Verdasys Digital Guardian
The Verdasys Digital Guardian DSM for IBM QRadar accepts and categorizes all alert events from Verdasys Digital Guardian appliances.
Verdasys Digital Guardian is a comprehensive Enterprise Information Protection (EIP) platform. Digital Guardian serves as a cornerstone of policy driven, data-centric security by enabling organizations to solve the information risk challenges that exist in today's highly collaborative and mobile business environment. Digital Guardian's endpoint agent architecture makes it possible to implement a data-centric security framework.
Verdasys Digital Guardian allows business and IT managers to:
- Discover and classify sensitive data by context and content.
- Monitor data access and usage by user or process.
- Implement policy driven information protection automatically.
- Alert, block, and record high risk behavior to prevent costly and damaging data loss incidents.
Digital Guardian's integration with QRadar provides context from the endpoint and enables a new level of detection and mitigation for Insider Threat and Cyber Threat (Advanced Persistent Threat).
Digital Guardian provides QRadar with a rich data stream from the end-point that includes: visibility of every data access by users or processes that include the file name, file classification, application that is used to access the data and other contextual variables.
Specification | Value |
---|---|
Manufacturer | Verdasys Digital Guardian |
DSM name | Verdasys Digital Guardian |
RPM file name | DSM-VerdasysDigitalGuardian-QRadar_version-Build_number.noarch.rpm |
Supported versions |
V6.1.x and V7.2.1.0248 with the QRadar LEEF format V6.0x with the Syslog event format |
Protocol | Syslog, LEEF |
Event format |
Syslog |
Recorded event types |
All events |
Automatically discovered? | Yes |
Includes identity? | No |
Includes custom properties? | No |
More information | Digital Guardian website (https://digitalguardian.com) |