Information Security Manager at a retailer with 10,001+ employees
Real User
Top 10
2021-06-25T14:21:06Z
Jun 25, 2021
Guardium could expand the templates beyond CIS/STIG by correlating with other market-templates (PCI, Sox, HIPAA...) and maybe, in the future, put a button that allows you to autofix the problem identified in the asset/database (like Symantec ESM did in the past com several types of targets). The expansion of connectors for non-traditional/legacy/cloud database could be reviewed/improved.
CTA\Owner at a tech services company with 11-50 employees
Real User
2022-08-24T21:06:59Z
Aug 24, 2022
It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment. It was also expensive.
Chief Technology Officer at Leystel Nigeria Limited
Reseller
2020-03-16T06:56:13Z
Mar 16, 2020
The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster. As it is now, the test list is fairly long.
The only problem is that some of the reports come up with blanks and missing data. In this area, it's a challenge, especially when there is a lot of traffic on the servers that you are trying to monitor. Sometimes the reports come out with question marks. Building policies is not that easy. Some things are turned off by default, for example, displaying values. Maybe it's a good security feature, but sometimes the user finds it frustrating because they are expecting to see the result set. The biggest challenge is in building policies because you have to involve users and stakeholders. When you are training a user, there is a disconnect with the classroom-lead IBM training. The training is intensive. For five days you are hammered, but when it comes to doing it, it's a different understanding, so users find it difficult. Pricing could be improved. Small firms shy away from IBM because of the pricing. In the next release, I would like to see some third party support. A different way the developers can build the entire application. We would like to see more applications added. It is called IBM Security Exchange, so this is where you find that IT is going to develop some apps that can be run on Guardium. If you go to IBM QRader or SIEM for example, they have many applications that you can add to your existing deployment that are the same for Guardium.
Vulnerability Management (VM) is a critical cybersecurity process focused on identifying, evaluating, and mitigating vulnerabilities in IT systems. It helps organizations protect their networks and assets by proactively managing security weaknesses before they can be exploited by threats.
Guardium could expand the templates beyond CIS/STIG by correlating with other market-templates (PCI, Sox, HIPAA...) and maybe, in the future, put a button that allows you to autofix the problem identified in the asset/database (like Symantec ESM did in the past com several types of targets). The expansion of connectors for non-traditional/legacy/cloud database could be reviewed/improved.
It was not as easy to use. The user-friendliness of it was somewhat lower than what I was expecting. It was also lacking in terms of the ease of the setup. There should be an automatic agent for deployment. It was also expensive.
The interface could be improved by having sub-groups of tests, ultimately making the process of collecting tests faster. As it is now, the test list is fairly long.
The only problem is that some of the reports come up with blanks and missing data. In this area, it's a challenge, especially when there is a lot of traffic on the servers that you are trying to monitor. Sometimes the reports come out with question marks. Building policies is not that easy. Some things are turned off by default, for example, displaying values. Maybe it's a good security feature, but sometimes the user finds it frustrating because they are expecting to see the result set. The biggest challenge is in building policies because you have to involve users and stakeholders. When you are training a user, there is a disconnect with the classroom-lead IBM training. The training is intensive. For five days you are hammered, but when it comes to doing it, it's a different understanding, so users find it difficult. Pricing could be improved. Small firms shy away from IBM because of the pricing. In the next release, I would like to see some third party support. A different way the developers can build the entire application. We would like to see more applications added. It is called IBM Security Exchange, so this is where you find that IT is going to develop some apps that can be run on Guardium. If you go to IBM QRader or SIEM for example, they have many applications that you can add to your existing deployment that are the same for Guardium.