IBM Security Guardium Vulnerability Assessment
IBM® Security® Guardium® Vulnerability Assessment scans data infrastructures (databases, datawarehouses and bigdata environment) to detect vulnerabilities, and suggests remedial actions. The solution identifies exposures such as missing patches, weak passwords, unauthorized changes, misconfigured privileges and other vulnerabilities. Full reports are provided as well as suggestions to address all vulnerabilities. IBM Security Guardium Vulnerability Assessment also detects behavioral vulnerabilities such as account sharing, excessive administrative logins and unusual after-hours activity. IBM Security Guardium Vulnerability Assessment identifies threats and security holes in databases which could be exploited by intruders and hackers to gain access to sensitive data.
- Discover data sources
- Classify Sensitive Data
- Monitor Entitlements and data source credentials
- Automate vulnerability scanning, configuration and behavioral assessment—scan the entire data source infrastructure for vulnerabilities
- Map predefined tests for best practice standards (STIG, CIS, CVE) and access to more than 2000 data source vulnerability tests
- Report and take remediation action—evaluate and document your database security to help you assess, escalate and remediate risks.
Automate Discovery of your unknown data assets
Classify sensitive data like PCI DSS, PII, SSN, HIPPA in the discovered data sources
Automate vulnerability, configuration and behavioral assessment
- Utilize preconfigured vulnerability tests, encompassing Center for Internet Security (CIS) and Security Technical Implementation Guide (STIG) best practices, updated regularly through the IBM Security Guardium Knowledge Base service.
- Support for SCAP and ability to export in SCAP format.
- Provide platform-specific static tests that detect insecure configurations for the specific database being assessed.
- Conduct dynamic tests that uncover behavioral vulnerabilities such as account sharing, excessive login failures and unusual after-hours activity.
- Does not rely on intrusive exploits or tests that can impact system availability, and provides external reference information such as common vulnerabilities and exposures (CVE) identifiers.
- Support leading database platforms and all major operating systems, including big data environments.
Report and take actions
- Produce detailed reports and supporting data.
- Provide a summary security evaluation, which includes weighted metrics and recommended remedial action plans to strengthen security.
- Automatically schedule assessments and manage report distribution, sign-offs and escalations.