Skip to Main Content
IBM Data and AI Ideas Portal for Customers


This portal is to open public enhancement requests against products and services offered by the IBM Data & AI organization. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:


Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,


Post your ideas

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

IBM Data & AI Roadmaps (http://ibm.biz/Data-and-AI-Roadmaps) - Use this site to view roadmaps for Data & AI products.

IBM Employees should enter Ideas at https://hybridcloudunit-internal.ideas.aha.io/


ADD A NEW IDEA

FILTER BY CATEGORY

DataStage

Showing 378

Missing input validation : Server side and client side validation not present

Impact : An Attacker can execute scripts in a victim’s thick client and can perform malicious activity, posing serious security threat to the application. Recommendation : It is recommended that blacklisting, or disallowing certain, predetermined ...
3 days ago in DataStage 0 Submitted

We want to operate on ClickHouse DB and connection between DS 11.7.1.3

Our customer who is using Datastage 11.7.1.3 wants to write to ClickhouseDB from different sources and write to different sources from ClickhouseDB, but currently DS does not support it, if it is supported as soon as possible, ClickhouseDB is both...
6 days ago in DataStage 0 Submitted

Support for Custom Transformer (Parallel) Routines in DFD

DataStage Flow Designer in 11.7 does not support custom parallel transformer routines. When attempting to compile a job that uses a custom transformer routine from the DataStage Flow Designer interface, compilation fails. This results in a hard de...
4 days ago in DataStage 0 Submitted

Sensitive information in URL

During the assessment it was observed that application was sending User ID in URL.
5 days ago in DataStage 0 Submitted

Control Flow Guard (CFG) not enabled

It was observed that the thick client application, "IBM Infosphere DSDesign ", does not have Control Flow Guard (CFG) enabled.Control Flow Guard is a security feature which helps protect applications against memory corruption vulnerabilities by re...
5 days ago in DataStage 0 Submitted

Data Execution Prevention (DEP) disabled and Application Without ASLR Protection.

Vulnerability : 1) Data Execution Prevention (DEP) disabled Observation : The application "DSDesign.exe" executable was not using the DEP protection. Since DEP is disabled, arbitrary exploit codes can be written and executed from memory location l...
6 days ago in DataStage 0 Submitted

Improper error handling and Control Flow Guard (CFG) not enabled.

Vulnerability : 1) Improper error handling Observation : Ineffective error handling in application exposes internal application information to application users,which can help the enumeration of application components by an attacker. Recommendatio...
6 days ago in DataStage 0 Submitted

During the assessment it was observed that there was Cleartext transmission of sensitive information like username and password in the application.

FixIt is recommended to configure servers to use encrypted channels for communication by implementing TLS.It is also recommended to encrypt the passwords , It is recommended to not send any sensitive information in plain text. It should be either ...
6 days ago in DataStage 0 Submitted

IGC_IGD - Unrestricted file upload

It is Observed that the application is allowing malicious content while uploading a file.
6 days ago in DataStage 0 Submitted

Integration of DataStage parameters and parameter sets in Pipelines

Parameters and parameter sets in Pipelines are absolutely necessary for designing dynamic data integrations with DataStage.
26 days ago in DataStage 1 Functionality already exists