Guardium/Data Protection/Encryption

How Guardium is Adapting to the Wisdom of the Crowd

By Calvin Bench posted Mon October 08, 2018 03:38 PM


Two years ago, most people had never even heard of ransomware, but since then it’s been the fastest growing form of malware striking everything from hospitals to city governments.

Because ransomware encrypts data, it’s of particular concern to Guardium customers, who use our software to monitor and protect data. We could have built our own ransomware detection and defense capabilities into the platform, but it turned out that our colleagues at the IBM Cybersecurity Center of Excellence in Israel had already done much of the work. They were able to take advantage of the application program interfaces (APIs) built in to Guardium to quickly adapt their solution as an application plug-in (registration required) for Guardium that detects ransomware files on monitored database servers.

This means that instead of waiting for a new version release of Guardium, customers can get state-of-the-art ransomware protection immediately by going to the Guardium section of the IBM X-Force App Exchange, clicking a download button, and configuring. Among the other extensions they’ll find there are Information Insights Access Mapper, a graphical tool that helps visualize relationships in audit data, as well as an enhanced report viewer developed by Leadcomm that adds all kinds of useful features to the Guardium console. There are a dozen such applications in the Guardiam section of the App Exchange, and the library is growing quickly.

Launched in late 2015, the IBM X-Force App Exchange bring the app store concept that is so popular on mobile devices to our portfolio of security products. The model is a perfect fit for our customers. Developers of security software face challenges that are unique to their domain. The landscape changes so quickly that it’s impossible to keep up with the constant stream of new threats. At Guardium, the task is made more difficult by the fact that our product monitors database platforms, which have proliferated massively with the popularity of big data. A few years ago, the database landscape was limited to a few major relational platforms, but today there is a wide range of options, including multiple flavors of NoSQL, online analytics processing, graph and data warehouses, both on-premises and in the cloud.

To add to the complexity, Guardium monitors for compliance with regulations, which are also proliferating. Taken together, these factors literally multiply exponentially the complexity of providing consistent protection across all possible combinations of platforms.

The solution lies in the wisdom of the community. That’s why four years ago we began opening up Guardium through selective exposure of RESTful APIs, which are a highly efficient, flexible and secure way to make services accessible for a limited range of functions by external services. Using APIs, developers can do such things as access the report writer to modify field options, integrate visualization engines with Guardium reports and add new data sources. With the debut of Guardium 10.5 last spring, we introduced an ecosystem that extends and enhances customer deployment via the App Exchange. 

In the same way that app stores have vastly expanded the utility of smart phones, the App Exchange gives both IBM developers and our partners a way to add value to the Guardium platform. Anyone can submit an app to the exchange for evaluation by our team. Those that meet our standards for security and integration will be published, giving the developer access to new markets and revenue sources and customers a way to continually expand Guardium’s value with the assurance of smooth integration with their existing environments.

Developers who are interested in participating in the App Exchange can download the Guardium software development kit to get detailed instructions, sample apps and templates. The Guardium App Development portal has lots of additional resources, such as how to videos and instructions for submitting to the App Exchange.

It’s often been said that the wisdom of crowds is the most effective way to combat growing security threats. We believe that’s true. The App Exchange is our way of making Guardium the foundation of a community that continually adapts the platform to an ever-shifting landscape.