IBM Security Guardium Tech Talk
|
|
- Ella Gilbert
- 6 years ago
- Views:
Transcription
1 IBM Security Guardium Tech Talk What s new in Vulnerability Assessment V10 Kathy Zeidenstein Guardium Evangelist Frank Cavaliero - Database Administrator Louis Lam - Database and VA Manager Vikalp Paliwal - VA Product Manager November 5, 2015
2 Reminder: Next Guardium Tech Talk Next tech talk: Hints and Tips: Upgrading to Guardium V10 Speakers: Vlad Langman, L3 Support Manager Omar Raza, QA Engineer Date and time: Thursday, November 19th 11:30 AM US Eastern, 8:30 AM US Pacific Register here: ibm.biz/bdhynu 2
3 Agenda Data is the key target for breaches Guardium Vulnerability Assessment overview Vikalp Paliwal What is new in IBM Security Guardium Vulnerability Assessment v10 Louis Lam New IBM Security Guardium Vulnerability Assessment v10 live demo Q & A Frank Cavaliero 3 3
4 Data is challenging to secure DYNAMIC Data multiplies continuously and moves quickly IN DEMAND Users need to constantly access and share data to do their jobs DISTRIBUTED Data is everywhere, across applications and infrastructure 4
5 ANALYZE. PROTECT. ADAPT. Data Security solutions protect structured and unstructured sensitive data Discovery Classification Masking Encryption Vulnerability Assessment Entitlements Reporting D A T A S E C U R I T Y I N T E L L I G E N C E Vulnerability Assessment Assessment reports Data Protection Subscription Configuration Changes Data Encryption File-level encryption Role-based access control File access auditing Data Masking Static masking Semantic and format preserving Activity Monitoring Standard DAM Data Activity Monitoring Real-time alerts App end-user identification Normalized audit creation Blocking Quarantine Dynamic Data Masking Discover Harden Monitor Protect Base Product DB and Data Discovery Data Classification Entitlement Reporting Enterprise Integrator Queries & Reports Threshold Alerts Compliance Workflow Group Management Security Integrations IT Integrations Data Level Security Incident Management User/Roles Management HR Integrations Portal Management Self Monitoring Data Export Options Data Imports Options Compliance reporting Compliance Federate large workflow deployment Central control Central audit collection Standard FAM File metadata discovery Sensitive data classification Data activity monitoring Real-time alerts Compliance reporting Compliance workflow Advanced DAM Blocking access Masking sensitive data Users Quarantine Data Redaction Redact sensitive documents App Data Masking Masking on the browser Advanced FAM Blocking access 5
6 Vulnerability Assessment Technology is used to support security threat management and compliance Secure your crown jewels Network Vulnerability Assessment Solution Applications Database Infrastructure In-depth assessments of databases and applications such as ERP systems (for ex SAP or Oracle), especially, are not widely supported in traditional VA solution, which focus on devices Endpoint IT Security managers choosing a VA solution must make a dedicated ongoing vulnerability signature support and maintenance for majority of their asset base a critical requirement. -Gartner - market guide for VA 6
7 Have you left the keys to the kingdom dangling from the front door? Default Username and Password Managing vulnerabilities is a data security critical success factor Unknown sensitive data Excessive Privilege Implications Data breach Non supported product versions Default settings and misconfigu rations Audit Fail Insider Theft Unpatched Databases Non Compliance 7
8 ANALYZE. PROTECT. ADAPT. Discovery and Classification Entitlement reporting IBM Security Guardium Vulnerability Assessment Vulnerability Assessment Remediation Recommendation Configuration Audit System Database Protection Service ANALYTICS Compliance workflow automation and auditing 8
9 IBM Security Guardium Vulnerability Assessment : Analyze risk, automate compliance and harden your data environment Sensitive Data Discovery Identifies Sensitive Data like credit cards, transactions or PII Reporting on sensitive objects Discover database instances Extensible design Enables custom designed defined tests Tuning existing tests to match needs Report builder for custom reports Compliance Workflow Exception management Export to other security tools Comprehensive testing and reporting Using industry best-practices and primary research Predefined tests to uncover database vulnerabilities Entitlement reporting Recommendations for remediation Vulnerability Assessment scorecard Configuration audit system (CAS) View graphical representation of trends Includes Data Protection Service Updates Collaborate to protect 9
10 Identify vulnerabilities across multiple platforms from a single console Automatically discover and classify sensitive data to expose compliance risks Analyze misconfigurations and default settings to uncover risks Understand who is entitled to access sensitive data NEW! New user experience supports comprehensive visibility, control and reporting Support 15 Database, Datawarehouses, BigData (NoSQL) platforms More than 2000 vulnerability assessment tests STIG Benchmarks for oracle 11gr2 and SQL Server
11 Guardium support the most complex IT environments Enterprise wide Scalability Applications Databases Data Warehouses Big Data Environments Siebel PeopleSoft E-Business DB2 Informix DB2i DB2z Netezza Cloud Environments 11
12 Leverage security industry best practice and benefits... Enforce DoD STIG CIS CVE Secure Privileges Configuration settings Security patches Password policies OS Level file permission Established Baseline User defined queries for custom tests to meet baseline for Organization Industry Application Ownership and access for your files Advanced Forensics and Analytics using custom reports Forensics Understand your sensitive data risk and exposure Performance Zero Impact 12
13 3 steps to easy deployment Web Browser Review Reports Guardium Vulnerability Assessment Appliance Results Pass/Fail Statistics Criticality and recommended actions Filters and comparison History and trends Distribution/Compliance Workflow Automated DB Scans Assessment Tests Privileges Authentication Configuration Patch levels Oracle SQL Server DB2 DB2 z DB2 i Sybase Teradata Aster Informix Netezza MySQL Postgres MongoDB SAP HANA 13
14 Remove vulnerabilities by hardening your environment Patching Harden OS Files Access Harden Password Policy Remediation Harden privileges and grants Reconfigure settings and parameters 14
15 What is new in IBM Security Guardium Vulnerability Assessment v10 Support 15 types of data sources to choose from 15
16 MongoDB, Versions Supported and VA Test Coverage About MongoDB : Developed in 2007, MongoDB is a NoSQL, document-oriented database. They use JSON documents with dynamic schemas (format called BSON). In MongoDB, a collection is equivalent of a RDBMS table while documents are equivalent to records in an RDBMS table. NO other vendor offers VA for Mongo MongoDB support: 2.4, 2.6 and 3.0 VA test Coverage: Built-in roles Database configuration Version and Patches CAS (File permission and ownership) CVE (Common Vulnerabilities and Exposures) 16
17 MongoDB - Deployment First NoSQL database supported for VA. First non-jdbc database connection. Connection uses a Java driver. Many enhancements to the VA mechanism to support JSON syntax. MongoDB data sources support SSL server and client/server connections with SSL client certificates. Our VA solution for MongoDB Clusters can be run on mongos, a primary node and all secondary nodes for replica sets. VA solution is certified by MongoDB. 17
18 DB2 for i Guardium VA tests require IBM i systems to have the following PTFs installed on the system IBM i 7.1 partitions: PTF Group SF99701 Level 26 or PTF Group SF99701 Level 25 with enabling PTFs SI50237, SI50251, SI50301 and SI IBM i 6.1 partitions: PTF Group SF99601 Level
19 DB2 for i Support Version support: IBM i 6.1, 7.1 and 7.2 partitions VA test Coverage: Profiles with Special Authorities Profiles with access to Database Function Usage Password policies Database Objects privilege granted to PUBLIC Database Objects privilege granted to individual user Database Objects privilege granted with grant option Security APARs Entitlement Report: Profiles with Special Authorities Group granted to user Database Objects privilege granted to PUBLIC Database Executable Objects privileges granted to PUBLIC Database Objects privilege granted to individual user Database Objects privilege granted with grant option 19
20 Aster Data - Teradata About Aster Data : Acquired by Teradata in 2011, typically used for data warehousing and analytic applications (OLAP). Aster Data created a framework called SQL-MapReduce that allows the Structured Query Language (SQL) to be used with Map Reduce. Most often associated with clickstream kinds of applications. NO other vendor offers VA for Aster. Aster support: 5.1 and 6.0 VA test Coverage : Default password System privileges and roles Database Object privileges granted to PUBLIC Database Object privileges granted to individual user Database Object privileges granted with grant option Version and Patches CAS (File permission and ownership) IBM Confidential 20
21 Aster Data - Deployment A security assessment should be created to execute all tests on the queen node. All database connections for Aster Data goes through the queen node only. Testing on worker and loader nodes are only required when performing CAS tests (File permission and File ownership). Privilege tests loop through all the databases in a given Aster s instance. DPS will include metadata to enforce recommendation for customer to applying latest database patches. 21
22 Aster Data CAS Installation 22
23 SAP HANA About SAP HANA Is an in-memory, column-oriented, relational database management system developed and marketed by SAP SE. HANA's architecture is designed to handle both high transaction rates and complex query processing on the same platform. SAP HANA support: 1.00 VA test Coverage : Password policies Default SYSTEM password System privileges and roles Database Object privileges granted to PUBLIC Database Object privileges granted to individual user Database Object privileges granted with grant option Version and Patches CAS (File permission and ownership) 23
24 SAP HANA - Deployment Tests are created by Guardium VA research team and cover all relevant best practices from SAP HANA security guide. Guardium is first to the market for VA solution on SAP HANA. CAS is use for enforcing OS file level privileges, ownership and group. V10 DPS will include metadata to enforce recommendation for customer to applying latest SAP HANA database patches. 24
25 STIG Benchmarks Guardium v10 covers the latest benchmarks that were recently published by STIG for Oracle11gR2 and SQL Server
26 STIG Oracle Guardium v10 supports STIG s latest Oracle benchmark v8r12. The external references for all existing and new tests are in sync with the latest STIG benchmark. Tests that reference STIG now have a separate STIG reference, STIG severity and STIG IAControls field. There are new Oracle tests created from the latest STIG benchmark. The logic for many existing tests were modified to sync up with latest STIG recommendations. 26
27 STIG SQL Server Guardium v10 supports STIG s latest SQL Server 2012 benchmark v1r2. The external references for all existing and new tests are in sync with the latest STIG benchmark. STIG external reference for SQL Server now begin with SQL% instead of DG% or DM% Tests that reference STIG now have a separate STIG reference, STIG severity and STIG SRG field. New SQL Server tests were created from the latest STIG benchmark. The logic for many existing tests were modified to sync up with the latest STIG recommendations. 27
28 VA Query timeout When a test takes more than 10 minutes to execute, it will time out with a message specific to the DBMS type driver. This mechanism can be turned off or modified using CLI commands. This feature is support on all query based tests (Test ID between 2000 and 3000). Aster, Informix and SAP HANA DBMS type is not support. This feature was introduced in v9p500 for query based tests only. Version 10 added support to a list of JAVA based privileges tests. A GUI restart is required for this feature. Recommendation: Do not set this timeout value to greater than 30 minutes. CLI commands are: show va query_timeout store va query_timeout off store va query_timeout on <min> 28
29 VA Privileges test output To avoid the rare case in which excessive violations cause memory issues, Guardium is limiting the number of rows returned per test to 20,000 rows. This default can be overridden using CLI commands. This feature is supported on all query based tests (Test ID between 2000 and 3000). SAP HANA DBMS type is not supported. This feature was introduced in v9p500 for query based tests only. Version 10 added support to a list of JAVA based privileges tests. A GUI restart is required for this feature. CLI commands are: show va max_detail store va max_detail off store va max_detail on <num> 29
30 IBM Security Guardium Vulnerability Assessment demo Frank Cavaliero 30
31 Q&A 3Key Take-Aways IBM Security Guardium Vulnerability Assessment Provides complete risk posture of data asset and help automate compliance requirements Analyze, protect and adapt to all your data security challenges Built on proven enterprise-ready, easily scalable architecture
32 Legal notices and disclaimers Copyright 2015 by International Business Machines Corporation (IBM). No part of this document may be reproduced or transmitted in any form without written permission from IBM. U.S. Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM. Information in these presentations (including information relating to products that have not yet been announced by IBM) has been reviewed for accuracy as of the date of initial publication and could include unintentional technical or typographical errors. IBM shall have no responsibility to update this information. THIS document is distributed "AS IS" without any warranty, either express or implied. In no event shall IBM be liable for any damage arising from the use of this information, including but not limited to, loss of data, business interruption, loss of profit or loss of opportunity. IBM products and services are warranted according to the terms and conditions of the agreements under which they are provided. Any statements regarding IBM s future direction, intent or product plans are subject to change or withdrawal without notice. Performance data contained herein was generally obtained in a controlled, isolated environments. Customer examples are presented as illustrations of how those customers have used IBM products and the results they may have achieved. Actual performance, cost, savings or other results in other operating environments may vary. References in this document to IBM products, programs, or services does not imply that IBM intends to make such products, programs or services available in all countries in which IBM operates or does business. Workshops, sessions and associated materials may have been prepared by independent session speakers, and do not necessarily reflect the views of IBM. All materials and discussions are provided for informational purposes only, and are neither intended to, nor shall constitute legal or other guidance or advice to any individual participant or their specific situation. It is the customer s responsibility to insure its own compliance with legal requirements and to obtain advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulatory requirements that may affect the customer s business and any actions the customer may need to take to comply with such laws. IBM does not provide legal advice or represent or warrant that its services or products will ensure that the customer is in compliance with any law. Information concerning non-ibm products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products in connection with this publication and cannot confirm the accuracy of performance, compatibility or any other claims related to non-ibm products. Questions on the capabilities of non-ibm products should be addressed to the suppliers of those products. IBM does not warrant the quality of any third-party products, or the ability of any such third-party products to interoperate with IBM s products. IBM EXPRESSLY DISCLAIMS ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The provision of the information contained herein is not intended to, and does not, grant any right or license under any IBM patents, copyrights, trademarks or other intellectual property right. Other company, product, or service names may be trademarks or service marks of others. A current list of IBM trademarks is available at Copyright and trademark information
33 Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
Fabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationIBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT
IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT NOTICE Clients are responsible for ensuring their own compliance with various laws and regulations, including the
More informationMSS VSOC Portal Single Sign-On Using IBM id IBM Corporation
MSS VSOC Portal Single Sign-On Using IBM id Changes to VSOC Portal Sign In Page Users can continue to use the existing Client Sign In on the left and enter their existing Portal username and password.
More informationIBM Application Security on Cloud
April, 2017 IBM Application Security on Cloud Service Overview Security has and will always be about understanding, managing, and mitigating the risk to an organization s most critical assets. - Dr. Eric
More informationIBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation
IBM Security Endpoint Manager- BigFix Daniel Joksch Security Sales Establish security as an immune system Malware protection Incident and threat management Identity management Device management Data monitoring
More informationIBM Security Guardium Tech Talk
IBM Security Guardium Tech Talk Hints and tips for upgrading to V10 Vlad Langman Manager, Guardium L3 Support IBM Security Omar Raza Guardium QA Engineer IBM Security This call is being recorded. Please
More informationOptimize your BigFix Deployment via Customization and Integration. Lee Wei
Optimize your BigFix Deployment via Customization and Integration Lee Wei Topics / Goals Survey of what is available Walkthrough all the BigFix APIs Imagine the possibilities 2 Prerequisite Relevance Relevance
More informationOpen Mic Webcast. IBM Sametime Media Manager Troubleshooting Tips and Tricks. Tony Payne Sr. Software Engineer May 20, 2015
Open Mic Webcast IBM Sametime Media Manager Troubleshooting Tips and Tricks Tony Payne Sr. Software Engineer May 20, 2015 Agenda Troubleshooting Basics Setting a diagnostic trace Finding the right trace
More informationFrankensteining Software: Recycling Parts of Legacy Systems. Jennifer Manning and Joseph Kramer
Frankensteining Software: Recycling Parts of Legacy Systems Jennifer Manning and Joseph Kramer 1 Please Note: The slides in this desk are my own and don t necessarily represent IBM s positions, strategies
More informationHow to Secure Your Cloud with...a Cloud?
A New Era of Thinking How to Secure Your Cloud with...a Cloud? Eitan Worcel Offering Manager - Application Security on Cloud IBM Security 1 2016 IBM Corporation 1 A New Era of Thinking Agenda IBM Cloud
More informationIBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
More informationInfoSphere Guardium 9.1 TechTalk Reporting 101
InfoSphere Guardium 9.1 TechTalk Reporting 101 Click to add text Dario Kramer, Senior System Architect dariokramer@us.ibm.com 2013 IBM Corporation Acknowledgements and Disclaimers Availability. References
More informationPartitions. Make Administration on the Cloud more organized. Rajesh (Raj) Patil Girish Padmanabhan Rashmi Singh
Partitions Make Administration on the Cloud more organized. Rajesh (Raj) Patil Girish Padmanabhan Rashmi Singh Please note IBM s statements regarding its plans, directions, and intent are subject to change
More informationPush to Client. RDz IDz ADFz Virtual User Group. Kelly McGraw
RDz IDz ADFz Virtual User Group Push to Client Kelly McGraw mcgrawk@us.ibm.com October 18 th 20 th Online Web Conference Contact jsayles@us.ibm.com for additional information Push to Client Personal Disclaimer
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More information4 Reasons to Love the New IBM Guardium Data Encryption v3.0
4 Reasons to Love the New IBM Guardium Data Encryption v3.0 GUARDIUM TECH TALK Dan Goodes WW Technical Sales Data Security Rick Robinson Offering Manager, Encryption and Key Management October 3, 2017
More informationIBM Security Guardium Analyzer
IBM Guardium Analyzer Highlights Assess security & compliance risk associated with GDPR data Find GDPR data across onpremises and cloud databases Scan for database vulnerabilities Leverage next-generation
More informationISAM Advanced Access Control
ISAM Advanced Access Control CONFIGURING TIME-BASED ONE TIME PASSWORD Nicholas J. Hasten ISAM L2 Support Tuesday, November 1, 2016 One Time Password OTP is a password that is valid for only one login session
More informationIBM Security Network Protection Open Mic - Thursday, 31 March 2016
IBM Security Network Protection Open Mic - Thursday, 31 March 2016 Application Control and IP Reputation on the XGS Demystified Panelists Tanmay Shah, Presenter IPS/Network Protection Product Lead Bill
More informationWORKSHARE SECURITY OVERVIEW
WORKSHARE SECURITY OVERVIEW April 2016 COMPANY INFORMATION Workshare Security Overview Workshare Ltd. (UK) 20 Fashion Street London E1 6PX UK Workshare Website: www.workshare.com Workshare Inc. (USA) 625
More informationIntegrated, Intelligence driven Cyber Threat Hunting
Integrated, Intelligence driven Cyber Threat Hunting THREAT INVESTIGATION AND RESPONSE PLATFORM Zsolt Kocsis IBM Security Technical Executive, CEE zsolt.kocsis@hu.ibm.com 6th Nov 2018 Build an integrated
More informationIBM Security QRadar Version 7 Release 3. Community Edition IBM
IBM Security QRadar Version 7 Release 3 Community Edition IBM Note Before you use this information and the product that it supports, read the information in Notices on page 7. Product information This
More informationIBM Infrastructure Suite for z/vm and Linux: Introduction IBM Tivoli OMEGAMON XE on z/vm and Linux
IBM Infrastructure Suite for z/vm and Linux: Introduction IBM Tivoli OMEGAMON XE on z/vm and Linux August/September 2015 Please Note IBM s statements regarding its plans, directions, and intent are subject
More informationIBM Threat Protection System: XGS - QRadar Integration
IBM Security Network Protection Support Open Mic - Wednesday, 25 May 2016 IBM Threat Protection System: XGS - QRadar Integration Panelists Tanmay Shah - Presenter Level 2 Support Product Lead Danitza Villaran-Rokovich,
More informationIBM InfoSphere Guardium Vulnerability Assessment
IBM InfoSphere Guardium Vulnerability Assessment Scan database infrastructures to detect vulnerabilities and suggest remedial actions Highlights Lowers total cost of ownership, improves security and suppor
More informationService Description VMware Workspace ONE
VMware Workspace ONE Last Updated: 05 April 2018 The product described in this Service Description is protected by U.S. and international copyright and intellectual property laws. The product described
More informationIBM Verse On-Premises for Dummies
IBM Verse On-Premises for Dummies SESSION: 1209A Scott Souder, IBM Program Director and Sr. Offering Manager IBM Verse Simon Butcher, IBM Program Director IBM Verse and IBM Verse Extensibility Please note
More informationPonemon Institute s 2018 Cost of a Data Breach Study
Ponemon Institute s 2018 Cost of a Data Breach Study September 18, 2018 1 IBM Security Speakers Deborah Snyder CISO State of New York Dr. Larry Ponemon Chairman and Founder Ponemon Institute Megan Powell
More informationDB2 S-TAP, IMS S-TAP, VSAM S-TAP
IBM InfoSphere Guardium Version 8.2 IBM InfoSphere Guardium 8.2 offers the most complete database protection solution for reducing risk, simplifying compliance and lowering audit cost. Version 8.2 contains
More informationFor reference, V10.0 Detailed Release Notes (August 2015)
Release Notes ================ Product: Release/ Version IBM Security Guardium Guardium v10.0 patch 20 (v10.0.1) Name of file: Combined Fix Pack for v10.0 GA (Nov 18 2015) Completion Date: 2015-December-04
More informationIBM Compliance Offerings For Verse and S1 Cloud. 01 June 2017 Presented by: Chuck Stauber
IBM Compliance Offerings For Verse and S1 Cloud 01 June 2017 Presented by: Chuck Stauber IBM Connections & Verse Email and collaboration platform designed to help you work better Empower people Teams are
More informationLe sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza
Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza Giulia Caliari IT Architect, IBM Security #IBMSecurity Attackers break through conventional
More informationPredators are lurking in the Dark Web - is your network vulnerable?
Predators are lurking in the Dark Web - is your network vulnerable? Venkatesh Sadayappan (Venky) Security Portfolio Marketing Leader IBM Security - Central & Eastern Europe Venky.iss@cz.ibm.com @IBMSecurityCEE
More informationManaged Security Services - Endpoint Managed Security on Cloud
Services Description Managed Security Services - Endpoint Managed Security on Cloud The services described herein are governed by the terms and conditions of the agreement specified in the Order Document
More informationOracle Data Masking and Subsetting
Oracle Data Masking and Subsetting Frequently Asked Questions (FAQ) S E P T E M B E R 2 0 1 6 Product Overview Q: What is Data Masking and Subsetting? A: Data Masking or Static Data Masking is the process
More informationOracle Database Security Assessment Tool
Oracle Database Security Assessment Tool With data breaches growing every day along with the evolving set of data protection and privacy regulations, protecting business sensitive and regulated data is
More informationIBM Security Guardium Data Activity Monitor
IBM Guardium Data Activity Monitor Continuously monitor data access and protect sensitive data across the enterprise Highlights Uncover risks to sensitive data through data discovery, classification and
More informationIBM License Metric Tool Enablement Guide
IBM Spectrum Protect IBM License Metric Tool Enablement Guide Document version for the IBM Spectrum Protect Version 8.1 family of products Copyright International Business Machines Corporation 2016. US
More informationIBM Security Guardium
IBM Security Guardium Version 10.1.4 Mapping Server IPs within IBM Security Guardium v10.1.4 instead of using the IBM License Metric Tool (ILMT) This document describes how to get the Server IP list for
More informationEmpowering DBA's with IBM Data Studio. Deb Jenson, Data Studio Product Manager,
Empowering DBA's with IBM Data Studio Deb Jenson, Data Studio Product Manager, dejenson@us.ibm.com Disclaimer Copyright IBM Corporation [current year]. All rights reserved. U.S. Government Users Restricted
More informationA Pragmatic Path to Compliance. Jaffa Law
A Pragmatic Path to Compliance Jaffa Law jaffalaw@hk1.ibm.com Introduction & Agenda What are the typical regulatory & corporate governance requirements? What do they imply in terms of adjusting the organization's
More informationSecurity Support Open Mic Build Your Own POC Setup
IBM Security Access Manager 08/25/2015 Security Support Open Mic Build Your Own POC Setup Panelists Reagan Knowles Level II Engineer Nick Lloyd Level II Support Engineer Kathy Hansen Level II Support Manager
More informationIBM MaaS360 Kiosk Mode Settings
IBM MaaS360 Kiosk Mode Settings Configuration Settings for Kiosk Mode Operation IBM Security September 2017 Android Kiosk Mode IBM MaaS360 provides a range of Android device management including Samsung
More informationOverview of Data Reduction in IBM FlashSystem A9000
Overview of Data Reduction in IBM FlashSystem A9000 Guy Meir Real Time Compression Technical Team Leader Guyme@il.ibm.com STG Storage Europe 2011 IBM Corporation The Primary Storage Growth Challenge Primary
More informationOptimizing Data Transformation with Db2 for z/os and Db2 Analytics Accelerator
Optimizing Data Transformation with Db2 for z/os and Db2 Analytics Accelerator Maryela Weihrauch, IBM Distinguished Engineer, WW Analytics on System z March, 2017 Please note IBM s statements regarding
More informationDisk Space Management of ISAM Appliance
IBM Security Access Manager Tuesday, 5/3/16 Disk Space Management of ISAM Appliance Panelists David Shen Level 2 Support Engineer Steve Hughes Level 2 Support Engineer Nicholas Hasten Level 2 Support Engineer
More informationXGS & QRadar Integration
IBM Security Support Open Mic - January 28, 2015 XGS & QRadar Integration Advanced Threat Protection Integration Options Panelists Wes Davis Advanced Threat Support Group Engineer (Presenter) Thomas Gray
More informationOracle Payment Interface Token Proxy Service Security Guide Release 6.1 E November 2017
Oracle Payment Interface Token Proxy Service Security Guide Release 6.1 E87635-01 November 2017 Copyright 2017, Oracle and/or its affiliates. All rights reserved. This software and related documentation
More informationMcAfee Database Security
McAfee Database Security Sagena Security Day 6 September 2012 September 20, 2012 Franz Hüll Senior Security Consultant Agenda Overview database security DB security from McAfee (Sentrigo) VMD McAfee Vulnerability
More informationISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.
ISAM Federation STANDARDS AND MAPPINGS Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support July 19, 2017 Agenda ISAM Federation Introduction Standards and Protocols Attribute Sources
More informationA Technical Introduction to IBM Integration Bus
A Technical Introduction to IBM Integration Bus Alasdair Paton paton@uk.ibm.com IBM (Integration Bus Development) Tuesday 3 rd November Session JA Agenda What is IBM Integration Bus Key Concepts Product
More informationSecurity Update PCI Compliance
Security Update PCI Compliance (Payment Card Industry) Jeff Uehling IBM i Security Development uehling@us.ibm.com 2012 IBM Corporation PCI Requirements An Information only Presentation NOTE: These Slides
More informationSecurity Support Open Mic: ISNP High Availability and Bypass
Panelists Ed Leisure Knowledge Engineer, Presenter Andrew Sallaway SWAT Consultant Kenji Hamahata L2 Engineer (Japan) Maxime Turlot Product Lead Arthur Testa Product Lead Jeff Dicostanzo Advanced Value
More informationVersion 9 Release 0. IBM i2 Analyst's Notebook Premium Configuration IBM
Version 9 Release 0 IBM i2 Analyst's Notebook Premium Configuration IBM Note Before using this information and the product it supports, read the information in Notices on page 11. This edition applies
More informationIBM Operational Decision Manager Version 8 Release 5. Configuring Operational Decision Manager on Java SE
IBM Operational Decision Manager Version 8 Release 5 Configuring Operational Decision Manager on Java SE Note Before using this information and the product it supports, read the information in Notices
More informationEU General Data Protection Regulation (GDPR)
EU General Data Protection Regulation (GDPR) An inspirational Overview Sven-Erik Vestergaard Security Architecht IBM Security svest@dk.ibm.com September 29, 2015 Legal notices and disclaimers Copyright
More informationUsing Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting
Using Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationIBM BigInsights Security Implementation: Part 1 Introduction to Security Architecture
IBM BigInsights Security Implementation: Part 1 Introduction to Security Architecture Big data analytics involves processing large amounts of data that cannot be handled by conventional systems. The IBM
More informationGX vs XGS: An administrator s comparison of the two products
: An administrator s comparison of the two products Panelists Bill Klauke IPS Product Lead, Level 2 Support Matthew Elsner XGS Development Yuceer (Banu) Ilgen XGS Development Jeff Dicostanzo AVP Support
More informationOverview. Business value
PRODUCT SHEET CA Top Secret for z/vse CA Top Secret for z/vse CA Top Secret for z/vse provides innovative and comprehensive security for business transaction environments which enable your business to
More informationCA IT Client Manager / CA Unicenter Desktop and Server Management
CA GREEN BOOKS CA IT Client Manager / CA Unicenter Desktop and Server Management Object Level Security Best Practices LEGAL NOTICE This publication is based on current information and resource allocations
More informationIBM BigFix Compliance
IBM BigFix Compliance A single solution for managing endpoint security across the organization Highlights Ensure configuration compliance using thousands of out-of-the-box bestpractice policies with automated
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationInnovate 2013 Automated Mobile Testing
Innovate 2013 Automated Mobile Testing Marc van Lint IBM Netherlands 2013 IBM Corporation Please note the following IBM s statements regarding its plans, directions, and intent are subject to change or
More informationCA GovernanceMinder. CA IdentityMinder Integration Guide
CA GovernanceMinder CA IdentityMinder Integration Guide 12.6.00 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationIPLocks Vulnerability Assessment: A Database Assessment Solution
IPLOCKS WHITE PAPER September 2005 IPLocks Vulnerability Assessment: A Database Assessment Solution 2665 North First Street, Suite 110 San Jose, CA 95134 Telephone: 408.383.7500 www.iplocks.com TABLE OF
More informationResiliency Orchestration in the Hybrid Cloud Era
Resiliency Orchestration in the Hybrid Cloud Era Chandra Pulamarasetti Co-founder & CEO, Sanovi an IBM Company Resiliency is Changing Always On customer expectation Smaller windows of business opportunities
More informationOracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E June 2016
Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 E69079-01 June 2016 Copyright 2016, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided
More informationVersion 9 Release 0. IBM i2 Analyst's Notebook Configuration IBM
Version 9 Release 0 IBM i2 Analyst's Notebook Configuration IBM Note Before using this information and the product it supports, read the information in Notices on page 11. This edition applies to version
More informationIBM Tivoli Monitoring for Databases. Release Notes. Version SC
IBM Tivoli Monitoring for Databases Release Notes Version 5.1.1 SC23-4851-00 IBM Tivoli Monitoring for Databases Release Notes Version 5.1.1 SC23-4851-00 Note Before using this information and the product
More informationYour Notes and Domino in the Cloud
Your Notes and Domino in the Cloud ibmcloud.com/social m@nl.ibm.com Maurice Teeuwe Tech. Sales Lead, Europe Page 1 Please Note IBM s statements regarding its plans, directions, and intent are subject to
More informationAugust Oracle - GoldenGate Statement of Direction
August 2015 Oracle - GoldenGate Statement of Direction Disclaimer This document in any form, software or printed matter, contains proprietary information that is the exclusive property of Oracle. Your
More informationThe McGill University Health Centre (MUHC)
The McGill University Health Centre (MUHC) Strengthening its security posture with in- depth global intelligence Overview The need MUHC security staff wanted to more quickly identify and assess potential
More informationOracle Hospitality Cruise Fine Dining System Security Guide Release E
Oracle Hospitality Cruise Fine Dining System Security Guide Release 9.0.2.29 E99054-01 August 2018 Copyright 2015, 2018, Oracle and/or its affiliates. All rights reserved. This software and related documentation
More informationIBM Informix xC2 Enhancements IBM Corporation
IBM Informix 12.10.xC2 Enhancements 2013 IBM Corporation Acknowledgements and Disclaimers Availability. References in this presentation to IBM products, programs, or services do not imply that they will
More informationDatabase Centric Information Security. Speaker Name / Title
Database Centric Information Security Speaker Name / Title The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated
More informationMaking the Most of InfoSphere Guardium Vulnerability Assessment
Making the Most of InfoSphere Guardium Vulnerability Assessment Ian Schmidt ischmidt@us.ibm.com Mike Martin mmartin@btrgroup.com @BTRG_MikeMartin Louis Lam llam@us.ibm.com 2014 Logistics This tech talk
More informationIBM Internet Security Systems Proventia Management SiteProtector
Supporting compliance and mitigating risk through centralized management of enterprise security devices IBM Internet Security Systems Proventia Management SiteProtector Highlights Reduces the costs and
More informationIBM Kenexa LCMS Premier on Cloud. Release Notes. Version 9.3
IBM Kenexa LCMS Premier on Cloud Release Notes Version 9.3 IBM Kenexa LCMS Premier on Cloud Release Notes Version 9.3 Note Before using this information and the product it supports, read the information
More informationThe Privileged Appliance and Modules (TPAM) 1.0. Diagnostics and Troubleshooting Guide
The Privileged Appliance and Modules (TPAM) 1.0 Guide Copyright 2017 One Identity LLC. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in
More informationIBM Security Guardium: : Sniffer restart & High CPU correlation alerts
IBM Security Guardium: : Sniffer restart & High CPU correlation alerts IBM SECURITY SUPPORT OPEN MIC, presented by Lisette Contreras, Guardium Support To hear the WebEx audio, select an option in the Audio
More informationSpeaker Notes. IBM Software Group Rational software. Exporting records from ClearQuest
Speaker Notes IBM Software Group Rational software IBM Rational ClearQuest Exporting records from ClearQuest Updated October 23, 2007 This presentation will cover exporting records from IBM Rational ClearQuest.
More informationIBM Security QRadar Version Community Edition IBM
IBM Security QRadar Version 7.3.1 Community Edition IBM Note Before you use this information and the product that it supports, read the information in Notices on page 7. Product information This document
More informationWhat's New in Notes/Domino 901 Feature Pack 8
What's New in Notes/Domino 901 Feature Pack 8 Open Mic Date: 11 May 2017 1 Notes/Domino Team Swapnil Patankar- IBM L2 Support Nilesh Desai - IBM L2 Support Ranjit Rai - IBM ICS SWAT Focusing on entire
More informationSymantec Encryption Management Server and Symantec Data Loss Prevention. Integration Guide
Symantec Encryption Management Server and Symantec Data Loss Prevention Integration Guide The software described in this book is furnished under a license agreement and may be used only in accordance
More informationIBM. Avoiding Inventory Synchronization Issues With UBA Technical Note
IBM Tivoli Netcool Performance Manager 1.4.3 Wireline Component Document Revision R2E1 Avoiding Inventory Synchronization Issues With UBA Technical Note IBM Note Before using this information and the product
More informationXGS Administration - Post Deployment Tasks
IBM Security Network Protection Support Open Mic - 18 November 2015 XGS Administration - Post Deployment Tasks Panelists Tanmay Shah XGS Product Lead, L2 Support (Presenter) Thomas Gray L2 Support Manager
More informationMyCreditChain Terms of Use
MyCreditChain Terms of Use Date: February 1, 2018 Overview The following are the terms of an agreement between you and MYCREDITCHAIN. By accessing, or using this Web site, you acknowledge that you have
More informationIBM MQ Appliance Session AME-4166
IBM MQ Appliance Session AME-4166 Grange Hervé hgrange@fr.ibm.com 2015 IBM Corporation Introducing IBM MQ Appliance The scalability and security of IBM MQ V8 Integrates seamlessly into MQ networks and
More informationPortal 9.1 PeopleBook: Internal Controls Enforcer
Portal 9.1 PeopleBook: Internal Controls Enforcer January 2012 PeopleSoft Portal 9.1 Internal Controls Enforcer PeopleBook SKU ps91psic-b0112 Copyright 2000, 2012, Oracle and/or its affiliates. All rights
More informationIBM. Release Notes November IBM Copy Services Manager. Version 6 Release 1
IBM Copy Services Manager IBM Release Notes November 2016 Version 6 Release 1 IBM Copy Services Manager IBM Release Notes November 2016 Version 6 Release 1 Note: Before using this information and the
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationIBM Cognos Dynamic Query Analyzer Version Installation and Configuration Guide IBM
IBM Cognos Dynamic Query Analyzer Version 11.0.0 Installation and Configuration Guide IBM Note Before using this information and the product it supports, read the information in Notices on page 7. Product
More informationUnderstanding scan coverage in AppScan Standard
IBM Security AppScan Standard Open Mic Webcast January 27, 2015 Understanding scan coverage in AppScan Standard Panelists Shahar Sperling Software Architect at Application Security AppScan Tal Rabinovitch
More informationNetwrix Auditor for SQL Server
Netwrix Auditor for SQL Server Quick-Start Guide Version: 9.5 10/25/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment from
More informationLet s Talk About Threat Intelligence
Let s Talk About Threat Intelligence IBM SECURITY SUPPORT OPEN MIC #20 Slides and additional dial in numbers: http://ibm.biz/openmic20 January 26, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR
More informationXGS: Making use of Logs and Captures
IBM Security Network Protection XGS Open Mic webcast #6 June 24, 2015 XGS: Making use of Logs and Captures Panelists Bill Klauke (Presenter) Product Lead L2 Support Maxime Turlot Product Lead L2 Support
More informationCybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY
Cybersecurity THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY Gary Meshell World Wide Leader Financial Services Industry IBM Security March 21 2019 You have been breached; What Happens Next 2 IBM Security
More informationIBM. Networking INETD. IBM i. Version 7.2
IBM IBM i Networking INETD Version 7.2 IBM IBM i Networking INETD Version 7.2 Note Before using this information and the product it supports, read the information in Notices on page 5. This document may
More informationA Quick Look at IBM SmartCloud Monitoring. Author: Larry McWilliams, IBM Tivoli Integration of Competency Document Version 1, Update:
A Quick Look at IBM SmartCloud Monitoring Author: Larry McWilliams, IBM Tivoli Integration of Competency Document Version 1, Update: 2012-01-23 Note: Before using this information and the product it supports,
More information