON format for certificate ingestion.

  • Parse and validate algorithm metadata (e.g., key type, hash algorithm, key length).

  • Integrate CBOM data into certificate inventory and policy compliance engine.

  • Extend API to accept CBOM uploads with metadata.

  • Provide sample CBOM templates and schema documentation.

  • Visualize algorithm compliance status in certificate views.

  • Trigger automation rules for non-compliant algorithms (e.g., SHA-1, RSA <2048-bit).

Metrics for Success

  • Number of CBOM files successfully ingested.

  • % of certificates with algorithm metadata parsed and validated.

  • Reduction in manual certificate formatting effort.

  • Number of automation rules triggered based on algorithm compliance.

  • Adoption rate of CBOM format among enterprise clients.

Roadmap & Feature Overlap Analysis

  • Existing Epic(s):

    • Certificate Upload and Management

    • ConcertDef SBOM Support

    • Certificate Policy Compliance and Automation

  • Overlap Summary:
    Concert currently supports certificate uploads in CSV and JSON formats (ConcertDef schema). It includes policy enforcement for hash algorithms and key lengths, and automation for expiring certificates. However, CBOM is not explicitly supported, and algorithm metadata ingestion is limited to policy checks—not structured ingestion. [9286062_0_...oncert.pdf | PowerPoint]

  • Unmet Needs:

    • No support for CBOM schema or algorithm metadata ingestion.

    • No CBOM validation or schema documentation.

    • No integration with CBOM tooling or GitHub examples.

    • No structured visualization of cryptographic posture per certificate.


Idea priority High

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.