IBM Security Guardium data mapping
The IBM® Security Guardium® Connected Assets and Risk connector incrementally synchronizes the contents of the IBM Security Guardium asset databases with the data that is managed by the Connected Assets and Risk service.
The following table shows the Connected Assets and Risk connector to Guardium data mapping.
CAR vertex | CAR field | Guardium field |
---|---|---|
Database | name | Database name or service name |
type | Database type | |
protocol | database protocol | |
port | port | |
datasource_name | a concatenation of Database_type, IP, and port | |
vulnerability | name | VA test name |
description | VA test description | |
published_on | date/time of the VA scan | |
datasource name | the datasource used by VA scan | |
version_level | the version of the database | |
results_text | text describing the vulnerability | |
recommendation | recommended actions of remediate the vulnerability | |
severity | severity of the vulnerability | |
category | category of the vulnerability | |
assessment_description | VA scan description | |
result_details | more specific information | |
User | user_name | DBUser |
account | name | DBUser |
total_risk_score | ||
threat_analytics_score | ||
violations_score | ||
vulnerability_score | ||
sensitive_objects_score | ||
select_queries_score | ||
ddl_queries_score | ||
dml_queries_score | ||
administrative_queries_score | ||
high_volume_activity_score | ||
off_work_activity_score | ||
group_state_description |
The Connected Assets and Risk connector edge to Guardium data mapping is outlined in the following table.
CAR Edge | Description |
---|---|
database_ipaddress | An edge between a database and an ipaddress. |
tag | The connector creates 4 tags: GDPR, PCI, CCPA, and SENSITIVE. |
tag_edge | An edge linking tag to a database. |
database_vulnerability | An edge between a vulnerability and the database it was detected on. |
user_account | An edge between user and account. |
account_ipaddress | An edge between account and ipaddress - this edge contains attributes of Risk spotter findings regarding users' risk score. |