Imperva Blog|Login|中文Deutsch日本語
Imperva's Dynamic Profiling

Dynamic Profiling

One of the key barriers to deploying application and database security is defining and updating application-level security policies. The sheer amount of elements to protect and the dynamic nature of applications and databases have made it difficult for even the most sophisticated organizations to manage. Through Imperva's innovative Dynamic Profiling, customers can automatically create security policies based on actual application and database behavior. Dynamic Profiling augments security by detecting abnormal behavior outside expected usage.

Simplifying Policy Configuration

Imperva's Dynamic Profiling technology simplifies policy creation and management. Dynamic Profiling automatically examines live application and database traffic to learn the structure and dynamics of the application and database. This profile can be viewed by the application development or database security teams and may be manually modified to bridge any differences between actual usage and corporate security policies.

Dynamic Profiling overcomes the biggest drawback of implementing data security solutions – manually creating and maintaining an overwhelming number of security policies. Data security requires an understanding of hundreds of thousands of constantly changing variables including URLs, parameters, cookies, queries, commands, and stored procedures. Dynamic Profiling automatically profiles all of these application and database elements and builds a baseline of acceptable user behavior. By building an accurate profile or “white list” of application and database usage, Dynamic Profiling streamlines monitoring and security configuration with no need for manual configuration or tuning. Dynamic Profiling enables SecureSphere to begin protecting your business data immediately.

Increasing Security Effectiveness

Because Web applications and databases are dynamic in nature, a data security solution must continually keep up with all of these changes. Dynamic Profiling not only builds a profile of legitimate user behavior, but it also automatically recognizes valid application and database changes over time. SecureSphere automatically updates the profile according to these application and database changes, ensuring that security policies are up to date.

SecureSphere security administrators can lock sensitive URLs or directories to prevent them from being updated automatically, but almost all customers rely on SecureSphere's Dynamic Profiling capability to detect and adapt to application changes. Dynamic Profiling completely automates security configuration, not just during the initial setup, but continuously over time.

Enabling Custom Policy Definition

While Dynamic Profiling automatically builds the profile of protected Web and database resources and detects changes over time, it is still possible for organizations to manually adjust the behavioral profile. All aspects of SecureSphere's profile are customizable. If desired, customers can even manually define the complete profile through the SecureSphere management interface.

Besides streamlining policy configuration, SecureSphere allows security administrators to define custom security policies about specific attributes of application or database traffic. Granular custom rules can evaluate multiple attributes of Web or database traffic to provide greater control and extensibility than just profile rules alone. For example, a custom Web application rule can look for a profile violation, a specific HTTP header option, an IP source address, the requested URL, and a specific attack signature. With over two dozen match criteria, security administrators can build powerful and precise security policies.

SecureSphere's Dynamic Profiling technology allows for ease of policy configuration, detection of behavioral changes, and flexible custom policy definition for automated and accurate data security.