General Page
The following page provides details about the current security events supported by the Cyber Vault Response Policy (CVRP). Support for additional events can be provided.
PowerSC
The following PowerSC security events are currently supported by the CVRP:
| # | Name | RESPONSE Action | Comments |
|---|---|---|---|
| 1 | Compliance Violation | Invoke Full Workflow | PowerSC detects a compliance policy violation on an endpoint |
| 2 | Brute Force Attack | Invoke Full Workflow | Multiple bas password attempt over a specified time duration |
| 3 | GUI Agent Connection Loss | Invoke Full Workflow | A GUI Agent on an endpoint is no longer detected |
| 4 | Real Time Compliance: Content Changed | Depends on file experiencing the event | Real time detection of the content of a file being changed |
| 5 | Real Time Compliance: Access Changed | Depends on file experiencing the event | Real time detection of the access of a file being changed |
| 6 | Real Time Compliance: Directory Access Changed | Depends on directory experiencing the event | Real time detection of the access of a directory being changed |
Storage Insights Pro
The following Storage Insights Pro security events are currently supported by the CVRP:
| # | Name | RESPONSE Action | Comments |
|---|---|---|---|
| 1 | All Detections | Invoke Full Workflow | Storage Insights via FCM4 reports a malware event |
| 2 | Encryption Detection | Invoke Full Workflow | Storage Insights via FCM4 reports an encryption event |
IBM Zero Trust Execution for AIX (ZTEA)
The following ZTEA security events are currently supported by the CVRP:
| # | Name | RESPONSE Action | Comments |
|---|---|---|---|
| 1 | Malware Execution | Invoke Full Workflow | In real time, ZTEA detects malware execution on endpoint |
| 2 | Executable Deletion | Invoke Full Workflow | In real time, ZTEA detects a file that was deleted after being executed |
| 3 | Unknown Executable | Invoke Full Workflow | In real time, ZTEA detects execution of an executable that is "unknown", according to ZTEA hash cross-referencing, on an endpoint |
| 4 | TSD Compromise | Invoke Full Workflow | ZTEA detects malware executable registered in the AIX Trusted Execution database |
[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"HW1A1","label":"IBM Power Systems"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":""}]
Was this topic helpful?
Document Information
Modified date:
22 March 2026
UID
ibm17250753