Vendor: IBM

April 15, 2026 · View on GitHub

Product: Guardium

Rules	Models	MITRE ATT&CK® TTPs	Activity Types	Parsers
40	21	2	2	3

Use-Case	Activity Types/Parsers	MITRE ATT&CK® TTP	Content
Compromised Credentials	database-alert ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql database-query ↳ibm-guardium-kv-database-query-success-dbuser ↳ibm-guardium-leef-database-query-success-sql-1	T1213 - Data from Information Repositories	36 Rules 19 Models
Data Access	database-alert ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql database-query ↳ibm-guardium-kv-database-query-success-dbuser ↳ibm-guardium-leef-database-query-success-sql-1	T1213 - Data from Information Repositories	36 Rules 19 Models
Data Exfiltration	database-alert ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql	TA0002 - TA0002	2 Rules 1 Models
Malware	database-alert ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql ↳ibm-guardium-kv-alert-trigger-success-guardiumalert ↳ibm-guardium-str-alert-trigger-success-mssql	TA0002 - TA0002	2 Rules 1 Models

MITRE ATT&CK® Framework for Enterprise

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
								Data from Information Repositories