Feature spotlights

Monitor the hybrid cloud environment

By centralizing the data within Guardium Data Protection's connected structured and unstructured data environments — as well as DBaaS sources — data security management is streamlined, from monitoring and reporting to protecting and responding to issues, both on-premises and in the cloud.

Centralizing data security and auditing

A central console for viewing all data security and audit data across on-premise and cloud sources means greater agility. Guardium Insights allows you to uncover hidden threats with real-time activity monitoring, as well as quickly generate comprehensive security and compliance reports.

Retain and investigate data long-term

Eliminate the need for collectors and aggregators, which only give short term storage solutions. Store, deliver access, and apply advanced analytics to years of data security and compliance data to satisfy regulatory requirements, detect threats and anomalous user behavior, and take immediate action.

Flexibility to deploy anywhere

With DB2 Warehouse and BigSQL as part of its architecture, Guardium Insights and Cloud Pak for Security modernize data security with a hybrid, multicloud approach. Running on RedHat OpenShift open source containers, the power to deploy is in your hands, whether on-premises or in a public or private cloud.

Wield advanced user behavior and threat analytics

Leverage machine learning to train Guardium Insights' advanced analytics engine to recognize normal operations — and identify suspicious behavior, fraud, threats, and other anomalous activity related to all databases, tables, and users.

Dig deep with a dynamic console and risk dashboards

Whether you need a high-level view or want to drill down and investigate data security risks and anomalies, Guardium Insights' dynamic console and proprietary risk engine help data security teams get granular, prioritize, and respond to issues quickly and efficiently.

Promote a satisfying UX with self-service reporting

Give the security professionals in your organization the ability to customize and prioritize the information they find most pertinent with self-service, on-demand reporting capabilities.

Learn more about Cloud Pak for Security, connected security for a modernized SOC

Learn more about Cloud Pak for Security, connected security for a modernized SOC Read the market guide (PDF, 676 KB)

Common use cases

  • Centralize data security visibility


    In a hybrid multi-cloud environment, data multiplies at an exponential rate as new public and private cloud or on-premises databases are added to aide in business expansion or continued digital transformation. There needs to be a way to centralize visibility across the entire data estate.


    Guardium Insights can connect to Guardium Data Protection, AWS Kinesis, or Microsoft Azure to centralize structured and unstructured data across the hybrid cloud. In this video, learn how easy it is to connect—in this case to Guardium Data Protection—to achieve greater data visibility. This, in turn, helps deliver deeper insights, detect threats, and identify user behavioral patterns.

  • Build reports out-of-the-box


    In the case of an audit, breach, risk analysis, or other high-priority event, information must be compiled quickly and refreshed in near real-time. Many times, data security reports can take hours, due to technological limitations or data security data not being centralized within one platform.


    In this video, watch how easy it is to generate a self-service, out-of-the-box report in Guardium Insights—turning a task that can elsewhere take hours, into one that can be done in a matter of seconds. These templates are based on common reports organizations must run to notify stakeholders of changes, assist in achieving regulatory compliance, or maintain good data security hygiene.

  • Generate fully custom advanced reports


    Every organization is different and often times data security teams cannot solely rely on out-of-the-box reporting templates. Many times custom reports can take hours due to the significant amount of work that administrators must do to build out custom parameters, let alone run the report and schedule its distribution.


    This, too, can be accomplished quickly in Guardium Insights, taking only minutes to define custom parameters and filters. In this video, use the below timestamps to explore each step in the creation of a from-scratch report.

    0:00 - 1:42 – Name, tag, and set report range
    1:43 - 3:18 – Adjust report parameters
    3:19 - 5:51 – Advanced filters by users and groups
    5:52 - 8:01 – Create a new report from scratch

  • Give visibility across the SOC into data security issues


    Data security should be everyone’s business. With the cost of a data breach continuing to rise, siloes hindering security visibility across disparate teams, and an expanding threat landscape as hybrid cloud environments grow, it’s become imperative—yet difficult—to share data between data security teams and the greater security organization to help support a collaborative response to threats.


    A key function of Guardium Insights is its ability to integrate with IBM Cloud Pak for Security cases. Through this integration, a ticket created in Guardium Insights—i.e. a for large, unexpected data extraction by a user that does not typically access the involved database—can be mapped to Cloud Pak for Security and opened as a case within the platform, giving greater visibility to security analysts in the SOC. This helps boost collaboration by supporting cross-functional investigation and incident response. In this video, see how this integration is configured and tickets are shared.

  • Combat tool sprawl through integration


    Most organizations have disparate ticketing platforms and other relevant IT and security systems involved in data security operations, but struggle to find a way for them to work together more efficiently as they do not currently integrate well with one another.


    In a digitally transformative organization, there is surely an abundance of security point solutions. In this video, learn how Guardium Insights leverages REST APIs to share data security information with other security and data applications, helping to connect disparate tools and helping build a more cohesive data security strategy.

  • Integrating with common, critical security platforms


    Outside of general integrations, there are mission critical security platforms that data security tools must communicate with, such as Splunk. This must be done quickly and easily to ensure data security data is properly shared.


    Certainly, one important aspect of Guardium Insights is its ability to integrate with the rest of the Security portfolio—from the IBM Cloud Pak for Security SOC to the IBM Security Qradar SIEM. But there are other tools in our customers’ security stack, and one that is often used in the quest for greater data security control is Splunk. In this video, watch how Guardium Insights can quickly integrate with Splunk to share critical data security event data.