Feature spotlights

Big data lake built for data security

Aggregates, stores, analyzes, and provides reports for database, file system, and big data platform security and compliance, data and file activity monitoring, data loss prevention (DLP), and other sources. Long-term, highly granular activity, vulnerability, entitlement and audit information may be consolidated in a low-cost, data security data lake, providing improved access to information while helping streamline data collection and data management and reducing costs.

Direct, real-time access to data and risk insights

Provides authorized users (such as auditors, security analysts, and other users) with secure, direct access and self-service reporting capabilities to speed time to insights and to help Guardium administrators become less involved in data management and access issues, and more focused on data security, data protection and compliance progress.

User activity analytics

Applies machine learning to determine normal user behavior at the data-source level, and then persistently evaluates this behavior to identify anomalies and risks. Analyzes behavior of different users on the same data source to detect anomalies, protect sensitive data, and share with SIEM solutions to refine broader user behavior analytics results.

Privileged access and change reconciliation

Improves governance by automatically linking with your privileged access management solution to tighten controls and increase visibility into who is accessing sensitive data.

Noise cancelation and deduplication forensics

Sifts through vast volumes of raw data to present, in a single pre-built report, specific errors, such as failed logins and SQL errors. Distinguishes between errors representing elevated risk and run-of-the-mill errors to reduce information transmitted to downstream systems.

Fully customizable SOC dashboard

Displays data on vulnerability assessment, discovery and classification, enabling easy visualization of error and exception types, and of users and their associated connection.

Automated trusted connection profiling

Enables users to see who is accessing which databases, file systems, and other data sources — and what access methods and tools they are using — leveraging a fully automated approach to involve appropriate reviewers, then leverages the built-in automated event-level workflow capabilities to streamline the process by identifying and saving trusted connections and owners.

Data enrichment

Storing data security and compliance information in a dynamic big-data lake with low-cost storage means that data may be cost-effectively enhanced with related data from other business processes and applications (ticketing technologies, human resources or customer relationship management applications, etc) to enrich security and compliance data and enable more context-aware analytics that may reveal new insights.

DB360

Consolidates key data perspectives from specific data security sources (such as data discovery, classification, vulnerability assessment and entitlement reporting) to create a well-rounded and unified view of the data security profile for any given database (or other data source).

Flexible, event-level workflow management

Uses automation to efficiently and accurately reconcile data security and compliance-related results. This event-level workflow tool helps different types of end-users focus on the results relevant to them, rather than forcing them to review and manually sort through entire reports. The product can distribute each entry within a report to “virtual queues” for relevant stakeholders and progress events through a customizable workflow. Roles and processes may be customized.

Self-service, interactive data exploration

Allows users to interactively explore data security and compliance risk and operational results and insight through a pre-built analytics and visualization integration. Users are able to rapidly drill down into vast volumes of data and present them via a user-friendly graphical interface.

You may also be interested in

Consider these related products in the IBM Security Guardium family

IBM Guardium Data Protection for Big Data

Provides continuous monitoring and real-time security policies

Learn more

IBM Guardium for File and Database Encryption

Know your sensitive data and intelligently safeguard it

Learn more

IBM Security Key Lifecycle Manager

Centralize, simplify and automate encryption key management

Learn more

IBM Guardium Data Encryption for Db2 and IMS Databases

Offers sensitive and private data protection for Db2 and IMS systems

Learn more

See how it works

Buy now and get started