The SecureSphere platform is the cornerstone of Imperva's award-winning data security products.
It includes centralised management and reporting framework, physical and virtual appliance delivery options, and server agent software that extends data security to host systems. The SecureSphere platform, with its flexible deployment options and administration capabilities, provides organisations the scalability, adaptability, and management needed to deploy state of the art data security solutions.
SecureSphere includes Management, Analytics, and Reporting, Hardware Appliances, Virtual Appliances and Agents.
Your Website is constantly exposed to application security threats like SQL injection, XSS, DDoS attacks, and Web fraud. Unfortunately, most Web attacks can circumvent network security products like IPS and next generation firewalls; these products are not designed to patch application vulnerabilities or detect evasion techniques. To protect your Web applications, you need a dedicated application security solution that can stop all types of Web attacks including attacks that exploit custom application vulnerabilities.
Imperva offers a suite of products that continuously protect Web applications against attacks like SQL injection, XSS, DDoS, and Web fraud. From its market-leading Web application firewall to advanced reputation and fraud prevention services, to easy, flexible cloud-based security services, Imperva provides a comprehensive set of application security solutions that protected against the most dangerous application threats.
Sensitive Data Access Auditing
Auditing sensitive data access is required to achieve regulatory compliance with government regulations, industry regulations and privacy acts. The specific user access review requirements vary between different regulations, but all consider sensitive data access auditing a key control that must be implemented to protect regulated data.
Privileged User Monitoring
Privileged user monitoring poses a significant technical and operational challenge as database and IT administrators require unrestricted access to perform their jobs. Most often, privileged activity is performed directly on data systems, thus it is not visible outside of the system itself.
Without effective privileged user monitoring, these users can cause immense damage without ever being detected. In addition, Industry and compliance regulations including PCI DSS, SOX and others, require that privileged users be closely monitored and their activities authorised.
Track Privileged Access to Sensitive Data
Organisation should monitor all privileged access to files and databases including local system access, audit user creation and newly granted privileges and restrict usage of shared privileged accounts.
Block or Alert on Suspect Activity
Identify user behavior that deviates from normal access patterns, alert and block suspicious activities that may indicate privilege abuse. Users performing unauthorised activities should be quarantined and their privileges should be reviewed. Audit reports and analytical tools are needed to support forensic investigations.
Identify Unauthorised Privileges Changes
Changes to data objects and data system users must be properly authorised. Unauthorised activities should be thoroughly investigated and controls should be implemented to prevent future incidents.
Separation of Duties, Privileged Users Should not Monitor Themselves
Following the principle of "separation of duties" (SOD), the monitoring capability should not be managed or operated by privileged users as they may alter the controls to conceal irregular activities.
Eliminate Excessive Rights which may be Abused
Hardening systems by granting access to business need know, is an essential step in data breach prevention. Organisations should review user privileges and identify highly privileged users. Verify that the privileges are necessary for the user's role and duties. Revoke excessive user rights and remove dormant users.