How IBM Guardium Vulnerability Assessment works

Automate vulnerability scanning and configuration

Scan the entire data source infrastructure for vulnerabilities. Provide platform-specific static tests that detect insecure configurations for the specific database being assessed.

Map predefined tests for best practice standards

Utilize preconfigured vulnerability tests, encompassing Center for Internet Security (CIS) and Security Technical Implementation Guide (STIG) best practices, updated regularly through the IBM Guardium Knowledge Base service. Provides support for SCAP and the ability to export in SCAP format. Does not rely on intrusive exploits or tests that can impact system availability, and provides external reference information such as common vulnerabilities and exposures (CVE) identifiers.

Uncover behavioral vulnerabilities

Conduct dynamic tests that uncover behavioral vulnerabilities such as account sharing, excessive login failures and unusual after-hours activity.

Provide a scalable platform

Support leading database platforms and all major operating systems, including big data environments. Provide a scalable platform to help protect and secure customer data repositories and manage compliance with the latest security regulations.

Report and take action

Evaluate and document your database security to help you assess, escalate and remediate risks. Produce detailed reports and supporting data. Provide a summary security evaluation, which includes weighted metrics and recommended remedial action plans to strengthen security. Automatically schedule assessments and manage report distribution, sign-offs and escalations.

Demo - IBM Security Guardium Vulnerability Assessment V10

Watch the video

How customers use it

  • Automatically scan for risk to sensitive data

    Automatically scan for risk to sensitive data


    Changes in accounts, configurations, and patches occur regularly, meaning security gaps can arise out of thin air. Manual processes to check vulnerabilities are tedious and time consuming for security operations and can be risky and error-prone.


    This solution automatically scans for known weaknesses related to configuration, user privileges, authentication, authorization, patches and more, based on the latest security standards, to provide your team with visibility into its risk posture.

  • Vulnerability reporting and remediation

    Vulnerability reporting and remediation


    Threats to sensitive data are everywhere, and your team needs a scalable way to address known gaps across a breadth of data sources in order to enforce security best practices.


    IBM Security Guardium Vulnerability Assessment hardens your environment by providing detailed drilldown reports for more than 2,000 exposure tests and provides a simple and actionable remediation plan for failures.

Technical details

Software requirements

Software requirements for IBM Guardium Vulnerability Assessment can be viewed at:

    Hardware requirements

    Hardware requirements for IBM Guardium Vulnerability Assessment can be viewed at: