IBM Security Guardium Insights for IBM Cloud Pak for Security is a modern data security hub built for the changing data landscape. Adapt and scale security with a growing cloud environment through modernized architecture, centralize data security visibility by supporting all major data sources and integrating with critical security tools, reduce time to compliance with automated workflows and custom reporting, and understand risky behaviors and anomalies spanning disparate data sources through advanced analytics.
Guardium Insights agentlessly monitors and analyzes data across cloud environments and, by merit of its Red Hat OpenShift and containerized architecture, can flexibly deploy wherever and however your organization needs. This helps the enterprise stay protected by centralizing data security visibility, better understanding data security threats with contextual analytic insights, and expanding effortlessly into the cloud.
Deploy Guardium Insights on its own to support cloud databases from Azure to AWS to Google Cloud, or pair with IBM Security Guardium Data Protection to deliver support for the end-to-end data security lifecycle—with discovery, classification, agent and agentless data activity monitoring, data protection, threat and vulnerability identification, and response across cloud and on-premises data sources. Regardless of an organization’s size or industry, Guardium Insights can act as a lightweight-but-comprehensive monitoring and compliance hub or as a key data threat analytic engine and bridge to the growing hybrid multicloud in larger Guardium deployments.
On June 28th, 2021, version 3.0 of Guardium Insights will be generally available. With this release, Guardium Insights expands its already-robust set of capabilities by integrating with IBM Security Verify Privilege for privileged access management (PAM) to identify risky privileged users in support of zero trust principles; granular compliance policy and audit process management tools to streamline compliance; support for the open-source Guardium Universal Connector framework to allow customers, partners, and other developers to create their own streaming connections to any data source and ensure that the entire data environment can be monitored; as well as deliver:
- New report type and report visualization
- Visualize reporting data with bar and line graphs to see trends over time
- Ability to report on classification data marts ingested from Guardium Data Protection
- Guardium Health Dashboards
- Detailed health information on Central Managers, Aggregators, Collectors, and S-TAP agents—including versions, inspection engines, operating systems, and traffic
- Centralized visibility across connected Guardium Data Protection Central Managers
- Support for native Red Hat® OpenShift® 4.6
- Extended update support (EUS)
- Support for 3-node clusters
PAM gives a new layer to data threat remediation. Guardium Insights can query IBM Verify Privilege to enrich risk insights. Now, when a privileged account engages in suspicious activity, Guardium Insights can identify the user behind the privileged credentials. This additional context helps ensure the security posture of all users within an organization can be continuously monitored. This ultimately leads to a more unified security team and better access management decisions, in line with the goals of the zero trust framework.
With the growing list of worldwide compliance regulations, increased consumer demand for strong data security controls, and data governance typically being a hot potato across teams in many organizations, having a way to not only achieve but automate compliance is paramount. Guardium Insights introduces granular compliance policy and audit lifecycle management, delivering processes, workflows, and rules that allow data security teams to define not only what and how data is collected—but the process in which that data is audited. By ensuring that the right data is being assessed, and the right controls are in place, administrators and data security specialists can gain a complete compliance picture specific to their organization.
To maintain that complete compliance picture, data security visibility across disparate data sources must be centralized. The Universal Connector helps to accomplish this. While Guardium Insights can natively connect to Azure, AWS, and other popular cloud data sources, the Universal Connector gives an open-source tool to Guardium customers, partners, and anyone else with a developer mindset. Easily create new Connectors for any cloud source to stream data directly from databases such as Snowflake and further unify data security.
All of this, though, only scratches the surface of Guardium Insights. From advanced predictive analytics and outlier detection to surface anomalous activity to integration with IBM Cloud Pak for Security, SIEM and ticketing platforms, and other critical security and IT tools, Guardium Insights is a data security hub for the modern data environment.
To learn more about Guardium Insights, the version 3.0 release, and to access the Universal Connector GitHub, check out these resources below: