The primary use cases for IBM Security Guardium include onboarding and offboarding of the servers and working on alerts, such as troubleshooting if any S-TAP goes down. We also have Sonar, which means Imperva DSF. We evaluate the reports or logs, and we set up a justify workflow there. We have set up alerts on the basis of logs; if we get many failed logins, high failed logins, or high SQL errors, then we get the alerts. I'm working on those alerts as well. For real-time alerts in the alerter, we set up multiple types of alerts such as high failed logins in IBM Security Guardium. We have set up one group, and in that group, we mention users of a particular DB. If any other user tries to access or run any command, then we get the alert on a real-time basis. We then reach out to the server-side or DB team to evaluate those alerts. In IBM Security Guardium, we use data discovery to discover the complete detail of the databases, which helps us understand the database and all the required details. We use data classification jobs for sensitive information, which run on the basis of data sources. We run the data classification job on the basis of data sources, and we get all the table names and column names, after which we classify them as critical or not. We use a PowerShell script for some parts of running the data mart jobs in IBM Security Guardium. We have added multiple functionalities in that PowerShell script. For example, four or five months ago, we needed to migrate our data source user into CyberArk. It was very hard to replace the data source setting and add the users one by one because we have a very large environment here in MetLife. So, we added an API in the same script, and through that script, we replaced all the data source users.
I work with IBM Security Guardium. It's a very good tool for protecting databases, regardless of the type, whether it's Oracle, Microsoft SQL, SAP HANA, or any other database. It's excellent for monitoring and has additional functionality such as vulnerability assessment for the databases.
IBM Security Guardium is a comprehensive data protection solution designed to safeguard sensitive information through efficient monitoring and management practices.Focused on addressing data security challenges, IBM Security Guardium delivers advanced capabilities for monitoring, reporting, and auditing. It supports real-time security compliance, risk management, and data activity monitoring, aimed at providing enterprises with peace of mind by reducing potential threats and vulnerabilities....
The primary use cases for IBM Security Guardium include onboarding and offboarding of the servers and working on alerts, such as troubleshooting if any S-TAP goes down. We also have Sonar, which means Imperva DSF. We evaluate the reports or logs, and we set up a justify workflow there. We have set up alerts on the basis of logs; if we get many failed logins, high failed logins, or high SQL errors, then we get the alerts. I'm working on those alerts as well. For real-time alerts in the alerter, we set up multiple types of alerts such as high failed logins in IBM Security Guardium. We have set up one group, and in that group, we mention users of a particular DB. If any other user tries to access or run any command, then we get the alert on a real-time basis. We then reach out to the server-side or DB team to evaluate those alerts. In IBM Security Guardium, we use data discovery to discover the complete detail of the databases, which helps us understand the database and all the required details. We use data classification jobs for sensitive information, which run on the basis of data sources. We run the data classification job on the basis of data sources, and we get all the table names and column names, after which we classify them as critical or not. We use a PowerShell script for some parts of running the data mart jobs in IBM Security Guardium. We have added multiple functionalities in that PowerShell script. For example, four or five months ago, we needed to migrate our data source user into CyberArk. It was very hard to replace the data source setting and add the users one by one because we have a very large environment here in MetLife. So, we added an API in the same script, and through that script, we replaced all the data source users.
I work with IBM Security Guardium. It's a very good tool for protecting databases, regardless of the type, whether it's Oracle, Microsoft SQL, SAP HANA, or any other database. It's excellent for monitoring and has additional functionality such as vulnerability assessment for the databases.