IBM Security Guardium provides a comprehensive approach to discover, classify, protect and manage critical data assets. From automating compliance to preventing data leaks in heterogeneous environments from databases, files, cloud, big data platforms, and more, Guardium can protect sensitive data. The solution continuously monitors all data access operations in real time to detect unauthorized actions, based on detailed contextual information—the “who, what, where, when and how” of each data access. Guardium reacts immediately to help prevent unauthorized or suspicious activities by privileged insiders and potential hackers.
Guardium discovers sensitive data using pre-built patterns for compliance and privacy regulations such as PCI, PII, GDPR, HIPAA and CCPA and proactively discovers risks and data assets before they get exploited. Compliance Health Monitor Dashboard allows to track the progress of compliance monitoring. Besides trend analysis on the monitored assets, the dashboard also provides aggregated actionable insights on top compliance use cases.
Guardium has 2000+ pre-built security assessments for more than 15 different database types to detect vulnerabilities, misconfigurations, weak password and authentication policies, and missing patches. Guardium offers an ability to map applications to database servers for application-centric visibility into data risks. Guardium is pre-configured with application categories prevalent in industry verticals. Users also have the flexibility to define and configure their own industry and application categories.
Guardium provides distributed yet centralized infrastructure across on-premise, cloud-native and cloud-enables database services. Its agent-based and agent-less architectures allows to monitor databases that are consumed in 'as-a-service' models that are fully managed by the service provider and/or are deployed within container-based technoligies.