What is our primary use case?
The usual use cases for IBM Security Guardium DSPM that I mostly work with are normal data protection, vulnerability assessment, database compliance scans, data classification, and database activity monitoring, which is a primary solution.
I use the Discovery feature in IBM Security Guardium DSPM; it comes second after database activity monitoring, with the vulnerability feature following closely as the third.
My impression of the Discovery feature in managing sensitive data across environments is that it operates similarly to other discovery and classification products. For instance, we also use BigID for these functionalities, but IBM Security Guardium DSPM can also accomplish similar tasks through its algorithms that identify sensitive data, including PCA data and credit card details, with policies definable based on user needs and the integration of external tools like Guardium Insight assisting in comprehensive data management.
In my experience, the importance of data classification in compliance and governance efforts is vital because until you know what kind of data you are dealing with, you cannot implement appropriate security controls. Different companies have varied classification standards, but for example, identifying PCI data is essential to establish whether an application is internet-facing or internal-facing. While IBM Security Guardium DSPM is limited in some respects, it can still sense data and classify it as PCI, PII, or PHI-related, ensuring that sensitive data is adequately protected based on its classification.
What is most valuable?
The most valuable feature of IBM Security Guardium DSPM that I have found so far is database activity monitoring.
The most important aspect of database activity monitoring is that it complies with the regulations, offering pre-built reports and numerous options in IBM Security Guardium DSPM to tune policies, along with various integrations such as with SIEM and ticketing products, making it a more compatible product compared to others.
What needs improvement?
In terms of improvements for IBM Security Guardium DSPM, I believe there is potential for enhancement in the operational perspective, particularly in the user interface and the deployment of agents. I think they could benefit from having a singular agent that can be pushed directly from a centralized console instead of relying on Unix or Windows admins for deployment.
For how long have I used the solution?
I have been working with IBM Security Guardium DSPM for almost 12 years.
What do I think about the stability of the solution?
The stability and reliability of IBM Security Guardium DSPM are good.
Stability benefits my customers' workflows because the agent is lightweight, rarely causing issues on database servers, and it is very rare for the appliance to go down.
What do I think about the scalability of the solution?
IBM Security Guardium DSPM is scalable, allowing you to spin up new VMs as needed.
When customer needs grow, IBM Security Guardium DSPM is adaptable, allowing for growth without any hindrance, enabling the addition of another collector.
How are customer service and support?
I often communicate with IBM technical support.
I would rate IBM's initial technical support a six out of ten because it tends to take you for a ride; however, once the issue escalates beyond L1, it typically performs really well, deserving a ten out of ten.
On average, I would rate their support an eight.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I worked at IBM before, but currently, I am not working with IBM; it is a different company.
How was the initial setup?
I consider the initial setup of IBM Security Guardium DSPM to be straightforward, but it requires professionals who are knowledgeable about IBM Security Guardium DSPM. Without that expertise, it will not be easy for any organization to set up.
What's my experience with pricing, setup cost, and licensing?
The pricing of IBM Security Guardium DSPM is based on the number of database servers it covers.
I am not sure if my customers express their opinions about the price of IBM Security Guardium DSPM, so I cannot comment on that.
Which other solutions did I evaluate?
I cannot really comment on the analytics and machine learning features of IBM Security Guardium DSPM as we have only conducted a proof of concept for the analytic features in Guardium Insight, which we may evaluate later.
What other advice do I have?
I am a consultant for IBM Security Guardium DSPM, not an end-user, integrator, or reseller.
In my experience, the impact of customizable alerts on immediate threat response efficiency is significant yet challenging, as fine-tuning policies to generate actionable alerts requires a deep understanding of the environment. If clarity on user access and permissions is lacking, it leads to a barrage of alerts, complicating the SIEM team's task of determining which alerts are actionable.
My overall rating for IBM Security Guardium DSPM is an 8.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
IBM
