Imperva Data Protection and Compliance

SecureSphere data protection solution can meet all aspects of database security and compliance requirements, and its database audit and real-time protection have no impact on performance or availability. SecureSphere can be scaled to support the largest database and big data installations. By automating security and compliance, it is not surprising that thousands of organizations choose Imperva SecureSphere suitable for data to protect their most valuable assets.

is applicable to data SecureSphere

• Discover and help classify sensitive databases

• Audit all sensitive data access permissions in all data stores.

• Identify unauthorized users and dormant users and start a complete permission audit cycle.

• Protect RDBMS, data warehouses, big data platforms, and host databases.

• alert, isolate, or block database attacks and unauthorized activities in real time

• use advanced analysis functions to speed up incident response and forensic investigation

• meet your evolving IT needs for high availability clusters and Amazon Web Services (AWS) cloud deployments

• provides fast time to value and predictable cost without negatively affecting database performance

flexible enterprise-ready deployment

Imperva takes a comprehensive view of the enterprise with a centralized management console that provides command and control from the global level. The top-level management console can automate tasks such as rapid layout of global policies and data classification, thus accelerating execution time.

Imperva also confirms the value of IT configuration and provides API sets to facilitate seamless software distribution, configuration updates, policy allocation, and data discovery. Deployment and configuration automation is the primary element of time-to-value. For example, a Imperva customer can use these automated tools to deploy more than 69,000 databases in a few months.

Imperva goes beyond the typical deployment scenario where agents are required on all database servers; SecureSphere supports multiple deployment methods, including local agents, network transparent bridge options, and non-serial listener mode. By adopting a combination of multiple deployment methods, enterprises can meet a large number of different needs without being trapped in a common model.

Discover Hidden Risks and Costs

SecureSphere database assessment can identify database vulnerabilities and measure compliance with industry standards and best practices. Combining sensitive data discovery and data classification, organizations can accurately review security and compliance projects and prioritize risk mitigation activities.

Monitor all traffic for protection and compliance

Even if the database traffic is large, SecureSphere can monitor all traffic for both security policy violations and compliance policy purposes. Efficient monitoring for individual purposes can enable companies to meet both security and compliance requirements with only one unified solution.

SecureSphere real-time analysis of all database activities, provide the organization with a proactive security execution layer and detailed audit trails, and can display the "object, content, time, place and method" of each transaction ". SecureSphere audit authorized users who can directly access the database server, as well as users who access the database through browsers, mobile phones, or desktop computer-based applications.

Manage user access

In fact, all regulations require user rights to manage sensitive data. Compliance with these requirements is one of the most difficult tasks for enterprises to perform manually in big data sets. SecureSphere automatically centralize user rights in heterogeneous data stores and help establish an automated access rights review process to eliminate unauthorized user rights. It can promote the daily display of compliance with regulations such as SOX and PCI DSS. Automation of these mundane and critical tasks reduces labor costs and the risk of errors or reporting gaps.

Simplify data compliance

Unlike solutions that require DBA participation and rely on expensive professional services, SecureSphere can provide the necessary management and centralized functions to manage thousands of databases, big data nodes, and file repositories. Scheduled policies, remediation workflows, and hundreds of reports can significantly reduce the need for SQL scripting and compliance expertise. The elimination of the need for ongoing DBA participation ensures compliance with the accountability requirements. By leveraging out-of-the-box process APIs, management consoles, workflows, reporting, and analysis tools, existing personnel can deploy and manage systems.

Discover and manage database vulnerabilities

malicious insiders and hackers can easily steal data by using unpatched systems, accessing accounts with default passwords, and using administrator rights. SecureSphere can help you prioritize and remedy vulnerabilities by evaluating database platforms and configurations. These assessments are consistent with the latest research by the Imperva Application Protection Center (ADC).

Dynamic Modeling-Discover and Stop Abnormal Behavior

SecureSphere uses Imperva patented dynamic learning method (DLM) and adaptive normal behavior pattern (NBP) technology to identify the normal access pattern of users to data. It establishes a baseline of all user activities, including: DML, DDL, DCL, read-only activity (SELECT), and the use of pre-stored programs. SecureSphere detect substantial differences when users make unexpected inquiries.

multi-function warnings, temporary isolation, and, where appropriate, interception of unauthorized activities can be used to protect data without disabling user accounts to avoid potential damage to critical business processes. Automated remediation workflows can advance multi-functional security warnings that can send information to SPLUNK, SIEM, ticketing, or other third-party solutions to simplify business processes.

Real-time protection

the real-time stop tool is the only effective way to prevent hackers from invading your data. SecureSphere look for attacks and unauthorized SQL activity at the protocol and OS layers to monitor all traffic for security policy violations. Efficient monitoring can isolate or intercept activities that require user rights authentication-without damaging business by disabling the entire account.

interception can be implemented at the database proxy and network level to realize fine-tuning of security profiles, thus balancing the demand for absolute security and optimal performance.

Stop Targeted Advanced Attacks

effectively improve proactive security and deploy Imperva SecureSphere Web application firewalls with the same infrastructure and management platform as SecureSphere data solutions. Additional integration with malware protection, SIEM and other professional security systems can help organizations adjust processes and bridge security gaps.

Discover and manage database vulnerabilities

In general, there are several months between the discovery of data vulnerabilities and the time to receive patches. SecureSphere database evaluation and database firewall work together to identify vulnerabilities and automatically build policies that hinder them.

SecureSphere database firewall virtual patches can protect vulnerabilities that are clearly understood but not patched. These assessments are consistent with the latest research by the Imperva Application Protection Center (ADC).