IBM Security Guardium provides a comprehensive approach to discover, classify, protect and manage critical data assets. From automating compliance to preventing data leaks in heterogeneous environments from databases, files, cloud, big data platforms, and more, Guardium can protect sensitive data. It continuously monitors all data access operations in real time to detect unauthorized actions, based on detailed contextual information—the “who, what, where, when and how” of each data access. Guardium reacts immediately to help prevent unauthorized or suspicious activities by privileged insiders and potential hackers.
Guardium discovers sensitive data using pre-built patterns for compliance and privacy regulations such as PCI, PII, GDPR, HIPAA and CCPA and proactively discovers risks and data assets before they get exploited.
Guardium has 2000+ pre-built security assessments prevalent in industry verticals for more than 15 different database types to detect vulnerabilities, misconfigurations, weak password and authentication policies, and missing patches. Users also have the flexibility to define and configure their own industry and application categories.
Guardium provides distributed yet centralized infrastructure across on-premise, cloud-native and cloud-enables database services. Its agent-based and agent-less architectures allows to monitor databases that are consumed in 'as-a-service' models that are fully managed and/or are deployed within container-based technoligies.