Guardium Integrates Vulnerability Management To Better Protect Databases, Assess Risk and Reduce Compliance Costs

Business Wire,  April 2, 2008  

• E-mail
• Print
• Link

First Solution to Integrate Vulnerability Assessment with Sensitive Data Discovery, Real-Time Activity Monitoring, Policy-Based Controls, Configuration Auditing and Compliance Workflow Automation

WALTHAM, Mass. -- Guardium, the database security company, today announced that it has tightly integrated vulnerability management with its enterprise database security and compliance platform.

Guardium 7 is the first solution in the industry to address the entire database security and compliance lifecycle with a unified Web console, back-end data store and workflow automation system. With this unified approach, organizations now have a single scalable platform to deliver critical security and compliance functions across all of their data centers, DBMS platforms and enterprise applications, including:

Most Popular Articles in Business

Research and Markets : Tesco Plc - SWOT Framework Analysis

Do Us a Flavor - Ben & Jerry's Issues a Call for Euphoric New Flavors

eBay made easy: ready to start an eBay business? These 5 simple steps will ...

Katrina's lawsuit surge: a legal battle to force insurers to pay for flood ...

Wal-Mart's newest distribution center opened last month near the southwest ...

More »

* Comprehensive protection of critical enterprise data

* Risk assessment with business context, and

* Security and compliance at lower cost and with less effort -- freeing IT resources to focus on other strategic initiatives.

According to Gartner's June 2007 report1, "Enterprises that implement vulnerability management will reduce compliance reporting costs for technology controls by 70% (0.8 probability)."

The report, written by Gartner VP Mark Nicolett, also states that "An effective vulnerability management program can make an organization more effective and efficient in reducing the risk of internal and external threats and at the same time, provide proof of compliance demanded by auditors."

Guardium will be demonstrating Version 7 at the RSA 2008 Conference in San Francisco, April 7-11 in Booth #2450. Version 7 is a major release that incorporates new vulnerability and threat management capabilities as well as other significant enhancements that will be announced over the next few months, in multiple areas including: integration with other enterprise security and compliance systems; enhanced granular access controls for sensitive data; support for new DBMS platforms, enterprise applications and protocols; and new capabilities for breach investigations and forensics.

Automating the Vulnerability and Threat Management Lifecycle

Guardium 7 is the only solution that enables enterprises to go beyond vulnerability reporting to address the entire vulnerability management lifecycle, including assessing business risk, supporting mitigation activities and streamlining compliance reporting and oversight processes. In particular, Guardium 7 allows organizations to rapidly:

* Pinpoint database vulnerabilities. Missing patches, misconfigured privileges, weak passwords and default accounts create enormous risk. Guardium incorporates industry best practices to flag these and other vulnerabilities, like unauthorized access to reserved Oracle E-Business Suite and SAP tables to ensure compliance with Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI-DSS). A new add-on subscription service is also being offered with regular updates for assessment tests, signatures and content that reduces the need for manual configuration.

* Prioritize remediation activities--based on business risk. Guardium 7 automatically locates and classifies sensitive data such as credit card numbers and magnetic stripe data in corporate databases, and analyzes baseline behavior to understand how and when line-of-business applications are accessing vulnerable databases. Risk assessment is crucial for prioritizing remediation.

* Protect unpatched systems with real-time controls. Database systems can take 3-6 months to patch due to the need for a comprehensive change management and testing process. Guardium's solution protects databases before and after they're patched, through database activity monitoring and signature-based policies, along with preventive controls such as real-time alerts, automated account lockouts and blocking. Policies and activity baselining can also protect against application vulnerabilities such as SQL injection and buffer overflow, and provide granular access controls for sensitive data.

* Harden databases. Once vulnerable systems have been repaired, organizations need to ensure that only authorized changes are made. Guardium's Configuration Audit System (CAS) prevents unauthorized changes to databases once a secure configuration baseline has been established.

* Document and streamline compliance. Auditors want to know that incidents are being tracked and resolved in a timely manner. Guardium's Incident Manager and Compliance Workflow Automation system tracks progress on the remediation of vulnerable systems, automating compliance report distribution, electronic sign-offs and escalations. Compliance is also simplified by consolidating and normalizing audit data from multiple DBMS platforms, enterprise applications and data center locations into a centralized repository for enterprise-wide compliance reporting, breach investigations and forensics.

"Vulnerability management enables organizations to proactively address a wider range of emerging threats and allows what used to be a set of tedious and disparate details to be automated and managed based on risk," said Ron Bennatan, Ph.D., Guardium CTO and author of Implementing Database Security and Auditing (Elsevier Digital Press, 2005). "We're committed to consistently out-pacing the market - leveraging our innovative architecture to give our global customers the strongest and most comprehensive solution for protecting business-critical databases."

Find Research Guides for:

• Abortion
• ADHD
• AIDS
• Alternative Energy
• Alternative Medicine
• Cancer
• Capital Punishment
• Cloning
• Hate Crime
• Cryonics
• Drug Abuse
• Eating Disorders
• Gay Issues
• Global Warming
• Holidays
• Immigration
• Medical
• Men's Health
• Mental Health
• Real Estate
• Stem Cells
• Women's Health

Find Featured Titles for: Sports

• American Handgunner
• Auto Racing Digest
• Baseball Digest
• Basketball Digest
• Boat/US Magazine
• Bowling Digest
• California Fairways
• Camping Magazine
• Football Digest
• Golf Course News
• Golf Digest
• Guns Magazine
• Hockey Digest
• National Dragster
• Shooting Industry
• Soccer Digest

Most Popular Articles in Business

• Research and Markets : Tesco Plc - SWOT Framework Analysis
• Do Us a Flavor - Ben & Jerry's Issues a Call for Euphoric New Flavors
• eBay made easy: ready to start an eBay business? These 5 simple steps will ...
• Katrina's lawsuit surge: a legal battle to force insurers to pay for flood ...
• Wal-Mart's newest distribution center opened last month near the southwest ...
• More »

Most Popular Publications in Business

• Business Wire
• Black Enterprise
• Real Estate Weekly
• Los Angeles Business Journal
• Communication World
• More »