We are all painfully aware of the recent stream of news about stolen credit cards data, hacked government servers, stolen personal information, leaked NSA documents, and similar security incidents. These unfortunate news are the result of companies (and governments) not doing proper job securing their digital assets.
With the rising of the Mobile, Internet of Things (IoT), SOA, and microservices the importance of Message Oriented Middleware (MOM) is as high as ever. IBM sells MQ – the most popular messaging product on the market (with market share at about 70% – depending on the analyst and the way they calculate market share). However MQ is not the only messaging product and there is no shortage of free Open Source messaging products, such as Apache ActiveMQ.
Folks from the IBM Competitive Project Office have looked at the security capabilities of IBM WebSphere MQ and Apache ActiveMQ. This research was done in 2014 and applies to WebSphere MQ v7.5 and ActiveMQ 5.9. However the security capabilities of these products have not changed significantly since this research was done a year ago and most (if not all) findings likely apply to the latest versions of both products (IBM MQ v8 and Apache ActiveMQ v5.12).
Here is the link to the full report: WebSphere MQ vs ActiveMQ security and the summary of the report in a single table: