Prevent Data Loss, Theft and Destruction
Complete Data Security Assessment
SecureSphere delivers the industry's most detailed analysis of database security and compliance posture due to its three distinct assessment capabilities: sensitive server and data discovery, configuration assessment, and behavior assessment. SecureSphere's data security assessments are presented in easily understood reports that discover sensitive assets, prioritize risk, support targeted corrective action, and document data compliance status.
- Sensitive Server and Data Discovery identifies and monitors sensitive data, including encrypted data such as credit card and social security numbers, by scanning the network first for the location of all database, application and web servers, and then for the sensitive data that exists within those systems.
- Configuration Assessment queries the database for compliance with more than 350 security tests, covering five key areas including known software flaws, software configuration, privileges, external objects, and compliance.
- Behavior Assessment identifies vulnerabilities that can only be found by monitoring user behavior over time.
Protection from Unauthorized Behavior
SecureSphere's Dynamic Profiling technology automatically creates and maintains verified baseline profiles of each user's business activity. User profiles may be customized or immediately converted into policies, which are then used to detect unauthorized behavior over time. User profiles can also be compared to job functions, regulatory requirements, or best practices by security staff. If any significant deviation from an authorized profile occurs, SecureSphere issues an alert, and may optionally block access.
Dynamic Profiling Models Database Usage
| Profile Element | Description |
| Database Objects | Profiles all database objects - queries, stored procedures, SQL operations, tables, system objects |
| Users | Auditable trail of end-user, application, and administrative activity |
| Normal Business Activities and Transactions | Prevents use of legitimate privilege for illegitimate purposes |
| Time of Day and Location | Restricts users to normal work hours and locations |
| Application/Access Method | Prevents the use of stolen or abused credentials |
SecureSphere's dedicated interface monitors application user sessions and correlates those sessions with specific database transactions, ensuring user accountability.
Database Platform Protection
SecureSphere's integrated Intrusion Prevention System (IPS) protects against worms and other attacks targeting known vulnerabilities in database server platforms. SecureSphere's IPS capabilities include full SnortĀ®-compatible signature dictionaries (all protocols) and proprietary SQL-specific signatures from the Imperva Application Defense Center (ADC). With the industry's only SQL protocol validation capability, SecureSphere mitigates the risks associated with the increasing number of database protocol exploits.
SecureSphere's integrated stateful network firewall protects against unauthorized users, dangerous protocols, common network layer attacks, and worms, while its firewall policies meet data security compliance requirements by restricting database exposure to non-essential network traffic.
Sophisticated Attack Detection
No other solution can match the accuracy SecureSphere achieves through Imperva's unique Correlated Attack Validation (CAV) technology. CAV correlates violations across security layers and over time to accurately identify even the most complex attacks.
Local Database Monitoring
Together with the SecureSphere appliance, the SecureSphere DBA Monitor Agent ensures that any database access method is monitored, and all local and database activity is tracked. Agent monitoring includes console, telnet and activity occurring over SSH connections, and extends to inter-process communication (IPC) and shared memory activity.
Ensures Users are Accountable
SecureSphere's Universal User Tracking technology makes users accountable for their actions, even when they access data through business applications. Validating that user accountability has been established is one of the primary objectives of any security system. Unfortunately, user IDs are not always sent to the database when users access database records through custom and packaged business applications, such as Oracle EBS and SAP, and therefore cannot be detected by typical security solutions. SecureSphere changes that by tracking database users across the organization.
Flexible and Scalable Audit Policy Definition
No other solution matches SecureSphere's ability to track event detail while scaling across even the most massive global data centers. SecureSphere's Audit Policy Wizard enables monitoring of all events, or selective event tracking based on a combination of attributes. Audit data extends from high level attributes such as user names, to granular capture of query text, response text, and response codes.
SecureSpheres three assessment capabilities deliver unparallel database security and protection, enabling organizations to meet IT security policies and data security compliance regulations.
