Imperva
Key Business Features
- Web Application Security
- Database Security
- Protecting Cardholder Data (PCI)
- Enterprise Application Security
- Database Auditing
- Mainframe Auditing
- Automated Compliance Reporting
- Data Risk Management
- Database Vulnerability Assessment
- Web Application Security
- Database Security
- Protecting Cardholder Data (PCI)
- Enterprise Application Security
- Database Auditing
- Mainframe Auditing
- Automated Compliance Reporting
- Data Risk Management
- Database Vulnerability Assessment
SecureSphere Web Application Firewall
Safeguard Web applications from attacks
and data breaches with the market leading
Web Application Firewall. SecureSphere
helps businesses:
» Monitor and protect Web applications
» Directly address PCI 6.6 compliance
» Automate security operations with
Dynamic Profiling
» Transparently protect Web applications with
virtual patching
» Deliver high performance, sub-millisecond
latency, and enterprise-class management
and reporting
and data breaches with the market leading
Web Application Firewall. SecureSphere
helps businesses:
» Monitor and protect Web applications
» Directly address PCI 6.6 compliance
» Automate security operations with
Dynamic Profiling
» Transparently protect Web applications with
virtual patching
» Deliver high performance, sub-millisecond
latency, and enterprise-class management
and reporting
Key Features:
- Market leading solution
- HTTP protocol validation
- Data Leak Prevention
- Network and Platform Protection
- Unparalleled Accuracy
- Web 2.0 and Web Services Protection
- Automated Application Learning
- Application User Tracking
- Up-To-Date Security
- Market leading solution
- HTTP protocol validation
- Data Leak Prevention
- Network and Platform Protection
- Unparalleled Accuracy
- Web 2.0 and Web Services Protection
- Automated Application Learning
- Application User Tracking
- Up-To-Date Security
SecureSphere Features and Applications for Database Security
Coverage
Oracle, MS-SQL, Sybase, DB2, Informix, MySQL, Teradata
Deployment Modes
Flexible Hybrid deployments combining – Network Monitoring Gateways: Inline or in sniffing mode
SecureSphere Agents: light-weight agents monitor local privileged activity
Remote agentless collection: for 3rd party audit logs
Discovery & Classification
Database Servers, Financial Information, Credit Card Numbers, System and Application Credentials, Personal Identification Information, Custom Data Types
Vulnerability Assessment
Operating system and RDBMS vulnerabilities
Configuration and Security Best Practices
User Activity Details
Network and Local user activity
Database User, source OS user, User group
SQL Operations
Read-Only (SELECTs), Data changes (DML) , changes to Objects and Schemas (DDL), User creation, grants and revokes (DCL)
Oracle, MS-SQL, Sybase, DB2, Informix, MySQL, Teradata
Deployment Modes
Flexible Hybrid deployments combining – Network Monitoring Gateways: Inline or in sniffing mode
SecureSphere Agents: light-weight agents monitor local privileged activity
Remote agentless collection: for 3rd party audit logs
Discovery & Classification
Database Servers, Financial Information, Credit Card Numbers, System and Application Credentials, Personal Identification Information, Custom Data Types
Vulnerability Assessment
Operating system and RDBMS vulnerabilities
Configuration and Security Best Practices
User Activity Details
Network and Local user activity
Database User, source OS user, User group
SQL Operations
Read-Only (SELECTs), Data changes (DML) , changes to Objects and Schemas (DDL), User creation, grants and revokes (DCL)
Content Updates
Signatures and content updates based on
primary ADC research delivered through
ADC Updates
Tamper-Proof Audit Trail
Optional encryption of audit data
Role based access controls to real-time views of audit data (read-only)
Centralized Management
MX Server for centralized management
Web User Interface (HTTP/HTTPS)
Command Line Interface (SSH/Console)
Real-time dashboard
Integrated Reporting
Predefined graphical reports including:
» Compliance (SOX, PCI, HIPAA and more)
» Business applications (SAP, Oracle EBS, PeopleSoft)
Custom User defined Reports
Workflow and 3rd Party Integration
SNMP, Syslog, Email
SecureSphere task workflow
SIEM and Incident management ticketing
integration
High Availability
IMPVHA (Active/Active, Active/Passive)
Fail open interfaces (bridge mode only)
VRRP
STP and RSTP
Signatures and content updates based on
primary ADC research delivered through
ADC Updates
Tamper-Proof Audit Trail
Optional encryption of audit data
Role based access controls to real-time views of audit data (read-only)
Centralized Management
MX Server for centralized management
Web User Interface (HTTP/HTTPS)
Command Line Interface (SSH/Console)
Real-time dashboard
Integrated Reporting
Predefined graphical reports including:
» Compliance (SOX, PCI, HIPAA and more)
» Business applications (SAP, Oracle EBS, PeopleSoft)
Custom User defined Reports
Workflow and 3rd Party Integration
SNMP, Syslog, Email
SecureSphere task workflow
SIEM and Incident management ticketing
integration
High Availability
IMPVHA (Active/Active, Active/Passive)
Fail open interfaces (bridge mode only)
VRRP
STP and RSTP
Query Details
Query Text, query group, response text,
response size, response time, response
codes, response code strings
Complex Queries
Prepared statements, nested and dynamic
queries, views, triggers, stored procedures and the operations they execute
Event Details
Date, Time, Source OS, Source Application, Source hostname, user location, database location
Platform Security
Platform intrusion prevention
Known and zero-day worm security
Network Security
Stateful firewall
DoS prevention
Fraud Prevention
Unauthorized sensitive data access
Unexpected source IP or time of day
Abnormal user activity
Data Leak Prevention
Credit card number
PII (personally identifiable information)
Pattern matching
Query Text, query group, response text,
response size, response time, response
codes, response code strings
Complex Queries
Prepared statements, nested and dynamic
queries, views, triggers, stored procedures and the operations they execute
Event Details
Date, Time, Source OS, Source Application, Source hostname, user location, database location
Platform Security
Platform intrusion prevention
Known and zero-day worm security
Network Security
Stateful firewall
DoS prevention
Fraud Prevention
Unauthorized sensitive data access
Unexpected source IP or time of day
Abnormal user activity
Data Leak Prevention
Credit card number
PII (personally identifiable information)
Pattern matching
Track and Protect Cardholder Data for PCI
Imperva enables organizations to meet the most challenging requirements in the Payment Card Industry (PCI) Data Security Standard (DSS). Merchants and service providers of all sizes trust Imperva SecureSphere to protect sensitive information, audit access to cardholder data, and automate their PCI compliance processes.
PCI DSS Requirements for Data Security Compliance
SecureSphere helps organizations meet 8 of the 12 high level requirements in the PCI standard including the traditionally most challenging Web application and database security requirements.
Why Imperva for PCI DSS Compliance:
- Comprehensive, accurate protection of cardholder data
- Continuous, automated data protection and audit logging
- Low cost of ownership
- No impact on existing infrastructure
- Automated policy configuration
- Enterprise-class management and reliability
- Automated PCI compliance reporting
- SecureSphere's sophisticated application and database security technology enables organizations to meet PCI IT requirements
Imperva enables organizations to meet the most challenging requirements in the Payment Card Industry (PCI) Data Security Standard (DSS). Merchants and service providers of all sizes trust Imperva SecureSphere to protect sensitive information, audit access to cardholder data, and automate their PCI compliance processes.
PCI DSS Requirements for Data Security Compliance
SecureSphere helps organizations meet 8 of the 12 high level requirements in the PCI standard including the traditionally most challenging Web application and database security requirements.
Why Imperva for PCI DSS Compliance:
- Comprehensive, accurate protection of cardholder data
- Continuous, automated data protection and audit logging
- Low cost of ownership
- No impact on existing infrastructure
- Automated policy configuration
- Enterprise-class management and reliability
- Automated PCI compliance reporting
- SecureSphere's sophisticated application and database security technology enables organizations to meet PCI IT requirements