Feature spotlights

Big data lake built for data security

Aggregates, stores, analyzes, and provides reports for database, file system, and big data platform security and compliance, data and file activity monitoring, data loss prevention (DLP), and other sources. Long-term, highly granular activity, vulnerability, entitlement and audit information may be consolidated in a low-cost, data security data lake, providing improved access to information while helping streamline data collection and data management and reducing costs.

Direct, real-time access to data and risk insights

Provides authorized users (such as auditors, security analysts, and other users) with secure, direct access and self-service reporting capabilities to speed time to insights and to help Guardium administrators become less involved in data management and access issues, and more focused on data security, data protection and compliance progress.

User activity analytics

Applies machine learning to determine normal user behavior at the data-source level, and then persistently evaluates this behavior to identify anomalies and risks. Analyzes behavior of different users on the same data source to detect anomalies, protect sensitive data, and share with SIEM solutions to refine broader user behavior analytics results.

Privileged access and change reconciliation

Improves governance by automatically linking with your privileged access management solution to tighten controls and increase visibility into who is accessing sensitive data.

Noise cancelation and deduplication forensics

Sifts through vast volumes of raw data to present, in a single pre-built report, specific errors, such as failed logins and SQL errors. Distinguishes between errors representing elevated risk and run-of-the-mill errors to reduce information transmitted to downstream systems.

Fully customizable SOC dashboard

Displays data on vulnerability assessment, discovery and classification, enabling easy visualization of error and exception types, and of users and their associated connection.

Automated trusted connection profiling

Enables users to see who is accessing which databases, file systems, and other data sources — and what access methods and tools they are using — leveraging a fully automated approach to involve appropriate reviewers, then leverages the built-in automated event-level workflow capabilities to streamline the process by identifying and saving trusted connections and owners.

Data enrichment

Storing data security and compliance information in a dynamic big-data lake with low-cost storage means that data may be cost-effectively enhanced with related data from other business processes and applications (ticketing technologies, human resources or customer relationship management applications, etc) to enrich security and compliance data and enable more context-aware analytics that may reveal new insights.


Consolidates key data perspectives from specific data security sources (such as data discovery, classification, vulnerability assessment and entitlement reporting) to create a well-rounded and unified view of the data security profile for any given database (or other data source).

Flexible, event-level workflow management

Uses automation to efficiently and accurately reconcile data security and compliance-related results. This event-level workflow tool helps different types of end-users focus on the results relevant to them, rather than forcing them to review and manually sort through entire reports. The product can distribute each entry within a report to “virtual queues” for relevant stakeholders and progress events through a customizable workflow. Roles and processes may be customized.

Self-service, interactive data exploration

Allows users to interactively explore data security and compliance risk and operational results and insight through a pre-built analytics and visualization integration. Users are able to rapidly drill down into vast volumes of data and present them via a user-friendly graphical interface.

How customers use it

  • Improve Operations and Performance with Big Data Lake


    Massive volumes of data collected and generated by data security solutions creates operational stress, since data security solutions aren’t meant to serve as storage.


    Push data directly into Guardium Big Data Intelligence’s purpose-built security data lake to reduce stress on the Guardium system and improve processing performance and throughput.

  • Satisfy Retention Requirements while Managing Costs

    Satisfy Retention Requirements while Managing Costs


    Driven by regulatory mandates and internal requirements, organizations are expected to retain larger quantities of data for longer – but storage is costly.


    Store and access years of compliance, risk and security data via Guardium Big Data Intelligence’s security data lake to meet expanding compliance requirements while optimizing performance and visibility.

  • Enhance Data Security Insights and Stakeholder Visibility

    Enhance Data Security Insights and Stakeholder Visibility


    Teams face mounting pressure to obtain more sophisticated security and compliance insights faster, while juggling expectations for high performance reporting capabilities and interactive data exploration.


    Guardium Big Data Intelligence establishes context-aware insights by easily linking relevant data sets and running big data analytics, then unleashes the power of those insights with self-service, interactive access for multiple stakeholders.

You may also be interested in

Consider these related products in the IBM Security Guardium family

IBM Guardium Data Protection for Databases

Provides data activity monitoring and cognitive analytics

Learn more

IBM Guardium Data Protection for Files

Monitor unstructured data access and protect sensitive data

Learn more

IBM Guardium Multi-Cloud Data Protection

IBM Guardium Multi-Cloud Data Protection

Learn more

IBM Guardium Data Protection for Big Data

Provides continuous monitoring and real-time security policies

Learn more

IBM Guardium Vulnerability Assessment

Scans your data to detect vulnerabilities and suggest remedial actions

Learn more

IBM Guardium for File and Database Encryption

Know your sensitive data and intelligently safeguard it

Learn more

IBM Security Key Lifecycle Manager

Centralize, simplify and automate encryption key management

Learn more

IBM Guardium Data Encryption for Db2 and IMS Databases

Offers sensitive and private data protection for Db2 and IMS systems

Learn more

IBM Guardium for Teradata Encryption

Protects data in Teradata and big data environments from misuse.

Learn more

IBM Guardium for Application Encryption

Apply application-level encryption in new and existing apps.

Learn more

IBM Guardium for Tokenization

Protects sensitive fields in databases and files with tokenization.

Learn more

See how it works