With the Universal Connector, organizations can collect and normalize activity data from across their enterprise agentlessly. Data can then be utilized by consuming applications to perform a variety of security use cases. For instance, activity and audit log data can be centralized across disparate databases, giving a holistic, risk-centric understanding of your organization's data security posture. Once centralized, this data can be analyzed to identify and understand historical trends in user behavior, ultimately leading to the detection of anomalous activity.
Beyond the immediate use case for Guardium users, building these Connectors has the benefit of enriching and expanding the usefulness of Guardium for organizations using it across all industries. Each new Connector is another data source that can be connected and protected by Guardium, further centralizing expanding hybrid multicloud environments. This boosts the efficacy of data security in all sectors, creating an open-source pathway to better data security hygiene and defense against threats.
How does it work?
Universal Connectors consist of a series of three plugins within a Logstash pipeline: https://www.elastic.co/guide/en/logstash/current/pipeline.html] that ingest, process, and output events in a normalized, common format:
1) Input Plugin: Settings to pull events from APIs or receive push of events.
2) Filter Plugin: Parses, filters, and modifies events into a common format.
3) Output Plugin: Sends normalized events to locations to be consumed by security applications.
Universal Connectors are packaged and deployed in a Docker container environment.
It doesn’t matter who you are, if you are an IBMer, customer, partner or whether you are even currently using IBM Security Guardium for data security at all (and if not, let’s talk!); if you interested in building a Connector or want to View the Universal Connectors Library, go to this IBM GitHub page to learn more.
And register today for the Universal Connector Tech Day on September 30th.
And to learn more about the IBM Security Guardium or how IBM approaches data security and data privacy, go to the links below: