Hundreds of preconfigured vulnerability assessment tests using industry best practices and benchmarks such as Center for Internet Security (CIS) and the DoD's Security Technical Implementation Guide (STIG) across different database systems which are updated regularly by the InfoSphere Guardium Knowledge Base service.
Platform-specific static tests which detect insecure configurations for vulnerabilities such as missing patches, misconfigured privileges and default accounts.
Dynamic tests which allow detection of behavioral vulnerabilities such as identify vulnerabilities based on how data sources are being accessed and manipulated—such as an excessive number of login failures, clients executing administrative commands or after-hours login—by monitoring all data traffic in real time.
Generates security health report card and recommends concrete action plans to strengthen database security. These can also be configured to follow regulation requirements such as SCAP formats.
InfoSphere Guardium Configuration Audit System (CAS) monitors systems for any changes, once a secure configuration baseline has been established and make sure they are not made outside of your authorized change control policies and processes.
Integration with InfoSphere Guardium’s Compliance Workflow Automation application to automate remediation management