Data Security

This category includes courses that address Guardium discovery, classification, vulnerability assessment, and entitlements.

Data Security Courses:

Discussion and Demonstration of Guardium Vulnerability Assessment

This course covers why Vulnerability Assessment is critical, what it is, how Guardium addresses it, and discusses and demonstrates using Guardium Vulnerability Assessment.

Finding vulnerabilities with Guardium Vulnerability Assessment

This course demonstrates how to use Guardium Vulnerability Assessment to locate various security risks in your environment.

Demo: Guardium Vulnerability Assessment for DB2 for z/OS

Louis Lam, IBM Security Guardium Database Security Content Manager, provides a detailed overview of Guardium v10 Vulnerability Assessment for DB2 for z/OS including FAQs, remediation strategy and more. He then does a step by step demo on configuring and running the solution. 

Guardium v10 Discover Sensitive Data demonstration

Dan Goodes presents a high level demonstration of the sensitive data discovery process in IBM Security Guardium V10.

Guardium Vulnerability Assessment Demonstration

This video provides a short demonstration of Guardium Vulnerability Assessment v10. 

Guardium inspection engine management for discovered databases

You can configure IBM Security Guardium to discover databases that are created on both Windows and UNIX systems. In many cases, you might want Guardium to create and run inspection engines on all newly discovered databases. However, there are scenarios in which you want to control when and how Guardium creates new inspection engines. In these cases, Database Discovered Instances Rules, which is available in Guardium 11.2, provides a way to manage inspection engine creation. You can configure Discovered Instances Rules from a central manager in a managed environment or on a stand-alone system.

In this lab, you use the Database Discovered Instance Rules to specify how to manage inspection engines for discovered databases.

This type of configuration requires Guardium 11.2 or higher.

Franklin Almonte

Guardium 11 Smart Assistant: Industries and Applications demonstration

This video presents a deep dive with a Use Case and supporting screen shots showing how to use the functionality of Smart Assistant.  

Guardium 11 Vulnerability Assessment and CyberArk integration

This Tech Talk focuses on one of the many key features of Guardium 11, integration with CyberArk for managing user names and passwords, as well as, enhancements for managing data sources and groups. 

Guardium Best Practices

Learn how IBM Security Guardium supports IBM's approach to data-centric audit and protection.

Guardium database vulnerability assessment

The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this lab, you learn how to configure and run a database vulnerability assessment.

This lab environment reflects Guardium 10.5.

Franklin Almonte

Guardium 11 Vulnerability Assessment Overview

The Guardium 11 Vulnerability Assessment (VA) has many new features, including test exceptions, test detail exceptions, security assessment using datasource group, CyberArk integration, DataStax Cassandra, as well as support for the new release of MongoDB 4.0, PostgreSQLv11 and Oracle 18c CVE tests.

Guardium 11 smart assistant for compliance monitoring

In Guardium 11, the smart assistant for compliance monitoring helps you quickly configure monitoring for GDPR, PCI, SOX, and other security standards by automating policy installation and scheduling, populating policy groups, discovering sensitive data in your databases, and more.

Guardium Vulnerability Assessment for MongoDB

MongoDB is a free and open-source cross-platform document-oriented database program.  In this video, you will see a detailed demonstration of Guardium Vulnerability Assessment for MongoDB, including the process to set up and run the test, and what happens after you harden the database per recommendations from the assessment.

PCI compliance quickstart with IBM Guardium

IBM Guardium provides tools for helping meet the requirements of the Payment Card Industry (PCI) data security standard.

In this video series, you become familiar with Guardium features that pertain to the PCI data security standard. You see a demonstration of how the features are configured.

Defining a query-based test for Guardium Vulnerability Assessment

IBM Security Guardium query-based tests provide a means of capturing customer-specific requirements in Guardium vulnerability assessments. In this virtual lab, you create a query-based test, use it in a vulnerability assessment, and run the assessment to discover vulnerabilities. 

Guardium asset reconciliation

In this video, Leila Johannesen demonstrates a new feature in Guardium 11.2 that allows customers to compare a list of databases with the databases that are known to Guardium.

Discovering sensitive data with IBM Guardium

The task of securing sensitive data begins with identifying it. IBM Security Guardium uses a sensitive data discovery application to scan database tables for data that matches certain parameters, such as personal identification number formats or bank card formats.

This lab illustrates how to create a new classification policy that searches for credit card numbers and populate the group with the table name and column name for each detected object.

Guardium database auto-discovery

There are many scenarios where databases can exist undetected on your network and expose your network to potential risk. Old databases might be forgotten and unmonitored, or a new database might be added as part of an application package. A rogue DBA might also create a new instance of a database to conduct malicious activity outside of the monitored databases.

Auto-discovery uses scan and probe jobs to ensure that no database goes undetected in your environment:

  • A scan job scans each specified host (or hosts in a specified subnet), and compiles a list of open ports that are specified for that host.
  • A probe job uses the results of the scan to determine whether there are database services that are running on the open ports. A probe job cannot be completed without first running a scan. View the results of this job in the Databases Discovered predefined report.
In this virtual lab, you:

  1. Create an Auto-discovery process to search specific IP addresses or subnets for open ports.
  2. Run the Auto-discovery process on demand or on a scheduled basis.
  3. View the results of the process with the Discovered Databases report.
Franklin Almonte

Getting started with Guardium Database Entitlement Reports

Employees in organizations need access to various assets to perform their job. Managing this access can be a challenge as requirements change. For example, new applications are added or existing users need additional access rights. This gets more complex when you collaborate with outside organizations  and you might not know who in the other organization needs access to your organization's resources and vice versa.

IBM Security Guardium can aid you with entitlement management. You can use Guardium Database Entitlement Reports to verify that users only have access to the appropriate data. Your IBM Security Guardium system includes predefined database entitlement reports for several database types. Database entitlement reports provide up-to-date snapshots of database users and access privileges.

In this lab, you learn how to prepare and run these reports to validate and ensure that users only have the privileges required to perform their duties.

Franklin Almonte

Getting started with Guardium alerts

It is easy to use the predefined alerts in Guardium. In this course, you to learn about the different Guardium alert types and how to use them to monitor your Guardium ecosystem.

Configure Alerter and Anomaly Detection

Configuring and validating the Alert and Anomaly Detection engines is one of the first steps when you are configuring Guardium alerts. In this video, you learn how to configure and validate the Alert and Anomaly Detection engines.

Configure and view correlation alerts

This video demonstrates how to configure a Guardium correlation alert and view the alert after it triggers.

Create and configure real-time alerts

This video demonstrates how to create, configure, and view a Guardium real-time alert when it triggers.

Use prebuilt and predefined alerts to configure an alerts dashboard

This video course demonstrates how to create a Guardium custom alerts dashboard that centralizes alerting activities.

Franklin Almonte

IBM data security strategy and risk-based approach

Data is the lifeblood of an organization. Profit and revenue generation requires data in order to compete and provide your services. That data also needs protection. Lots of different tools, solutions, and vendors say they do data protection, but with many of these claims it is about the programs that need to be in place instead of a comprehensive strategy. Security and risk management leaders should develop a data security governance framework to mitigate the risks caused by security threats, data residency, and privacy issues.

In this video, you learn about IBM's data security strategy and risk based approach.