This category includes courses that address help analyze Guardium data.

Analytics Courses:

Guardium Active Threat Analytics and Risk Spotter

The IBM Security Guardium Active Threat Analytics dashboard shows potential security breach cases based on the outlier mining process and on identified attack symptoms. In this dashboard, you can view and investigate cases, and take actions on individual cases.

As Guardium monitors data activity, the outlier mining engine also works in the background every hour to identify attack symptoms. You use the Active Threat Analytics dashboard to view cases, investigate cases and take actions, and minimize the chances of an attack or malicious activity.

Risk Spotter is a first of its kind technology, changing the security paradigm to an artificial intelligence data protection policy. It uses a holistic algorithm to dynamically assess risk factors and it uses a smart algorithm to identify potential risks across your entire system.

In this lab, you explore the Active Threat Analytics and Risk Spotter dashboards to:

  • Investigate existing and new threats
  • Analyze risky users
  • Create a ticket in ServiceNow
Franklin Almonte

Using Guardium health tools

IBM Security Guardium provides deployment health tools to help you visualize and gather information about problems that affect the central manager, collectors, aggregators, S-TAP and GIM agents, and inspection engines. 

Different tools provide different views into the health of your Guardium deployment. Some tools, such as the Deployment Health topology view, show the data flow relationships between various components. Others, such as the Deployment Health table, provide insight into issues that affect numerous components across your deployment. Others, such as the Deployment Health dashboard provides charts that summarize data and allow you to drill down to explore issues in greater detail.

In this lab, you explore various Guardium deployment health tools. You search for common issues, such as resource availability, a problem with K-TAP loading, changes in S-TAP agents and inspection engines, or with version control of GIM and S-TAP agents.