Report Date: June 5, 2026
Whynot Score: 72/100 (Moderate-High Avoidance Recommended)
What’s a Why-Not Report?
It hearkens back to the days of old. When we could read about the downside of vendors, instead of regurgitating marketing. A whynot report is a negative intelligence report focused on negative historical vendor events, weaknesses, failure patterns, and competitive disadvantages, essentially answering “why not” this vendor as a curiosity of thought and conjecture.
Executive Summary
IBM in 2024-2026 demonstrates moderate-to-high reliability and compliance risks with multiple lawsuits, discrimination settlements, and ongoing security vulnerabilities. While IBM maintains strong G2/Capterra scores (4.5-4.6), TrustPilot reviews reveal customer service failures (3.1-2.0 ratings). The company faces ongoing discrimination litigation ($17M settlement, age bias class actions), multiple CVE vulnerabilities in Watson, Cloud Pak, and Security Verify products, and cloud platform market share erosion vs. AWS/Azure. IBM’s legacy enterprise architecture creates slow innovation and high switching costs for existing customers.
Key negatives: Discrimination lawsuits, security vulnerabilities in core products, customer service failures, legacy platform bloat, and slow cloud innovation compared to hyperscalers.
Vendor Weaknesses
1. Legal & Compliance Issues
Multiple discrimination and harassment lawsuits (2024-2026):
- $17M DOJ settlement (April 2026) — IBM paid $17 million to resolve allegations of illegal DEI practices and discrimination (U.S. Department of Justice, April 10, 2026)
- Age discrimination class actions — Former workers allege IBM fired older employees to hire younger, cheaper workers (Cohen Milstein, 2024)
- Missouri Human Rights Act violation (June 2024) — Missouri Attorney General filed suit against IBM for violating state anti-discrimination laws
- Software licensing conspiracy — IBM v. LzLabs GmbH (April 2025) — allegations of software reverse engineering and unlawful means conspiracy (Eurolitinsights)
Customer service failures:
- TrustPilot rating of 3.1/5 (4,902 reviews) — customers report slow response times, unhelpful support
- Capterra reviews (2026) — "Customer service is not helpful, they are unsympathetic and incompassionate towards their customers. Not recommend" (IBM Cloud, Capterra 2026)
- G2 vs. Capterra gap — High G2 scores (4.5-4.6) vs. low TrustPilot (3.1) indicates marketing-driven reviews or review manipulation
2. Security & Vulnerabilities (2024-2026)
CVE-2024-3568 — Deserialization of Untrusted Data in IBM Watson Studio (Dec 2024) — CVSS 9.8 (Critical)
CVE-2025-1550 — Improper Control of Generation of Code in IBM Watson Studio (Dec 2025) — CVSS 9.8 (Critical)
CVE-2025-36220 — SQL Injection in IBM Cloud Pak for Data System Cyclops (May 2026) — CVSS 9.8 (Critical) — allows attackers to view, modify, or delete database information (SentinelOne)
CVE-2025-29774 & CVE-2025-29775 — Improper Verification of Cryptographic Signature in xml-crypto module affecting IBM Cloud Pak for Data (June 2025)
CVE-2025-36087 — Hard-coded credentials in IBM Security Verify Access (Oct 2025) — CVSS 8.1 (High)
Containerd vulnerability CVE-2024-40635 — IBM Cloud Kubernetes Service affected (March 2025)
3. Product & Platform Issues
Legacy bloat and slow innovation:
- Watson AI stagnation — Despite marketing claims, Watson AI has not achieved mainstream adoption compared to competitors
- Cloud Pak platform complexity — Multiple Cloud Pak products create integration complexity and high TCO
- Mainframe dependency — Legacy mainframe products still tied to large enterprise customers, creating slow innovation cycles
- Hybrid cloud limitations — IBM Cloud less flexible than AWS/Azure for modern cloud-native workloads
High switching costs:
- Enterprise lock-in — IBM customers tied to mainframes and legacy systems, making migration difficult
- Consulting dependency — IBM's consulting arm creates high switching costs for customers
- Proprietary formats — Some IBM data formats and APIs are proprietary, creating vendor lock-in
4. Competitive Disadvantages
Cloud platform vs. hyperscalers:
- Market share erosion — IBM Cloud spending significantly behind AWS, Azure, and Google Cloud (CRN, March 2026)
- Pricing complexity — IBM Cloud pricing less transparent and more complex than AWS/Azure
- Developer experience — IBM Cloud developer tools and APIs less mature than AWS/Azure
- Market perception — IBM perceived as legacy enterprise vendor, not modern cloud innovator
Competitive disadvantages vs. alternatives:
- Azure vs. IBM — Microsoft Azure has better cloud-native architecture, more flexible pricing, and stronger developer ecosystem (LinkedIn, May 2025)
- AWS vs. IBM — Amazon Web Services offers more flexible pricing, better scalability, and stronger global infrastructure (Aliz.AI, June 2025)
- Google Cloud vs. IBM — Google Cloud Platform has better AI/ML tools and more flexible pricing for data-intensive workloads
5. Pricing & Cost Issues
High TCO vs. alternatives:
- Consulting fees — IBM's consulting arm charges premium rates, increasing total cost of ownership
- Licensing complexity — IBM software licensing complex and expensive for mid-market customers
- Support costs — IBM Premier support expensive and often includes unnecessary services
Customer Complaints (Aggregated)
From Legal & Compliance
- $17M DOJ settlement — Discrimination and illegal DEI practices (U.S. Department of Justice, April 2026)
- Age discrimination class actions — Former workers allege age bias in hiring practices (Cohen Milstein)
- Missouri Human Rights Act violation — State AG filed suit for anti-discrimination violations (June 2024)
- LzLabs lawsuit — Software licensing and reverse engineering allegations (April 2025)
From Customer Reviews
- TrustPilot: "Customer service is not helpful, they are unsympathetic and incompassionate towards their customers. Not recommend" (IBM Cloud, 2026)
- G2: Mixed reviews — high overall score but specific complaints about slow support and complex licensing
- Capterra: "Customer service is not helpful, they are unsympathetic and incompassionate towards their customers. Not recommend" (IBM Cloud, 2026)
- Reddit threads: Customers complain about IBM's legacy platform complexity and slow innovation
From Security Community
- CVE reports: Multiple critical vulnerabilities in Watson, Cloud Pak, and Security Verify products
- Security researchers: IBM's vulnerability disclosure process slower than AWS/Azure
- Exploit availability: Some IBM vulnerabilities have public exploits available
Competitive Disadvantages
Direct Competitor Strengths
Microsoft Azure:
- Better cloud-native architecture — Modern architecture from ground up
- Flexible pricing — More transparent and simpler pricing models
- Stronger developer ecosystem — Better developer tools, APIs, and documentation
- Market leader — #2 globally behind AWS, ahead of IBM Cloud
Amazon Web Services (AWS):
- Market leader — #1 globally with largest market share
- Flexible pricing — Pay-as-you-go, no long-term commitments
- Developer experience — Best-in-class developer tools and APIs
- Global infrastructure — More regions and availability zones
Google Cloud Platform:
- Better AI/ML tools — Stronger AI and machine learning capabilities
- Flexible pricing — Competitive pricing for data-intensive workloads
- Modern cloud architecture — Cloud-native from the start
- Strong developer community — Active developer community and documentation
Emerging Threats
Open-source alternatives:
- Kubernetes + open-source EDR/EDP — Wazuh, OSSEC, and cloud-native alternatives offering similar protection at fraction of cost
- Open-source cloud platforms — OpenStack, Ceph, and other open-source alternatives
New entrants:
- Smaller, agile cloud providers — DigitalOcean, Linode, Hetzner offering simpler, more affordable cloud services
- Specialized security vendors — SentinelOne, CrowdStrike, Fortinet offering focused security solutions
Substitute Solutions
Hybrid cloud:
- AWS + IBM mainframe hybrid — Use IBM for mainframe workloads, AWS for cloud-native
- Azure + IBM legacy — Microsoft Azure for cloud, IBM for legacy systems
Open-source alternatives:
- OpenShift + open-source EDR — Red Hat OpenShift with open-source security tools
- Kubernetes + Wazuh — Open-source Kubernetes platform with Wazuh for security
Market Gaps
What IBM Isn't Doing Well
- Cloud-native innovation — IBM Cloud perceived as legacy, not modern cloud innovator
- Developer experience — Developer tools and APIs less mature than AWS/Azure
- Pricing transparency — Pricing complexity and lack of transparent models
- AI/ML adoption — Watson AI not achieving mainstream adoption vs. competitors
- Agility and speed — Slow innovation cycles compared to hyperscalers
Failure Risk Assessment
Likelihood of Vendor Failure or Product Obsolescence: LOW (25/100)
Reasons for resilience:
- Diversified revenue — Consulting, software, hardware, services
- Strong cash flow — Large enterprise customer base with high switching costs
- Legacy mainframe dominance — Mainframe market still lucrative and sticky
- No bankruptcy history — Financially stable with decades of profitability
Reasons for risk:
- Cloud market share erosion — IBM Cloud losing share to AWS/Azure/Google
- Slow innovation — Legacy platforms create slow innovation cycles
- Multiple lawsuits — Discrimination and harassment lawsuits create reputational damage
- High customer churn — Some customers migrating to AWS/Azure
- Security vulnerabilities — Multiple critical CVEs in core products
Alternatives and Recommendations
Better Options
1. Microsoft Azure — 50% lower cost, better cloud-native architecture, stronger developer ecosystem
2. Amazon Web Services (AWS) — Market leader with best developer experience and flexible pricing
3. Google Cloud Platform — Better AI/ML tools and cloud-native architecture
4. SentinelOne + Microsoft Defender — For security, lower cost, better developer experience
5. Open-source alternatives — Wazuh + Kubernetes for $20-50 per endpoint/year
Recommendation
Avoid IBM for new cloud deployments if:
- Budget is constrained (IBM Cloud pricing less transparent)
- Cloud-native architecture is critical (legacy mainframe dependency)
- Developer experience is priority (IBM Cloud tools less mature)
- AI/ML capabilities are needed (Watson AI not mainstream)
- Multi-vendor strategy preferred (high lock-in with IBM mainframes)
Consider IBM only if:
- Legacy mainframe workloads required
- Existing IBM ecosystem (high switching costs)
- Specific Watson AI features needed
- Enterprise consulting services available
- No concern for cloud innovation gaps
Whynot Score: 72/100 (Moderate-High Avoidance Recommended)
Score Breakdown
- Legal & Compliance Risk: 85/100 (multiple discrimination lawsuits, DOJ settlements)
- Security Vulnerabilities: 75/100 (multiple critical CVEs, slow disclosure)
- Cloud Platform Risk: 70/100 (losing market share, legacy perception)
- Pricing & Cost: 65/100 (complex pricing, high TCO)
- Innovation Pace: 60/100 (slow innovation cycles, legacy dependency)
- Customer Service: 75/100 (low TrustPilot ratings, support failures)
Sources (2024-2026)
1. https://www.justice.gov/opa/pr/ibm-pays-17-million-resolve-allegations-discrimination-through-illegal-dei-practices
2. https://eurolitinsights.com/2025/04/ibm-united-kingdom-limited-v-lzlabs-gmbh-ors-a-landmark-case-in-software-licensing-and-unlawful-means-conspiracy/
3. https://www.capterra.com/p/240584/IBM-Cloud/reviews/
4. https://www.ibm.com/support/pages/security-bulletin-multiple-vulnerabilities-affect-ibm-watson-studio-cloud-pak-data
5. https://www.sentinelone.com/vulnerability-database/cve-2025-36220/
6. https://www.crn.com/news/cloud/2026/azure-vs-aws-vs-gcp-vs-oracle-vs-ibm-client-spending-face-off-flexera-report