What's new in this release

New features, functions, and enhancements.

IBM Security Guardium V11.5

Additional security incident policies: Two new security incident policies are available to help provide out-of-the-box security incident protection.; For more information, see Security anomalies and Password spraying attack policy and rules.
CyberArk: Guardium now supports the CyberArk AIM agent version 12.4.1. After you install the new CyberArk patch, the Guardium system indicates that CyberArk version 12.04 is installed (Version 12.04 is the Guardium equivalent of CyberArk AIM agent 12.4.1). You need not reconfigure your datasources to connect to CyberArk. Test a datasource to ensure that your Guardium system can establish a connection and fetch the password from your CyberArk vault.
Datasources: Support is added for Snowflake and MariaDB.; SSL support is added for Informix, SAP Hana, and Sybase IQ.; Entitlement support is added for Amazon Redshift, Snowflake, MySQL, and MariaDB.
External S-TAP improvements: You can now add comments to External S-TAP deployments.; You can delete multiple External S-TAPS, as long as none of the selected External S-TAPs are running. You can also delete one or more inactive containers from a group.; If desired, you can now specify that the External S-TAP use an internal load balancer for a selected cloud provider.; For more information about External S-TAP, see The External S-TAP user interface.
IBM® Knowledge Catalog integration: Integrate your Guardium® data with IBM Knowledge Catalog policies to help ensure that your Guardium data is protected through IBM Knowledge Catalog. An IBM Cloud Pak for Data license is required.; For more information, see Integrating with IBM Knowledge Catalog for federated data protection.
Netezza Performance Server embedded integration: The Netezza Performance Server (NPS) integration with Guardium is available with NPS for Cloud Pak for Data System. For more information, see Embedded integrations or Enabling query and result sharing with Guardium in the IBM Docs for the IBM Netezza® Performance Server.
Real-time trust evaluator improvements: There are improvements to the UI for the real-time trust evaluator, along with other updates. The documentation is reorganized to improve readability. For more information, see Real-time trust evaluator.; You can now configure the trust evaluator to look for and track anomalous conditions. For more information, see Configuring the trust evaluator.
Windows guard-config-update script: Use guard-config-update to update your S-TAP configuration from the command line. For more information, see Configuring S-TAP with guard_config_update.
Venafi certificate management: Several enhancements are added to the Venafi certificate management feature. You can now use grdAPI commands to propagate Venafi configurations and certificates from a central manager to some or all of the managed units.
Vulnerability Assessment: You can now add custom comments to a vulnerability assessment test. These comments can be added to pre-defined or custom tests and can be exported or imported between Guardium systems.; In the vulnerability assessment test results, you can choose to include or exclude test scores for databases that are not supported. When the vulnerability assessment test score is "Not Applicable for the DB version", the test results and recommendations now display the database versions that are supported.; A number of back-end updates are added to facilitate integration between ServiceNow vulnerability response and Vulnerability Assessment.