Technology Audit: Imperva SecureSphere Data Security Suite

Ovum Butler Group prepared a Technology Audit of the Imperva SecureSphere Data Security Suite

"SecureSphere Data Security Suite brings together a portfolio of Imperva products including its SecureSphere web application firewall (WAF), its SecureSphere database firewalls, its database-discovery and assessment server, and its database activity monitoring (DAM) solution. The overall offering can be deployed as separate stand-alone products or as an integrated solution that combines the strengths of WAF and DAM protection to address sophisticated attacks such as SQL injection, and also enables the tracking of web application users and their database activities. Any organization delivering services or products via the Web should consider SecureSphere as a “must-have” piece of its IT protection infrastructure. The product set makes a strong case for itself as a leading contender in this market space."

Ponemon Institute: State of Web Application Security, 2010

Imperva and WhiteHat worked with the Ponemon Institute to conduct a study to better understand the risk of insecure website applications and how organizations’ are addressing internal and external threats. The study reveals that despite having mission-critical applications accessible via their websites, many organizations are failing to provide sufficient resources to secure and protect Web applications important to their operations. This is alarming given that the Web application layer is the number one attack target of hackers.

Ponemon Institute: PCI DSS Compliance Survey, 2009

Imperva and the Ponemon Institute present the findings of a survey across more than 500 U.S. and multinational IT security practitioners showing that, despite the Payment Card Industry’s (PCI) Data Security Standard (DSS), companies still struggle with data security, putting consumers at continued risk for identity theft. In fact, 71% of companies surveyed admit to not making data security a top strategic initiative, and 55% admit to only securing credit card information and not sensitive information such as Social Security numbers, driver’s license numbers, and bank account details. However, the survey also found that companies taking a strategic approach to PCI compliance have fewer data breaches.

Building a Web Application Security Program, 2009

This report by industry experts at Securosis shows how to build a pragmatic Web application security program that constrains costs while still providing effective security. Rather than digging into the specific details of any particular technology, this report shows all the basic pieces and how to put them together. Beginning with some background on how Web applications are different than traditional enterprise applications or commercial off-the-shelf products. Next it provides basic business justifications for investments in Web application security you can use to gain management support. It focuses on the particular security needs of web applications, and then delves into details of the major security components and how to pull them together into a complete program, with examples built around typical use cases."

The Forrester Wave^TM: Enterprise Database Auditing And Real-Time Protection, Q4 2007

According to Forrester, "Imperva offers the most comprehensive database auditing solution to support rigorous enterprise auditing requirements. SecureSphere's centralized management server supports central administration of audit data and policies through a single GUI, making it easier to deploy across many databases and servers..."

Imperva Takes Control of the Datacenter

"Imperva's SecureSphere Database Monitoring Gateway unobtrusively addresses the end-to-end auditing requirements of the chain of data security. The datacenter becomes more secure and compliance requirements for database auditing can be met with no impact on deployed applications… Imperva's SecureSphere product line allows security operations to provide independent oversight of the business application infrastructure, allowing the protected business to grow with confidence."