IBM Security Guardium

 View Only

Analyze This! IBM Security Guardium Insights 3.0 is Now Available

By RYAN SCHWARTZ posted Mon June 28, 2021 09:06 PM


The time has arrived!

Back in May, in the middle of IBM Think 2021, we announced the planned release of Guardium Insights version 3.0.

Well, it is now generally available.

This new version brings with it a wealth of new capabilities that make up the bedrock of modern data security.

As the hybrid multicloud expands, you may be asking: 
- "How do I secure the growing volumes of sensitive data?" 
- "How do I achieve compliance, not only to satisfy regulators, but to satisfy customers and preserve data privacy?" 
- "How do I adapt my data security program to changing cloud deployments and to the addition of new data sources?"

Guardium Insights continues to strive to be the answer to these questions and others. By centralizing data security visibility across Guardium Data Protection agents—and being able to stream directly from Amazon Web Services (AWS) Kinesis, Azure Event Hubs, and other sources—Guardium Insights can unify data monitoring across a fragmented hybrid multicloud environment. 

With new out-of-the-box and custom granular compliance policy and audit lifecycle management workflows, you can quickly define what data should be monitored, how it is monitored, what happens when anomalies occur, and streamline the audit process. 

And by merit of its Red Hat OpenShift and containerized architecture, Guardium Insights can flexibly deploy wherever and however your organization needs to help ensure your data security controls remain compatible and scalable with your data landscape - allowing your organization to grow without fear.

Prior to this release, Guardium Insights was typically deployed in conjunction with Guardium Data Protection or IBM Cloud Pak for Security. While there is still significant value in this dual deployment (whether by enhancing Guardium Data Protection risk analysis or enriching IBM Cloud Pak for Security case management and threat orchestration with contextual data security insights) Guardium Insights 3.0 delivers new capabilities that allow it, for many use cases, to operate independently.

Beyond the previously mentioned granular compliance policies and audit workflows, Guardium Insights 3.0 expands its already robust set of capabilities by integrating with IBM Security Verify Privilege for privileged access management (PAM) to identify risky privileged users in support of zero trust principles.


PAM gives a new layer to data threat remediation. Guardium Insights can query IBM Verify Privilege to enrich risk insights. Now, when a privileged account engages in suspicious activity, Guardium Insights can identify the user behind the privileged credentials. This additional context helps ensure the security posture of all users within an organization can be continuously monitored, ultimately leading to a more unified security team and better access management decisions, in line with the goals of the zero trust framework.

Additionally, Guardium Insights supports the open-source Guardium Universal Connector framework to allow customers, partners, and other developers to create their own streaming connections to any data source and ensure that the entire data environment can be monitored.

For complete data security, visibility across disparate data sources must be centralized. The Universal Connector helps to accomplish this. While Guardium Insights can natively connect to Azure, AWS, and other popular cloud data sources, the Universal Connector gives an open-source tool to Guardium customers, partners, and anyone else with a developer mindset. Easily create new Connectors for any cloud source to stream data directly from databases such as Snowflake and further unify data security.


Additional new capabilities include:

  • New report type and report visualization 
    • Visualize reporting data with bar and line graphs to see trends over time
    • Ability to report on classification data marts ingested from Guardium Data Protection
  • Guardium Health Dashboards
    • Detailed health information on Central Managers, Aggregators, Collectors, and S-TAP agents—including versions, inspection engines, operating systems, and traffic
    • Centralized visibility across connected Guardium Data Protection Central Managers
  • Support for native Red Hat® OpenShift® 4.6
    • Extended update support (EUS)
    • Support for 3-node clusters 


All of this only scratches the surface of Guardium Insights. From advanced predictive analytics and outlier detection to surface anomalous activity, to integration with IBM Cloud Pak for Security, SIEM, ticketing platforms, and other critical security and IT tools, Guardium Insights is a data security hub for the modern data environment.

To learn more about Guardium Insights, the version 3.0 release, and to access the Universal Connector GitHub, check out these resources below: