Uncover Malicious, Careless and Compromised Users
CounterBreach Virtual Appliances
CounterBreach is deployed as virtual appliances that are simple to deploy and do not interfere with existing SecureSphere implementations.
Imperva CounterBreach protects enterprise data stored in databases and file shares from the theft and loss caused by malicious, careless and compromised users. Accurately identifying potential data breaches requires deep contextual understanding of not just user activity, but the data users access and how they access it. With CounterBreach, security teams can quickly discern between malicious and normal data access events so they can immediately identify and act upon risky behavior.
Detect and Mitigate Insider Threats with Imperva CounterBreach
Detect Dangerous User Data Access
CounterBreach Behavior Analytics uses machine learning to automatically uncover anomalous data access events. This establishes a full contextual baseline of typical user access to database tables and files stored in file shares, and then detects and prioritizes anomalous activity. Combining an expert understanding of users and how they access data equips enterprises with the context and accuracy required to detect data breach incidents. Download the datasheet to learn more.
Quickly Respond to Incidents
CounterBreach spotlights the riskiest users, client hosts and servers so that IT staff can prioritize the most serious data access incidents. Security teams can efficiently investigate the most worrisome data access events by filtering open incidents by severity, and then take a deeper look into a specific incident to view granular information about the user and the data that was accessed.
Get the Full Picture of User Data Access Across the Organization
With CounterBreach, security teams can analyze the data access behavior of particular users with a consolidated view into database and file activity. This allows security teams to investigate incidents and anomalies specific to the individual, view the baseline of typical user activity and compare a given user with that user's peer group.
Minimum Requirements per Physical Host Admin Server1 Analytics Server2 Hypervisor Dual-core server Intel VTx or AMD-V Processor VMWare ESX/ESXi 4.x/5.x/6.x Minimum Requirements for each Guest Virtual Appliance CPU 2 4 Memory 4 GB 16 GB Disk Space 50 GB 1 TB
1 The Admin Server is required for Behavior Analytics. Imperva will deliver software on pre-configured virtual appliances with the specifications shown above.
2 Imperva will deliver software on pre-configured virtual appliances with the specifications shown above.
CounterBreach Behavior Analytics Database Platforms
- Microsoft SQL Server
- DB2 for LUW
- Sybase ASE
- CIFS file storage systems
- NAS devices
File Operating Systems
- Microsoft Windows Server
Syslog Formats Supported
- Splunk, ArcSight