IBM Security Guardium

Understand and Respond: IBM Security Guardium Insights for Cloud Pak for Security v2.5

By RYAN SCHWARTZ posted Wed December 02, 2020 12:26 PM


IBM Security Guardium for IBM Cloud Pak for Security provides a data security hub to centralize, analyze, prioritize, and respond to data security events—from actioning key insights to investigating anomalous activity.

On December 7th, 2020, version 2.5 of Guardium Insights will be generally available. This release aims to streamline incident response through integration with Cloud Pak for Security Case Management and Security Orchestration, Automation and Response (SOAR), as well as deliver:

  • Improved reporting capabilities:
    • Storing of vulnerability assessment
    • New advanced report features help build custom reports from scratch
    • Deeper filtering and refinement of reports via advanced operators and aggregation
    • Scheduled report delivery and distribution through the new Scheduled Reports feature
  • Support for native Red Hat® OpenShift® Storage to improve performance
  • Support within connection configuration to enable and disable data mart exports on specific collectors
  • Improved flexibility for managing groups:
    • Create, edit, copy, and delete groups
    • Create, edit, and delete specific group members
    • Populate groups by importing from a comma-separated value (CSV)
  • New, streamlined process to help reduce deployment times
  • REST API to provide a consolidated health view across Guardium Data Protection environments
  • Additional REST APIs for retrieving asset and risk information from Guardium Insights
  • Red Hat OpenShift 4.3 support and optimizations to operate on the Red Hat OpenShift Container Platform included with Guardium Insights for Cloud Pak for Security

By integrating with Cloud Pak for Security Cases and SOAR for case management, data security teams can map cases and tickets within Guardium Insights to Cloud Pak for Security, easily sharing data with the security operations center (SOC) for cross-functional visibility and collaborative response—avoiding disjointed investigation efforts across siloed teams. Additionally, the improved reporting ensures clients can customize their data security point of view, aligning closely to the security goals of their organization.

Beyond the Cases integration delivered in this new release, Guardium Insights is already a key component of Cloud Pak for Security. With its hybrid multi-cloud architecture, Guardium Insights facilitates flexible deployment and open integrations with any databases as well as ticketing, security information and event management (SIEM), and other related IT and security tools.

Guardium Insights also comes equipped with outlier and predictive analytics—built with the expertise of the IBM Watson and IBM Research teams—to help users quickly identify and understand the details surrounding specific data security risks and anomalies.

To learn more about Guardium Insights and the version 2.5 release, see these resources below:

Guardium Insights for Cloud Pak for Security product page

Guardium Insights interactive demo

Guardium Insights v2.5 Announcement

Guardium Insights Knowledge Center

Guardium Insights Data Sheet