How IBM Guardium Vulnerability Assessment works
Automate vulnerability scanning and configuration
Scan the entire data source infrastructure for vulnerabilities. Provide platform-specific static tests that detect insecure configurations for the specific database being assessed.
Map predefined tests for best practice standards
Utilize preconfigured vulnerability tests, encompassing Center for Internet Security (CIS) and Security Technical Implementation Guide (STIG) best practices, updated regularly through the IBM Guardium Knowledge Base service. Support for SCAP and ability to export in SCAP format. Does not rely on intrusive exploits or tests that can impact system availability, and provides external reference information such as common vulnerabilities and exposures (CVE) identifiers.
Uncover behavioral vulnerabilities
Conduct dynamic tests that uncover behavioral vulnerabilities such as account sharing, excessive login failures and unusual after-hours activity.
Provide a scalable platform
Support leading database platforms and all major operating systems, including big data environments. Provide a scalable platform to help protect and secure customer data repositories and manage compliance with the latest security regulations.
Report and take action
Evaluate and document your database security to help you assess, escalate and remediate risks. Produce detailed reports and supporting data. Provide a summary security evaluation, which includes weighted metrics and recommended remedial action plans to strengthen security. Automatically schedule assessments and manage report distribution, sign-offs and escalations.