This category includes courses that address Guardium discovery, classification, vulnerability assessment, and entitlements.
Data Security Courses:
You can configure IBM Security Guardium to discover databases that are created on both Windows and UNIX systems. In many cases, you might want Guardium to create and run inspection engines on all newly discovered databases. However, there are scenarios in which you want to control when and how Guardium creates new inspection engines. In these cases, Database Discovered Instances Rules, which is available in Guardium 11.2, provides a way to manage inspection engine creation. You can configure Discovered Instances Rules from a central manager in a managed environment or on a stand-alone system.
In this lab, you use the Database Discovered Instance Rules to specify how to manage inspection engines for discovered databases.
This type of configuration requires Guardium 11.2 or higher.Franklin Almonte
The Guardium Vulnerability Assessment application enables organizations to identify and address database vulnerabilities in a consistent and automated fashion. The assessment process in Guardium evaluates and recommends actions to improve the health of your database environment. In this lab, you learn how to configure and run a database vulnerability assessment.
This lab environment reflects Guardium 10.5.
The task of securing sensitive data begins with identifying it. IBM Security Guardium uses a sensitive data discovery application to scan database tables for data that matches certain parameters, such as personal identification number formats or bank card formats.
This lab illustrates how to create a new classification policy that searches for credit card numbers and populate the group with the table name and column name for each detected object.
There are many scenarios where databases can exist undetected on your network and expose your network to potential risk. Old databases might be forgotten and unmonitored, or a new database might be added as part of an application package. A rogue
DBA might also create a new instance of a database to conduct malicious activity outside of the monitored databases.
Auto-discovery uses scan and probe jobs to ensure that no database goes undetected in your environment:
- A scan job scans each specified host (or hosts in a specified subnet), and compiles a list of open ports that are specified for that host.
- A probe job uses the results of the scan to determine whether there are database services that are running on the open ports. A probe job cannot be completed without first running a scan. View the results of this job in the Databases Discovered predefined report.
- Create an Auto-discovery process to search specific IP addresses or subnets for open ports.
- Run the Auto-discovery process on demand or on a scheduled basis.
- View the results of the process with the Discovered Databases report.
Employees in organizations need access to various assets to perform
their job. Managing this access can be a challenge as requirements
change. For example, new applications are added or existing users need
additional access rights. This gets more complex when you collaborate
with outside organizations and you might not know who in the other
organization needs access to your organization's resources and vice
IBM Security Guardium can aid you with entitlement management. You can use Guardium Database Entitlement Reports to verify that users only have access to the appropriate data. Your IBM Security Guardium system includes predefined database entitlement reports for several database types. Database entitlement reports provide up-to-date snapshots of database users and access privileges.
In this lab, you learn how to prepare and run these reports to validate and ensure that users only have the privileges required to perform their duties.