IBM Security Guardium data mapping

The IBM® Security Guardium® Connected Assets and Risk connector incrementally synchronizes the contents of the IBM Security Guardium asset databases with the data that is managed by the Connected Assets and Risk service.

The following table shows the Connected Assets and Risk connector to Guardium data mapping.

Table 1. Guardium data mapping
CAR vertex CAR field Guardium field
Database name Database name or service name
  type Database type
  protocol database protocol
  port port
  datasource_name a concatenation of Database_type, IP, and port
vulnerability name VA test name
  description VA test description
  published_on date/time of the VA scan
  datasource name the datasource used by VA scan
  version_level the version of the database
  results_text text describing the vulnerability
  recommendation recommended actions of remediate the vulnerability
  severity severity of the vulnerability
  category category of the vulnerability
  assessment_description VA scan description
  result_details more specific information
User user_name DBUser
account name DBUser

The Connected Assets and Risk connector edge to Guardium data mapping is outlined in the following table.

Table 2. Guardium data mapping for CAR edges
CAR Edge Description
database_ipaddress An edge between a database and an ipaddress.
tag The connector creates 4 tags: GDPR, PCI, CCPA, and SENSITIVE.
tag_edge An edge linking tag to a database.
database_vulnerability An edge between a vulnerability and the database it was detected on.
user_account An edge between user and account.
account_ipaddress An edge between account and ipaddress - this edge contains attributes of Risk spotter findings regarding users' risk score.