What's new
New features, enhancements, and bug fixes in IBM Guardium® Insights SaaS releases.
2024 September
- Premium Asset inventory
- You can now ingest various types of assets such as databases, applications, endpoints, storage, and models into the inventory. To effectively manage the asset data, you can merge or split assets based on specific criteria. Use the asset change log to view the changes that are made to a specific asset. For more information, see Asset inventory.
New features and enhancements in IBM Guardium DSPM:
- DSPM New capabilities allow precise monitoring of sensitive data movement in Microsoft 365 Outlook
- IBM Guardium DSPM can now discover and classify emails and attachments in Microsoft 365 Outlook and identify when sensitive data might be externally exposed or flowing by employees via private email addresses or shared mailboxes. Additionally, identify when sensitive data is copied between Microsoft 365 Outlook and other cloud providers and SaaS Applications.
- DSPM Added support for automatic Shadow data discovery and classification in Microsoft Azure
- Guardium
DSPM can now discover structured and
unstructured shadow data found in Microsoft Azure and can also
scan for files and databases stored in Microsoft Azure virtual
machines. Additionally, Guardium
DSPM identifies
data movements between shadow data and alert on anomalies and misconfiguration that can damage your
security and compliance posture.
- DSPM Analyzer instance type requirements for Microsoft Azure has been updated to the Standard_D4s_v3 size to support the increasing number of data stores in Microsoft Azure, while maintaining customer's organization data sovereignty.
- DSPM Guardium DSPM discovers, classifies, and analyzes data movements in Google Cloud Platform (GCP) Bigtable databases:
-
- GCP Bigtable databases are now also supported for automatic discovery and classification of
sensitive data.
- Guardium DSPM can also identify data movement between Bigtable and other cloud provider and SaaS applications, uncovering misconfiguration and data movements that can impact your security and compliance posture negatively.
- DSPM Analyzer has been automatically updated to support the new data stores. No manual updates or changes are required.
- GCP Bigtable databases are now also supported for automatic discovery and classification of
sensitive data.
- DSPM Security
- The DSPM Analyzer is upgraded to apply the latest security vulnerability fixes.
- DSPM Bug fixes
-
- Inconsistent classification status for Amazon Web Services (AWS) data stores.
- Inconsistent status change of vulnerabilities.
2024 August
- Premium External ticketing service improvements for Risk Events
- When you open a risk event that has been delegated to any ticketing service, the status of the external ticket is displayed next to the ticket number. The status is updated every time that the record is opened or refreshed.
- Custom data imports
- You can now import external data into Guardium Insights SaaS for use in reports or alert policies.
- Jira ticketing
- Guardium Insights SaaS now supports configuring ticketing for Jira.
New features and enhancements in Data Security Posture Management (DSPM):
- DSPM Data Classification
-
- Guardium DSPM can now automatically discover and classify structured and unstructured files stored in Azure file share.
- Confidential data, as a new category of sensitivities, is now supported for classifying structured and unstructured data.
- Added over 20 new sensitivities in personal, financial, identifiable, and confidential labeling
categories for the following countries:
- Brazil
- China
- Columbia
- Greece
- Portugal
- Spain
- DSPM Using DSPM
- Guardium
DSPM user interface now supports the
following additional languages based on the user's browser language settings:
- French
- German
- Italian
- Portuguese
- Spanish
- Turkish
- DSPM Security
- The DSPM Analyzer is upgraded to apply the latest security vulnerability fixes.
2024 July
New features and enhancements in the monitoring editions (Essentials, Standard, and Premium):
- Improved flexibility of reports visualization framework
- Visualization of reports
now includes a gallery of charts to choose from. Once you have selected a chart, you can modify its
code to customize it to suit your needs.
When adding a report to a dashboard, you can now choose to add its data visualization to the dashboard card.
- Improved tenant switching
- The Guardium Insights SaaS main page now displays the tenant that you are using. Clicking the tenant allows you to easily switch to other tenants.
- Support menu
- The Support feature now opens a menu with a variety of articles and advice about the Guardium Insights SaaS page that you are currently using.
- Premium Policy import from Guardium Data Protection
- You can now reduce operational overhead by importing data security policy definitions from Guardium Data Protection (GDP) central manager to Guardium Insights SaaS (GI). To use the policy import feature on GI, your GDP system must be patched to the minimum supported version. For more information, see Importing policies from Guardium Data Protection.
2024 June
New features and enhancements in the monitoring editions (Essentials, Standard, and Premium):
- Premium Asset inventory usability enhancements
- You can use asset inventory as the single source of truth to have quicker and better visibility over your data security assets. For more information, see Reports and workflows for assets.
- Reports
- You can now filter on aggregated report data.
- Downtime notifications
- Admin users are notified both before and during any outages of the platform so they can avoid contacting IBM support.
New features and enhancements in Data Security Posture Management (DSPM):
- DSPM Data Classification
- Guardium
DSPM now supports additional
country-specific Personally Identifiable Information (PII) for the following countries:
- Greece
- Portugal
- Brazil
- Spain
- DSPM API proxy
- You can now create and use Guardium Insights API Keys for orchestration and automation because Guardium DSPM is now integrated with Guardium Insights REST APIs. All API activity is audited and you can retrieve them using Guardium Insights Activity Report.
- DSPM Security
- DSPM Analyzer is upgraded to apply the latest security vulnerability fixes.
- DSPM Bug fixes
- Details of a data store that contains more than 15,000 resources, used to load slowly. This is fixed now.
2024 May
New features and enhancements in the monitoring editions (Essentials, Standard, and Premium):
- Premium Risk event categories feedback
- The risk event categorization has been enhanced and is now based on a machine learning model. With your help in providing feedback, this model can adjust itself to your organization’s needs. The machine learning model uses both positive and negative feedback to fine-tune the categorization. It uses an incremental learning algorithm that modifies the model gradually with each feedback provided so that a single case does not have a disproportionate impact. For more information on the risk event categories and feedback see, Risk event categories and Providing feedback respectively.
2024 April
New features and enhancements in the monitoring editions (Essentials, Standard, and Premium):
- Premium Asset inventory
-
- View the connected entities of an asset and their relationships with an interactive topology map.
- Six new cards are added to the Classic Guardium Insights overview dashboard to view high-level asset information.
- Along with the default list of all assets, you can also view the list of assets that are grouped by hostname.
- You can now create a category when you add auto-tagging rules for assigning tags to the assets.
- Workflows
- With Guardium Insights SaaS workflows, you can intuitively schedule jobs in simple or advanced manners, as suits your needs. When you create a workflow in Guardium Insights SaaS, you are setting up a process for scheduling jobs and then tracking the distribution, review, and completion of those jobs. You can schedule reports to run and set up workflows for those reports - or you can schedule import jobs (these require an integration for importing and exporting data, which you can set up when you create the workflow if you don't already have one).
- Universal connector
-
- Cloud databases: Support added for PostgreSQL, AWS PostgreSQL, and Aurora PostgreSQL.
- On-premises databases: Syslog support added for PostgreSQL, EnterpriseDB PostgreSQL, and Fujitsu PostgreSQL.
- Launching Guardium Insights in the European Union (EU)
- All editions of Guardium Insights SaaS (Essentials, Standard, Premium, and DSPM) are now
available in the European Union. If you have data residency obligations that require your data to be
stored in the EU, you can now take full advantage of the Guardium Insights platform without having
to deploy and manage your own infrastructure.
- Take advantage of the General Data Protection Regulation (GDPR) compliance journey in the Essentials, Standard, and Premium editions to build reports and policies for monitoring GDPR-material data.
- Use DSPM to help discover and protect shadow data lurking in cloud accounts while keeping the metadata inside the EU boundaries (all the real data stays in your accounts).
- Use DSPM to locate and highlight potential GDPR violations in the vulnerabilities view for faster remediation
Sign up for demos and trials in the same way you do today and choose
eu-central-1
as your deployment data center. Note: you can only have one subscription type at a time regardless of geography. All SaaS tenants (demo, trial, and paid) that are provisioned in the EU can be accessed from https://eu.guardium.security.ibm.com. You can switch between your EU tenants just like you do in the US region.
2024 March
- New features and enhancements in the monitoring editions (Essentials, Standard, and Premium)
-
- Backend data management
- Premium Guardium Insights SaaS now uses a new event-model based schema to make data management on Guardium Insights more suitable for larger enterprises. For more information about supported data marts and IBM® Guardium Data Protection versions, see Software prerequisites.
- Data retention
- You can now specify Data retention settings in the Guardium Insights SaaS user interface. With this setting, you can specify how long data is retained before it is removed from the system.
- Improved report performance
- Performance for the Match pattern in group and In report filters is now improved.
- Risk event categories
- Premium In this release the following changes were made
in the risk event categories:
- A new risk category, Abnormal or Unexpected Behavior was added. This category of risk event is
detected when any asset is exhibiting deviations from normal activities. It covers all the following cases:
- Massive violations
- Excessive activities
- Excessive activity on sensitive objects
- Excessive activity on vulnerable objects
- Excessive diversity of activity
- Excessive exceptions
- Excessive new activities
- The following risk event categories were renamed:
- Account takeover was renamed as Credential stealing
- Denial of service was renamed as Distributed Denial-of-Service (DDoS)
- Data leak was renamed as Data stealing
- The following cases were combined to form broader categories:
- SQL Injection-Tautology and SQL Injection- Side channel were combined to form SQL Injection category.
- SQL Injection- Denial of Service is now part of Distributed Denial-of-Service (DDoS).
- A new risk category, Abnormal or Unexpected Behavior was added. This category of risk event is
detected when any asset is exhibiting deviations from normal activities. It covers all the following cases:
- System health dashboard
- Five new cards are added to the system health dashboard. If you don't see the latest cards, you can delete your existing dashboard and create a new one. This action does not delete your data. For more information, see Dashboards.
- Universal connectors
- Syslog and Amazon S3 support added for YugabyteDB. For more information see Connecting to data sources by using the universal connector.
- DSPM New features and enhancements in Data Security Posture Management (DSPM)
-
- Data Classification
- Azure CosmosDB for NoSQL is now supported for data discovery and data classification.
- Security
- DSPM Analyzer is upgraded to apply the latest security vulnerability fixes.
- Troubleshooting and self-service
- Removing connected cloud providers and SaaS applications is now supported to provide users with a self service to control connected cloud providers.
- Vulnerabilities
- You can now filter vulnerabilities by specific compliance policies, such as, GDPR, CPRA, PCI, and HIPAA. This filtering ability can help an organization to focus and prioritize specific compliance violation remediation.
- Bug fixes
- - The Microsoft 365 quick filter in the Data Inventory page was incorrectly renamed to SharePoint. This is fixed now.
2024 February
- New features and enhancements in the Essentials, Standard, and Premium editions
-
- Edition name change
- The IBM Guardium Insights SaaS Advanced edition is renamed to Premium.
- Variants
- Variants allow users to use report data more easily by customizing reference data inside reports, as required. Customization of report data also allows for better joins to occur with custom data. For more information, see Working with variants.
2024 January
- New features and enhancements in the Essentials, Standard, and Premium editions
-
- Active queries monitor
- The active queries monitor is a new dashboard card and report that shows key information about queries. The report shows the origin of the query, the user who ran it, its name, start time, elapsed time, and status. In addition, you can use the report to view the SQL of the query and, for SELECT statements, stop the query.
- Asset inventory
- Premium Manage an inventory of data assets such as vulnerability assessment results, data classification results, business tags, and other related attributes by using a unified view. The broader view of the asset information helps you to easily view and identify the critical risks and prioritize mitigation activities. For more information, see Asset inventory.
- Enhanced dashboard filtering
- This release provides the ability to add global dashboard filters by clicking individual cells in report-type cards and selecting filter criteria. Once set, global filters are applied to all cards on the dashboard that support the criteria, allowing you to quickly identify and visualize stories in your data.
- GDPR Compliance program
- A new guided compliance program with enhanced user experience was added to help you secure your data and achieve General Data Protection Regulation (GDPR) compliance. For more information, see Compliance milestones.
- Reports
- You now have the ability to display report data for a customized time period. You can group timestamps by the hour, day, week, month, year, or a specific date.
- Slack integration
- Standard Premium The Slack integration is used to send outgoing messages from Guardium
Insights SaaS to Slack, an instant messaging platform. You can
create an app in your Slack workspace and then configure Guardium Insights SaaS with its incoming
webhook or bot user token (with the
chat:write
scope). After integration, you can use Slack to receive notifications and policy alerts. For more information, see Slack configuration. - System health dashboard
- The new system health dashboard displays health metrics such as the tenant's utilization of the allocated space for warehouse storage. Use this dashboard to analyze warehouse storage trends. For more information, see Dashboards.
- Bug fixes
- This release includes over 200 security fixes, performance improvements, and UX enhancements.
- DSPM New features and enhancements in Data Security Posture Management (DSPM)
-
- Data Classification
- - Added support for the classification of new file types in all the cloud storage buckets. The file types supported are configuration files, scripts, private keys and other file types.
- Security
- - DSPM Analyzer is upgraded to apply the latest security vulnerability fixes.
- Troubleshooting and self-service
- - You can now get details about a data store that identifies missing permissions required to classify your sensitive data. This identification helps in faster streamlining and troubleshooting for data store classifications. Additionally, actionable items to expand the monitoring coverage of your discovered data is provided.
- Using DSPM
- - The Third parties page enables you to identify the third-party vendors that have access to your data in the cloud environment. You can also view the third-party vendors conform (publicly announced on their website) and you will get an alert when a third-party vendor has access to sensitive data that it is not certified to handle.
- Vulnerabilities
- - Added to the list of vulnerabilities that can be detected by Guardium DSPM for an enhanced support to compliance-related vulnerabilities. These newly added vulnerabilities provide additional information regarding supported compliance frameworks, such as General Data Protection Regulation (GDPR), California Privacy Rights Act (CPRA), Payment Card Industry Security Standards (PCI), and Health Insurance Portability and Accountability Act (HIPAA) . This allows Government Regulation Compliance (GRC) engineers to prioritize compliance violations remediation based on their sensitive data.
- Bug fixes
- - Account name filter in the Data inventory page and Vulnerabilities page used to show the account number instead of the name. This is fixed now.
2023 November
- DSPM Data Security Posture Management (DSPM)
-
- Through Data Security Posture Management (DSPM) as part of IBM Guardium
Insights SaaS you can now discover, analyze, and recommend protection and compliance for your cloud
data. For more information about IBM
Guardium DSPM, see
IBM Guardium DSPM.
- IBM Guardium DSPM assists you to understand who or what has access to your sensitive data across all your cloud accounts. Additionally, you can also monitor the actual accesses and flows of data when logs are enabled.
- Discovering sensitive data in the cloud environments and SaaS applications is easy with IBM Guardium DSPM.
- You can use IBM Guardium DSPM to get security and compliance insights that can recommend you to enhance the protection and compliance of your sensitive data with respect to the different regulations.
- Through Data Security Posture Management (DSPM) as part of IBM Guardium
Insights SaaS you can now discover, analyze, and recommend protection and compliance for your cloud
data. For more information about IBM
Guardium DSPM, see
IBM Guardium DSPM.
2023 September
- Improved report performance
- Improve report performance by enabling table join optimization in your report settings.
2023 July
- Bug fixes
-
- The Snowflake plug-in now works as expected when it is hosted on Google Cloud environment.
- It was possible for data loss to occur when you use some CloudWatch plug-ins. This is now fixed.
- Improved file upload performance by two times for data marts coming from Guardium Data Protection.
2023 May
- Flexible subscription option with three editions - Essentials, Standard, and Premium
- - Essentials The Essentials edition of IBM Guardium Insights SaaS offers a guided compliance program to organizations that need a simplified answer to prove California Consumer Privacy Act (CCPA) compliance.
- Subscription management
- Manage your subscriptions and instances easily with the IBM SaaS Console.
- Demos and trials
- - A three-day demo subscription comes with a set of preloaded sample data that gives you the ability to test drive IBM Guardium Insights SaaS without adding connections to your data sources, event streams, or native activity logs.
- Dynamic dashboards
- Depending on the edition that you are using, IBM Guardium Insights SaaS provides a mix of dynamic dashboard options and customizable templates to help you track, analyze, and act on the collected data.
- Framework to add more compliance regulations
- The first release of IBM Guardium Insights SaaS helps you to achieve California Consumer Privacy Act (CCPA) compliance. It also includes the framework that is positioned to easily add more compliance regulations (like GDPR) at a rapid pace in upcoming releases.
- Guided compliance program
- An enhanced user interface design with easy-to-follow-prompts helps you to create a CCPA data compliance program quickly and efficiently. After you answer a few questions and provide a small amount of information, IBM Guardium Insights SaaS automatically installs policies, populates groups, creates reports, and generates dashboards on your behalf. You can schedule automatic report delivery and assign reviewers to create an audit trail and adhere to compliance regulations.
- Integrations
- - Integrations such as ticketing, sending alerts, importing and exporting data, and data enrichment are now improved with the enforcement of certificate use. All integrations must now support SSL certificates.
- LDAP connection
- Standard Premium Use an LDAP connection to import users into the IBM Guardium Insights SaaS group builder.
- Outlier detection
- Premium IBM Guardium Insights SaaS offers enhancements that improve the stability and performance of outlier detection.
- Reports
-
IBM Guardium Insights SaaS offers over 30 different reports that can be viewed online or scheduled and distributed through various methods. Depending on the edition that you are using, you can also customize reports.
Many reports that are used for compliance are expected to be in an immutable format. IBM Guardium Insights SaaS allows reports to be exported to PDFs.
- REST APIs
- The shift from Swagger to readme.io for API exposure provides easier usage of the APIs in multiple languages.
- Risk Events
- Premium Risk Events offers wider functions, such as more Risk Event categories, a new follow-up option in the respond and tune window, and more customization options.
- Support for many popular data sources
- Collect activity logs from data sources into IBM Guardium Insights SaaS by using various cloud-native methods, including Amazon Kinesis, Amazon CloudWatch, Amazon Simple Queue Service (SQS), Azure Event Hubs, Filebeat, and many more. For more information, see https://ibm.github.io/guardium-supported-datasources/.
- Universal connector
- The Universal connector plug-ins are preinstalled in the IBM Guardium Insights SaaS environment and are automatically updated as new versions are released. In addition to newly supported plug-ins, the universal connector is compatible with the mutual TLS (mTLS) protocol.
- User management
- IBM Guardium Insights SaaS uses IBMid to authenticate users. Any user with the 'admin' role can invite users to IBM Guardium Insights SaaS. If the new user already has an IBMid, they can immediately sign in to IBM Guardium Insights SaaS. New users who do not have an IBMid can create one at https://ibm.biz/new-gi-user before they sign in. All invited users become active after they log on to IBM Guardium Insights SaaS for the first time.