Light Dark
April 18, 2017 By Leslie Wiggins 3 min read

We’re pleased to announce that IBM Guardium was named the overall leader in the “KuppingerCole Leadership Compass for Database Security.” The report focused on 10 vendors and selected the overall leader based on a combined rating that accounts for the strength of products, the market presence and the innovation of vendors.

Digging Into the Database Security Market Segment

Author Alexei Balaganski wrote: “Databases are arguably still the most widespread technology for storing and managing business-critical digital information. Manufacturing process parameters, sensitive financial transactions or confidential customer records — all this most valuable corporate data must be protected against compromises of their integrity and confidentiality without affecting their availability for business processes. The area of database security covers various security controls for the information itself stored and processed in database systems, underlying computing and network infrastructures, as well as applications accessing the data.”

Download the report

This diagram shows vendors’ positions in the Database Security segment:

Key Functional Areas That Map to Customer Requirements

These are key functional areas of database security solutions that were considered as part of the process of rating vendors:

  • Vulnerability assessment. This includes not just discovering known vulnerabilities in database products, but also providing complete visibility into complex database infrastructures, detecting misconfigurations, and assessing and mitigating these risks.
  • Data discovery and classification. Although classification alone does not provide any protection, it serves as a crucial first step toward defining proper security policies for different data depending on its criticality and compliance requirements.
  • Data protection. The report considered data encryption at rest and in transit, static and dynamic data masking, and other technologies for protecting data integrity and confidentiality.
  • Monitoring and analytics. This includes monitoring of database performance characteristics and complete visibility in all access and administrative actions for each instance. On top of that, advanced real-time analytics, anomaly detection and security information and event management (SIEM) integration can be provided.
  • Threat prevention. This refers to methods of protection from cyberattacks such as distributed denial-of-service (DDoS) or SQL injection, mitigation of unpatched vulnerabilities and other database-specific security measures.
  • Access management. This goes beyond basic access controls to database instances. The rating process focused on more sophisticated, dynamic, policy-based access management capable of identifying and removing excessive user privileges, managing shared and service accounts, and detecting and blocking suspicious user activities.
  • Audit and compliance. This includes advanced auditing mechanisms beyond native capabilities, centralized auditing and reporting across multiple database environments, enforcing separation of duties, and tools supporting forensic analysis and compliance audits.
  • Performance and scalability. Although not a security feature per se, it is a crucial requirement for all database security solutions to be able to withstand high loads, minimize performance overhead and support deployments in high-availability configurations. For certain critical applications, passive monitoring may still be the only viable option.

KuppingerCole stressed the importance of a strategic approach toward information security. Customers are encouraged to look at database security products not as isolated point solutions, but as a part of an overall corporate security strategy based on a multilayered architecture and unified by centralized management, governance and analytics.

Guardium Is the Gold Standard

Oracle and IBM are the only two vendors in the Leader category. It is worth noting that Oracle’s main weakness mentioned in the KuppingerCole Compass report is that “a number of products are available only for Oracle databases.” Since most businesses operate heterogeneous environments and have sensitive data scattered across multiple databases, data warehouses, applications and other environments, this is a significant limitation.

IBM Security Guardium strengths called out in the report include:

  • Full range of data security capabilities beyond just databases;
  • Advanced big data and cognitive analytics;
  • Nearly unlimited scalability;
  • Bidirectional integration with IBM QRadar SIEM; and
  • A massive network of technology partners and resellers.

While IBM Security Guardium protects data in all major types of data repositories — from databases, data warehouses and big data environments to file systems, cloud solutions and mainframe environments — the KuppingerCole Compass and vendor assessment focused only on database security because of the widespread nature of the technology.

Download the complete KuppingerCole Leadership Compass for Database Security

 |  |  |  |  |  |  | 
Leslie Wiggins
Program Director, IBM Security

More from

May 16, 2024

Grandoreiro banking trojan unleashed: X-Force observing emerging global campaigns

16 min read - Since March 2024, IBM X-Force has been tracking several large-scale phishing campaigns distributing the Grandoreiro banking trojan, which is likely operated as a Malware-as-a-Service (MaaS). Analysis of the malware revealed major updates within the string decryption and domain generating algorithm (DGA), as well as the ability to use Microsoft Outlook clients on infected hosts to spread further phishing emails. The latest malware variant also specifically targets over 1500 global banks, enabling attackers to perform banking fraud in over 60 countries…

May 15, 2024

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

May 14, 2024

Threat intelligence to protect vulnerable communities

2 min read - Key members of civil society—including journalists, political activists and human rights advocates—have long been in the cyber crosshairs of well-resourced nation-state threat actors but have scarce resources to protect themselves from cyber threats. On May 14, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released a High-Risk Communities Protection (HRCP) report developed through the Joint Cyber Defense Collaborative that addresses the threat to these vulnerable groups, with findings contributed by the X-Force Threat Intelligence team.Cyber criminals seek stolen credentialsThe HRCP…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature