Catalog Navigator

This course covers why Vulnerability Assessment is critical, what it is, how Guardium addresses it, and discusses and demonstrates using Guardium Vulnerability Assessment.

This course demonstrates how to use Guardium Vulnerability Assessment to locate various security risks in your environment.

Louis Lam, IBM Security Guardium Database Security Content Manager, provides a detailed overview of Guardium v10 Vulnerability Assessment for DB2 for z/OS including FAQs, remediation strategy and more. He then does a step by step demo on configuring and running the solution. 

Dan Goodes presents a high level demonstration of the sensitive data discovery process in IBM Security Guardium V10.

This video provides a short demonstration of Guardium Vulnerability Assessment v10. 

You can configure IBM Security Guardium to discover databases that are created on both Windows and UNIX systems. In many cases, you might want Guardium to create and run inspection engines on all newly discovered databases. However, there are scenarios in which you want to control when and how Guardium creates new inspection engines. In these cases, Database Discovered Instances Rules, which is available in Guardium 11.2, provides a way to manage inspection engine creation. You can configure Discovered Instances Rules from a central manager in a managed environment or on a stand-alone system.

In this lab, you use the Database Discovered Instance Rules to specify how to manage inspection engines for discovered databases.

This type of configuration requires Guardium 11.2 or higher.

This video presents a deep dive with a Use Case and supporting screen shots showing how to use the functionality of Smart Assistant.  

This Tech Talk focuses on one of the many key features of Guardium 11, integration with CyberArk for managing user names and passwords, as well as, enhancements for managing data sources and groups. 

Learn how IBM Security Guardium supports IBM's approach to data-centric audit and protection.

The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this lab, you learn how to configure and run a database vulnerability assessment.

This lab environment reflects Guardium 10.5.

Franklin Almonte

The Guardium 11 Vulnerability Assessment (VA) has many new features, including test exceptions, test detail exceptions, security assessment using datasource group, CyberArk integration, DataStax Cassandra, as well as support for the new release of MongoDB 4.0, PostgreSQLv11 and Oracle 18c CVE tests.

In Guardium 11, the smart assistant for compliance monitoring helps you quickly configure monitoring for GDPR, PCI, SOX, and other security standards by automating policy installation and scheduling, populating policy groups, discovering sensitive data in your databases, and more.

MongoDB is a free and open-source cross-platform document-oriented database program.  In this video, you will see a detailed demonstration of Guardium Vulnerability Assessment for MongoDB, including the process to set up and run the test, and what happens after you harden the database per recommendations from the assessment.

IBM Guardium provides tools for helping meet the requirements of the Payment Card Industry (PCI) data security standard.

In this video series, you become familiar with Guardium features that pertain to the PCI data security standard. You see a demonstration of how the features are configured.

IBM Security Guardium query-based tests provide a means of capturing customer-specific requirements in Guardium vulnerability assessments. In this virtual lab, you create a query-based test, use it in a vulnerability assessment, and run the assessment to discover vulnerabilities. 

In this video, Leila Johannesen demonstrates a new feature in Guardium 11.2 that allows customers to compare a list of databases with the databases that are known to Guardium.

The task of securing sensitive data begins with identifying it. IBM Security Guardium uses a sensitive data discovery application to scan database tables for data that matches certain parameters, such as personal identification number formats or bank card formats.

This lab illustrates how to create a new classification policy that searches for credit card numbers and populate the group with the table name and column name for each detected object.

Employees in organizations need access to various assets to perform their job. Managing this access can be a challenge as requirements change. For example, new applications are added or existing users need additional access rights. This gets more complex when you collaborate with outside organizations  and you might not know who in the other organization needs access to your organization's resources and vice versa.

IBM Security Guardium can aid you with entitlement management. You can use Guardium Database Entitlement Reports to verify that users only have access to the appropriate data. Your IBM Security Guardium system includes predefined database entitlement reports for several database types. Database entitlement reports provide up-to-date snapshots of database users and access privileges.

In this lab, you learn how to prepare and run these reports to validate and ensure that users only have the privileges required to perform their duties.

Franklin Almonte

It is easy to use the predefined alerts in Guardium. In this course, you to learn about the different Guardium alert types and how to use them to monitor your Guardium ecosystem.

Configuring and validating the Alert and Anomaly Detection engines is one of the first steps when you are configuring Guardium alerts. In this video, you learn how to configure and validate the Alert and Anomaly Detection engines.

This video demonstrates how to configure a Guardium correlation alert and view the alert after it triggers.

This video demonstrates how to create, configure, and view a Guardium real-time alert when it triggers.

This video course demonstrates how to create a Guardium custom alerts dashboard that centralizes alerting activities.

Franklin Almonte

Data is the lifeblood of an organization. Profit and revenue generation requires data in order to compete and provide your services. That data also needs protection. Lots of different tools, solutions, and vendors say they do data protection, but with many of these claims it is about the programs that need to be in place instead of a comprehensive strategy. Security and risk management leaders should develop a data security governance framework to mitigate the risks caused by security threats, data residency, and privacy issues.

In this video, you learn about IBM's data security strategy and risk based approach.