Verdasys Digital Guardian

The Verdasys Digital Guardian DSM for IBM QRadar accepts and categorizes all alert events from Verdasys Digital Guardian appliances.

Verdasys Digital Guardian is a comprehensive Enterprise Information Protection (EIP) platform. Digital Guardian serves as a cornerstone of policy driven, data-centric security by enabling organizations to solve the information risk challenges that exist in today's highly collaborative and mobile business environment. Digital Guardian's endpoint agent architecture makes it possible to implement a data-centric security framework.

Verdasys Digital Guardian allows business and IT managers to:

  • Discover and classify sensitive data by context and content.
  • Monitor data access and usage by user or process.
  • Implement policy driven information protection automatically.
  • Alert, block, and record high risk behavior to prevent costly and damaging data loss incidents.

Digital Guardian's integration with QRadar provides context from the endpoint and enables a new level of detection and mitigation for Insider Threat and Cyber Threat (Advanced Persistent Threat).

Digital Guardian provides QRadar with a rich data stream from the end-point that includes: visibility of every data access by users or processes that include the file name, file classification, application that is used to access the data and other contextual variables.

The following table describes the specifications for the Verdasys Digital Guardian DSM:
Specification Value
Manufacturer Verdasys Digital Guardian
DSM name Verdasys Digital Guardian
RPM file name DSM-VerdasysDigitalGuardian-QRadar_version-Build_number.noarch.rpm
Supported versions

V6.1.x and V7.2.1.0248 with the QRadar LEEF format

V6.0x with the Syslog event format

Protocol Syslog, LEEF
Event format

Syslog

Recorded event types

All events

Automatically discovered? Yes
Includes identity? No
Includes custom properties? No
More information Digital Guardian website (https://digitalguardian.com)