Archive for the Category ◊ Uncategorized ◊

IDG News Service – A vulnerability in Android allows malicious applications to bypass an active VPN (virtual private network) connection and force traffic from the device through an attacker-controlled system where it can be intercepted, according to security researchers from Ben-Gurion University of the Negev in Israel.

Researchers from the university’s Cyber Security Labs initially reported Jan. 17 that the vulnerability affects Android 4.3, known as Jelly Bean. However, upon further investigation they were also able to reproduce it on Android 4.4 KitKat, the latest major version of the mobile OS.

VPN technology is used to create an encrypted tunnel into a private network over the public Internet. Companies rely on VPN connections to allow employees to securely connect to corporate networks from remote locations, but it can also be used by others to protect communications from snooping when connected over insecure wireless networks since it allows accessing the Internet through the remote network’s gateway.

 

 

READ MORE …

Tel Aviv, November 19, 2013 – DBmaestro (www.DBmaestro.com), the pioneer and leading provider of DevOps for Database solutions, announced today its analysis of new companies adopting DevOps for Database with DBmaestro. Over the past year, financial sector companies had the highest increased demand for Database Enforced Change Management (DECM) tools. Over 40% of new DBmaestro customers originated from this industry.

Within the financial sector, 60% of DBmasetro’s new clients are banks and insurance companies which find themselves more exposed to risk. In addition, DevOps for Database is becoming widespread in other markets. DBmaestro’s findings show that new customers from the government sector made up about 20% of the new DECM demand. Security and telecom sectors each made up approximately 10% of new DevOps for Database demand in 2013. The software and retail sectors each made up about 5% of new companies committed to DevOps.

 

 

 

READ MORE …

IBM InfoSphere Guardium for big data
Friday, March 15th, 2013 | Author:

IBM InfoSphere Guardium for big data

Pulse2013 — BIG-IP ASM & IBM InfoSphere Guardium
Friday, March 15th, 2013 | Author:

Pulse2013 — BIG-IP ASM & IBM InfoSphere Guardium

IBM InfoSphere Guardium eNewsletter: May 2012
Wednesday, May 30th, 2012 | Author:
IBM May 2012

InfoSphere Guardium eNewsletter



In this Issue:

  • IBM Q1 Labs Announces New Threat Analytics To Help Organizations Better Identify Hidden Security Attacks
  • Data Breach Headline News: UNC at Charlotte and State of Utah
  • InfoSphere Guardium is Coming to an Information Integration and Governance Forum Near You
  • Don’t Miss the Global Security Summit – X-Force Evolving Threats Seminar Series
  • Santiago Stock Exchange Case Study Video
  • New eBook: Unifying Data Security and Integrity: Reduce Risk, Lower Costs
  • On Demand Webcast: IBM X-Force 2011 Trend Report: Combat Data Security Threats
  • InfoSphere Guardium Training Courses
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • Data Security and Privacy Blogs
  • Quick Links
  • Renew Your Subscription

IBM Q1 Labs Announces New Threat Analytics To Help Organizations Better Identify Hidden Security Attacks

IBM (NYSE:IBM) unveils new analytics using advanced security intelligence that can flag suspicious behavior in network activities to help better defend against hidden threats facing organizations.

As organizations open up their networks to smartphones and increased social media access, traditional security defenses alone such as firewalls and antivirus software can’t adequately protect an organization.

To address this, IBM is announcing the QRadar Network Anomaly Detection appliance that analyzes complex network activity in real-time, detecting and reporting activity that falls outside normal baseline behavior. The analytics can look not only at inbound attacks, but also can detect outbound network abnormalities, where malware may have already infected a “zombie” system to send data outside the organization.

Read the press release.

Data Breach Headline News: UNC at Charlotte and State of Utah

In recent headlines, we are hearing more about data breaches caused by system misconfiguration, incorrect access settings and unauthorized access to sensitive data that have resulted in the exposure of personal information including social security numbers, health records and transactions.

The University of North Carolina at Charlotte said financial data and 350,000 Social Security numbers were exposed
ComputerWorld

The University of North Carolina at Charlotte blamed a system misconfiguration and incorrect access settings for the exposures, which also involved names and addresses of people who had done transactions with the university.

Read the full article.

Utah CIO reveals security flaws that lead to data breach –Utah’s Department of Health breach exposes data on 780,000 citizens’ personal information
InformationWeek

The attackers were able to gain access via the server factory-default logins to access the state’s Medicaid healthcare program.  The information was not encrypted and did not have hardened passwords.

Read the full article.

These exposures exists due to the complexity caused by the vast amount of data managed by multiple IT staff members, business groups and third party vendors who have direct access to applications. The use of sensitive data now caters to a much wider audience. Since users are not limited to inside employees, attackers now have a direct pipe—through the application, past perimeter defenses—into the database.

IBM® InfoSphere™ Guardium® database security products provide a simple, robust solution for continuously monitoring access to enterprise databases and simplifying compliance audits with automated and centralized controls for heterogeneous environments.

Download a complimentary e-Book: Protecting against data breaches and insider threats to learn more about the top 5 data breach scenarios and best practices to prevent data breaches, insider fraud and unauthorized changes to sensitive data.

InfoSphere Guardium is Coming to an Information Integration and Governance Forum Near You

The forum provides an opportunity for InfoSphere Guardium clients and perspective clients to discuss database security in the content of information governance. The Forums are perfect for IT executives, mid-level managers, influencing practitioners and database administrators who are in the process of implementing governance programs and want to understand how database security fits in.

At the Forum you’ll learn how to:

  • Ensure your information is fresh, accurate and authentic
  • Cut costs while integrating, managing and protecting information throughout its lifecycle
  • Discover insights and optimize decisions fast enough to impact your business in real time
  • Turn your data into a trusted asset with improved data integration and quality
  • Align information and related projects to business goals

Register to attend an event near you.

Don’t Miss the Global Security Summit – X-Force Evolving Threats Seminar Series

Since the release of the X-Force report on March 22, 2012, we have seen a surge in press coverage and a flurry of social media activity focused on enterprise security.  IBM is taking this discussion on the road with the XForce roadshow coming soon to a city near you!  Talk with XForce researchers, dig deeper into the findings and learn about how InfoSphere Guardium can help address the threats and vulnerabilities raised in the report.  As defined in XForce research, InfoSphere Guardium is a critical component in many emerging attack vectors including smarter more capable hackers, automated password guessing and the surge in automated shell command injection attacks.  Join in the discussion with other InfoSphere Guardium clients and prospects and also network with colleagues concerned with network, application and identity management as you create your enterprise security and compliance strategy.

Register to attend an event near you.

Santiago Stock Exchange Case Study Video

The Santiago Stock Exchange provides back office services for their clients.  Watch this video as Andrés Araya Falcone, Chief Information Officer, Santiago Stock Exchange, describes how they used IBM InfoSphere Guardium to protect and maintain data in a highly secure environment.

Watch the video.

New eBook: Unifying Data Security and Integrity: Reduce Risk, Lower Costs

Organizations must rigorously protect their data from all threats—including malicious attacks that can distort or destroy data, and the inadvertent corruption or misuse by employees. This job is becoming increasingly more difficult as the the sheer volume of data across organizations explodes and the number and diversity of data sources grows. Add to this mix, a layer of complexity where a very problematic siloed approach has resulted in order to satisfy various compliance mandates. This growth puts a tremendous strain on limited IT staff resources.

This in-depth guide shows you how every organization can benefit from a unified approach with:

  • Improved risk mitigation
  • Consistent policies and controls
  • Lower costs
  • Reduced staff workloads

Read how a unified and comprehensive data security strategy supports heterogeneous database environments and unifies the protection controls for sensitive data from inappropriate use.

Register and download the eBook.

On-Demand Webcast: The IBM X-Force 2011 Trend Reports: Combat data security threats

Join Robert Freeman, advance research manager for IBM X-Force®, as he discusses the latest results from the “IBM X-Force 2011 Trend and Risk Report”, an in-depth analysis of public vulnerability disclosures findings from more than 4,000 clients, and the monitoring and analysis of an average of 13 billion events daily in 2011.

“X-Force 2011 Trend and Risk Report” shows surprising improvements in several areas of Internet security such as a reduction in application security vulnerabilities, exploit code and spam.  However, sophisticated threats facing IT security professionals are increasing in frequency and complexity.  Attackers constantly adapt their techniques to evade new security measures, easily bypassing traditional perimeter defenses such as firewalls, IDS/IPS and anti-virus systems to get to your organization’s sensitive data.

In this comprehensive webcast, you’ll learn about increases in key areas of attack activity and how to combat them, including:

  • Cybercriminal activity: Financially-motivated cybercriminals, state-sponsored espionage groups, hacktivists and insiders will continue to become more savvy and opportunistic.
  • SQL injection: Continues to be a favorite attack vector among malicious groups.
  • IT loophole attacks: Attackers are bypassing existing security methods to gain access given the interconnected nature of the Internet and information systems as well as enterprise ERP, CRM, and custom business applications.

Attacks targeting shell command injection vulnerabilities more than doubled in 2011. These vulnerabilities allow the attacker to execute commands directly on a web server –

  • Spike in automated password guessing: Poor passwords and password policies have played a role in a number of high-profile breaches during 2011.
  • Attacks on emerging technologies: With the evolution of cloud computing social networks and mobile devices, attackers found new opportunities to hone their skills and extend their exploits to take advantage of these new technologies.
  • What countermeasures can be used: Database protection mandates and compliance requirements including implementing specific controls and tighter business processes are required by organizations to address risk and help ensure security.

Eric Naiburg, Program Director, Information Governance Solutions Product Marketing Strategy, will present case studies and product demo examples showing how enterprises have implemented IBM InfoSphere Guardium data security solutions to help secure sensitive databases and reduce compliance costs.

View the Webcast.

On-Demand Webcasts:

2012 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to:

GU201: IBM InfoSphere Guardium Technical Training
This three day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphere Guardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing database servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
May 29 – Jun 1, 2012 Poland Warsaw Register here
Jun 12 – 15, 2012 Germany Ehningen Register here

Fore more information, go to IBM InfoSphere Guardium Bootcamp

Upcoming Events
Please visit us at the following upcoming events:

CIO Forum and Executive IT Summit
Charlotte, NC – May 30-31, 2012; Marriott Executive Park
Cleveland (Independence), OH – June 7 – 8, 2012; Embassy Suites Hotel

IBM Innovate
Orlando, FL – June 3-7, 2012

Information Integration and Governance Forum
Philadelphia, PA – June 6, 2012; Sheraton Philadelphia Downtown
Atlanta, GA – June 20, 2012; InterContinental Buckhead Atlanta

Global Security Summits – X-Force Evolving Threats
Madison, WI – June 6, 2012; Fluno Center
Waltham, MA – June 13, 2012; IBM Innovation Center

Gartner Security & Risk Management Summit
Washington, DC – June 11-14, 2012; Gaylord National Harbor

Enterprise Security and Compliance Seminar
Philadelphia, PA – June 11, 2012; The HUB Cityview Conference Center
New York, NY – June 13, 2012; IBM Facility – 590 Madison Ave.

Data Governance and Information Quality Conference
San Diego, CA – June 25-29, 2012; Catamaran Resort Hotel & Spa

Proof of Technology and Technical Demonstrations:

To attend one of the Proof of Technology sessions listed below, Email an IBM Representative.  Include in your email the session name, date and location you are interested in attending.

IBM InfoSphere Guardium V8

May 30, 2012; Calgary, AL Canada
May 30, 2012; Costa Mesa, CA
May 31, 2012; Boston, MA
June 1, 2012; Calgary, AL Canada
June 7, 2012; Markham, ON Canada
June 7, 2012; Dallas, TX
June 13, 2012; Markham, ON Canada
June 20, 2012; Calgary, AL Canada

IBM InfoSphere Optim Test Data Management and Data Privacy
June 7, 2012; Boston, MA

IBM InfoSphere Optim Data Growth
June 22, 2012; Boston, MA

Data Security and Privacy Blogs

Featured Blogger:
Kimberly Madia, IBM InfoSphere Guardium & Optim Product Marketing

Read blog posting:Establishing a Valid Business “Need to Know” for Sensitive Data


Follow Guardium  View us on YouTube 

Quick Links
IBM InfoSphere Guardium Home Page
Audit and Validate Compliance
Monitor Privileged Users
Monitor Enterprise Application Users for Fraud
Enforce Database Change Control
Prevent Database Leaks
Vulnerability Management
Mainframe Visibility
InfoSphere Guardium Library (Analyst Reports, White papers, Case Studies, Webcasts, etc.)
IBM InfoSphere Guardium 8 Data Sheet
Secure Enterprise Data and Ensure Compliance white paper
IBM InfoSphere Guardium Encryption Expert: An Overview
IBM InfoSphere Guardium Encryption Expert: Secure and Protect your SAP Data
IBM InfoSphere Solutions for Data Security and Privacy, a whitepaper on Supporting HIPAA Compliance with Access to Sensitive Medical Information
IBM InfoSphere Solutions for Data Security and Privacy, a whitepaper on Protecting Payment Card Data to Help Ensure Compliance
IBM InfoSphere Guardium Database Activity Monitoring Demo
InfoSphere Guardium for System z – A Proactive Preventative Approach to Security, Audit and Compliance
Market Overview: Database Security, 2011, Forrester Research
Establishing a Database Security Strategy is No Longer Optional, GartnerDatabase Activity Monitoring is Evolving Into Database Audit and Protection, by Jeff Wheatman, Gartner
Look Beyond Native Database Auditing to Improve Security, Audit Visibility Compliance, and Real-time Protection, a white paper by Noel Yuhanna, Principal Analyst, Forrester Research
Databases at Risk, a white paper by Jon Oltsik, Principal Analyst, Enterprise Strategy Group


Forward to a Friend

Renew your subscription: Your monthly source for news, advice and learning for continuous protection against database attacks and insider threats.

eNewsletter Subscription Management

SubscribeUnsubscribe | | Feedback

Copyright © IBM InfoSphere Guardium 2012. All rights reserved. IBM, the IBM logo, ibm.com, InfoSphere and Guardium are trademarks of IBM. All other trademarks and service marks are the property of their respective owners.IBM InfoSphere Guardium
5 Technology Park Drive
Westford, MA 01886

Contact IBM

newsletter
In This Issue
Featured Webinar: Understanding and Prioritizing Emerging and Advanced Threats in the Enterprise |
Video: How to Apply User Activity Monitoring | IBM X-Force NewsRegister for Live QRadar Demos |
Q1 Labs’ Blog: IBM Announces Network Threat AnalyticsUpcoming Events: Pulse Comes to You
DarkReading Featured Webinar: Understanding and Prioritizing Emerging and Advanced Threats in the Enterprise
May 17, 2012 | 11:00 AM EDT | Register

Q1 Labs is proud to sponsor the webinar “Understanding and Prioritizing Security Threats in the Enterprise,” with Dark Reading. Join hosts Andrew Hay, a senior security analyst with the 451 Group and Phil Neray, Security Intelligence Strategist at Q1 Labs, to discuss methods for identifying threats and prioritizing them for rapid response. You will learn ways to use Security Intelligence to perform “triage” on emerging malware, vulnerabilities and other security alerts, enabling the IT organization to develop a customized response plan that is tailored to the specific needs and risks associated with the business.

Register Now >

Webinar How to Apply User Activity Monitoring to Identify Risky Behavior – New Video

You might know that QRadar SIEM excels at correlating and reporting on unusual network activity, but would you like to learn it performs user activity monitoring? Or what value this would have for your organization? In a new 8-minute YouTube demo, we look at how the use of identity and access management data enables real-time user activity monitoring. We show how QRadar can identify risky or abnormal activity of user groups such as employees with privileged access, contractors, or terminated employees.

Watch Demo >

See Other Videos >

Webinar IBM X-Force Report: 2011 Shows Progress Against Security Threats But Attackers Adapt

IBM X-Force saw several new attack trends towards the end of 2011. They witnessed spikes in SSH (Secure Shell) password cracking and saw 2 to 3 times more Shell Command attacks at the end of the year. Cloud computing and the proliferation of mobile devices create additional challenges for enterprise security and gives attackers new opportunities to hone their skills and extend their exploits to these new technologies.

Click here to read the full release.

Register Today for a Live Web Demo of the QRadar Security Intelligence Platform

Join Q1 Labs Security Experts to learn about the QRadar Security Intelligence Platform and to see a live demo of QRadar in action. We will provide an overview of the platform as well as show how QRadar is solving business problems for customers by:

  • Detecting Threats Others Miss
  • Predicting Risks Against Your Business
  • Consolidating Data Silos
  • Exceeding Regulation Mandates
  • Detecting Insider Fraud

Upcoming Sessions:
May 11, 2012 | 10 AM EDT Register >
May 11, 2012 | 2:00 PM EDT Register >
May 25, 2012 | 10 AM EDT Register >
May 25, 2012 | 2:00 PM EDT Register >

More >

On the Q1 Blog- Latest news and observations

events Upcoming Security Events

Pulse Comes to You
Pulse Comes to you 2012 delivers the experience, value and education of Pulse 2012 around the world with local events. Attend a local event and join our workshop on “Providing Your Business Total Security Intelligence.” As the world becomes more digitized and interconnected, more doors are being opened to emerging threats and leaks. Security is becoming a top concern for businesses from the boardroom down. Organizations need to put security first, allowing for the analysis of people, data, applications and infrastructure to be carried out easily and intelligently and providing instant information and visibility into business risks. The workshop will discuss how to set security priorities as well as provide an overview of the QRadar Security Intelligence Platform and its role in the IBM Security Division Portfolio.

X-Force Evolving Threats- Washington DC
Date: May 21, 2012
IBM Institute for Electronic Government
600 14th Street, NW Hamilton Square Second Floor
Washington, DC 20005 USA
Agenda & Registration >

X-Force Evolving Threats- Montreal
Date: May 24, 2012
Centre Mont-Royal 2200 Mansfield St
Montreal (Quebec) H3A 3R8 Canada
866-844-2200
Agenda & Registration >

Gartner Security & Risk Summit
Dates: June 11-14, 2012
Gaylord National Hotel & Convention Center
201 Waterfront Street, National Harbor, MD 20745 USA
More Info >

Category: Uncategorized  | Tags:  | Leave a Comment
What’s up with these solar storms?
Tuesday, March 13th, 2012 | Author:

http://www.networkworld.com/slideshow/36269?source=NWWNLE_nlt_security_2012-03-12#slide26

Blackberry says services ‘fully restored’
Saturday, October 15th, 2011 | Author:

Millions of customers worldwide had their messaging and email service disrupted with many turning to Twitter to express their anger.

In a press conference at 15:00 BST, Mr Lazaridis said the company would now begin a full investigation of what happened.

He apologised again for the problems customers had experienced.

“We know we’ve let many of you down. You expect more from us. I expect more from us,” he said.

The firm admitted that it was the largest crash it had ever experienced. Prior to the 2011 problems, the last significant blackout was in 2009.

READ MORE …

HTTPS Vulnerable To Crypto Attack
Monday, September 26th, 2011 | Author:

The secure sockets layer (SSL) and transport layer security (TLS) encryption protocol, used by millions of websites to secure Web communications via HTTPS, is vulnerable to being decrypted by attackers.

In particular, security researchers Juliano Rizzo and Thai Duong have built a tool that’s capable of decrypting and obtaining the authentication tokens and cookies used in many websites’ HTTPS requests. “Our exploit abuses a vulnerability present in the SSL/TLS implementation of major Web browsers at the time of writing,” they said.

READ MORE …

IBM InfoSphere Guardium eNewsletter: JUNE 2011
Thursday, June 30th, 2011 | Author:
IBM June 2011

banner



In this Issue:

  • Cyber-Attacks Highlight Need to Focus on Stronger Database Security, eWeek
  • Minding the Database: Video Interview with IBM’s Phil Neray, SC Magazine
  • On-Demand Webcast – Preventing Database Breaches: Insights from Independent Research on Database Auditing and Real-Time Protection
  • Tech Tip of the Month: Preserving Your Data for Auditing and Forensic Investigations
  • InfoSphere Guardium Training Courses
  • InfoSphere Guardium Bootcamp for Business Partners
  • Upcoming Events
  • Guardium on Twitter
  • Quick Links

Cyber-Attacks Highlight Need to Focus on Stronger Database Security
eWeek.com

  • When cyber-attackers breach an organization’s network, the database is usually their target. However, many organizations are so focused on protecting the perimeter that they don’t think about protecting the database itself, according to several security experts.
  • Many organizations still think that protecting the perimeter is sufficient to protect the data, but as recent data breaches at Epsilon and Sony have shown, traditional perimeter security can’t be relied on to protect the data.
  • Continuous, real-time monitoring is crucial to detect suspicious or unauthorized activity within the database, Phil Neray, vice president of data security strategy at IBM, told eWEEK. Database activity monitoring allows security managers to catch anyone who is trying to get access to information they shouldn’t be able to obtain.
  • Suspicious activity could take the form of a single user account, such as a customer service representative, downloading hundreds of sensitive data records in a single day.
  • Organizations should also be monitoring “privileged users,” or users with special authority or permissions over multiple applications or systems, to ensure they have not been hijacked.
  • “Outsiders typically look like insiders once they can log in to the network,” Neray said.
  • Attackers often gain control of privileged accounts via SQL injection, according to Neray. Database activity monitoring can detect third-party intrusions as well as detect “behavioral” issues such as when user accounts are being shared, he said.
  • SQL injection attacks, where attackers embed database queries into a form on a Website and submit them to trick the database into returning results, remains a popular attack vector because they lead an attacker directly to the database [with highly privileged access].
  • That’s not to suggest that organizations shouldn’t be investing in firewalls and other security products. [Experts recommend] the layered model, where attackers have to get past multiple gatekeepers before they even get to the database. Organizations should be thinking, “When the perimeter fails, what’s next?” and combining all the layers to pinpoint when something is wrong.

Read more.

Minding the Database: Video Interview with IBM’s Phil Neray
SC Magazine

A host of high-profile breaches have defined 2011, from HBGary to Epsilon to Sony to RSA to Lockheed Martin. The motives for each attack have been different, but they all share something in common: The perpetrators wanted access to the database, where the company’s crown jewels lie. Phil Neray, vice president of data security strategy at IBM, discusses why organizations must implement continuous, real-time activity monitoring at the database level to both catch the adversaries in action and trace their footsteps for forensic investigation.

Watch the video interview.

On-Demand Webcast: Preventing Database Breaches: Insights from Independent Research on Database Auditing and Real-Time Protection

Preventing database breaches and unauthorized access to sensitive data by hackers, outsourced personnel and privileged users such as DBAs has become vital for all organizations.

Database auditing has also become critical for addressing regulatory compliance requirements — yet DBAs spend less than 5% of their time on security and 78% of enterprises don’t have a database security plan.

Listen to Forrester Research Principal Analyst, Noel Yuhanna to learn why IBM was named a Leader in “The Forrester Wave: Database Auditing And Real-Time Protection, Q2 2011.”

In this comprehensive assessment incorporating 147 criteria, Forrester Research, Inc. gave IBM the #1 scores in all 3 high-level categories: Current Offering, Strategy (Product and Corporate), and Market Presence.

According to Forrester, “IBM InfoSphere Guardium continues to demonstrate its leadership in supporting very large heterogeneous environments, delivering high performance and scalability, simplifying administration, and performing real-time database protection.”

Concluding that “InfoSphere Guardium offers support for almost any of the features one might find in an auditing and real-time protection solution,” Forrester also gave IBM the highest scores in 7 out of 8 product sub-categories, including:

  • Architecture
  • Database Auditing
  • User and Application Auditing
  • Audit Policies
  • Auditing Repository
  • Reporting and Analytics
  • Manageability

Listen to the Webcast.

Read the complete Forrester Wave report.


On-Demand Webcasts:


Tech Tip of the Month:  Preserving Your Data for Auditing and Forensic Investigations

Question: I am considering purchasing the InfoSphere Guardium solution, with a particular interest in using its capabilities for compliance reporting and forensic investigations.  What happens when the audit repository database in my Collector or Central Aggregator has consumed all available storage space?

Answer: Sophisticated archiving, restoral and investigative capabilities are one of the many features included in InfoSphere Guardium, which makes it uniquely suited for deployment in large and mid-sized enterprises.

Figure 1 demonstrates how simple it is to archive data onto a standard storage platform for retrieval at a later date.  Clients often utilize this capability daily to send all activity for that day to the archive, while executing a purge process to remove data that is older than a specified number of days (15 days in this example).  The archive function creates signed, encrypted files that cannot be tampered with – even by Guardium administrators – thereby preserving the integrity of the data for enterprise-wide reporting and forensic purposes.

Figure 1: InfoSphere Guardium provides a simple, flexible archiving capability that allows audit data to be securely stored on a variety of well-established storage platforms.

Regardless of the destination of the archived data, InfoSphere Guardium provides a catalog that tracks where the archive file resides so it can be retrieved and restored with minimal effort.  This is typical of the InfoSphere Guardium architecture, which is designed not only for scalability, but also to minimize administrative effort and total cost of ownership.

When archived data is needed, InfoSphere Guardium’s Investigative Center can be used to automatically restore data and results for specific time periods (see Figure 2) and perform forensic investigations from a separate “sandbox” area.  Analysts can easily create queries to mine the archived audit information stored in the system’s embedded database – via an intuitive drag-and-drop interface – and view standard or custom reports using the full InfoSphere Guardium user interface within the scope of the investigation dates.

In addition, when forensic investigations are performed on audit data stored in the Aggregator – a centralized audit repository that collects and normalizes audit events from all of your enterprise databases and applications, regardless of DBMS platform – they can identify hard-to-detect attacks, such as a hacker or rogue employee accessing multiple databases in different locations on different days, grabbing a little data each time.

Figure 2: Data restoration is simple with InfoSphere Guardium, which uses built-in cataloging functionality to keep track of where archive files are stored.  Data is automatically uploaded into a separate “sand-box” repository and merged into the user’s view.

2011 InfoSphere Guardium Training Courses

Guardium’s training courses help you achieve results quickly and easily. For more information about training, to sign up for a training course, or to schedule a training session, go to: Guardium Training.

GU200: IBM InfoSphere Guardium Technical Training
This three day course offers a balanced mix of lectures, hands-on lab work, case studies, and testing. Students will learn how to create reports, audits, alerts, metrics, compliance oversight processes, and database access policies and controls. Students will also learn about system administration, archiving, purging, and back-ups.

GU210: IBM InfoSphere Guardium QuickStart Training
This one day course is delivered onsite and offers a balanced mix of lecture and hands-on exercises to ensure you can effectively meet your audit requirements and address key business priorities. Students will learn how to use Guardium’s solution in their own environment and create compliance reports, audit workflows, and real-time alerts based on their business requirements.

InfoSphere Guardium Bootcamp for Business Partners

This technical workshop is for IBM business partners who are currently working with or are interested in working with IBM InfoSphere Guardium. It provides training on InfoSphere Guardium in a classroom setting. Detailed presentations and hands-on labs on Guardium 8 are included where attendees will gain in-depth knowledge on topics including:

  • InfoSphere Guardium product overview
  • Guardium installation concepts, planning, and configuration
  • Auditing data servers with the Guardium system
  • Monitoring for unusual traffic
  • S-GATE and S-TAP Terminate Functions
  • Vulnerability Assessments
  • Enhanced Enforcement Actions
  • And much more

Learn how IBM InfoSphere Guardium can add value to your security and data management solutions and extend your market opportunity. Business partners working in the consulting industry who are currently working with or plan to work with InfoSphere Guardium are also welcome to attend.

Schedule and registration information

Please Note: We will send an email confirmation to all registrants 1-2 weeks before the bootcamp begins.

Date Country City Registration Information
Jul 5 – 8, 2011 Korea Seoul Register here
Jul 26 – 29, 2011 Turkey Ankara Register here
Jul 26 – 29, 2011 China Shanghai Register here
Jun 27 – 29, 2011* Mexico Mexico City Register here
Aug 9 – 12, 2011 China Beijing Register here
Sept 12 – 15, 2011 Italy Milan Register here
Sept 20 – 23, 2011 Poland Warsaw Register here
Oct 11 – 14, 2011 France Paris Register here

*To register for the additional 2-day InfoSphere Guardium Advanced Clinic, click here

For more information, go to: IBM InfoSphere Guardium Bootcamp

Upcoming Events

Please visit us at the following upcoming events:

IBM Information Integration & Governance Forums
San Jose, CA – July 19, 2011, San Jose Hilton
Washington, DC – July 21, 2011, Bechtel Conference Center, Reston, VA
Kansas City, MO – September 13, 2011, Location TBD
Seattle, WA – September 20, 2011, Location TBD
Nashville, TN – September 22, 2011 - Location TBD

Gartner Catalyst Conference
San Diego, CA – July 26-29, 2011, Hilton San Diego Bayfront

ISSA CISO Executive Forum
Seattle, WA – August 11-12, 2011, Hyatt at Olive 8

CIO Forum & Executive IT Summit (InfoSphere Optim is participating)
Toronto, Canada – September 7-8, 2011, Hilton Suites/Markham Conference Centre
Pittsburgh, PA – September 13-14, 2011, The Regional Learning Alliance at Cranberry Woods

ArcSight User Conference
Washington, DC area – September 11-14, 2011, Gaylord Resort & Conference Center, National Harbor, MD

SAP Tech Ed

Las Vegas, NV – September 12-16, 2011, The Venetian/Palazzo Congress Center

Guardium on Twitter

Follow Guardium on Twitter.com. The goal of Guardium Tweets is to post short, educational tips about data security as well as breaking news regarding data breaches. 

Quick Links
IBM InfoSphere Guardium 8 Data Sheet
Look Beyond Native Database Auditing to Improve Security, Audit Visibility Compliance, and Real-time Protection, by Noel Yuhanna, Forrester Research Principal
Ten Database Activities Enterprises Need to Monitor, a white paper by Jeffrey Wheatman, Research Director, Gartner
Databases at Risk, a white paper by Jon Oltsik, Principal Analyst, Enterprise Strategy Group
IBM InfoSphere Guardium Home Page
Auditing & Compliance
Privileged User Monitoring
Application Monitoring: Fraud Prevention
Change Control
Database Leak Prevention
Vulnerability Management
Mainframe Visibility
InfoSphere Guardium Library (Analyst Reports, Case Studies, etc.)
Forward to a Friend