Addresses permissions management failings in knowledge-driven work environments

Imperva, Inc. (NASDAQ: IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced CounterBreach 2.0 with a new algorithm to automatically place individuals and their cross-functional peers into “virtual” working groups based on interactions with enterprise files in order to identify unusual user access patterns. This new Dynamic Peer Group Analysis algorithm proves an intelligent approach to permissions management that helps protect data against insider threats.

The new machine learning algorithm in CounterBreach 2.0 automatically identifies ad-hoc and cross-functional working groups, assigning users into peer groups. CounterBreach then analyzes user behavior and flags risky file access from unrelated individuals, such as an engineering manager accessing a sensitive finance budget file or an engineering file not associated with his peer group, which he has rights to, but is not accessed by anyone in his virtual peer group. The result is a dynamic approach to file security that allows employees to freely access data, yet saves IT teams time and enhances the security of file data.

“Traditionally, permissions management is manual, time consuming and often inaccurate or outdated, creating a gap in which data contained in files can be lost, stolen or misused by malicious, careless, or compromised users,” said Amichai Shulman, CTO and co-founder of Imperva. “Detection and containment of insider threats requires an understanding of both users and how they use enterprise data. CounterBreach 2.0 leverages machine learning for an intelligent approach to permissions management that reduces the risk of insider threats, safeguards data and improves the overall security posture of the organization.”

These improvements follow findings from the Imperva research team which published a Hacker Intelligence Initiative (HII) report to validate the need for a dynamic approach to permissions management. The HII report demonstrates that relying on access control alone broadens the risk surface and is not a sustainable method for securing enterprise files. Primary research conducted by Imperva in customer environments finds that user permissions to files grow over time; while access is granted freely, it is rarely revoked. In fact, most employees use less than 1 percent of the files they are allowed to access. Furthermore, 99 percent of the files are used on a temporary basis as related to a specific project and rarely accessed again.

CounterBreach 2.0 also features workflow enhancements to streamline end-to-end incident investigations, new filtering options to quickly search for critical security events and broader coverage for on-premises databases.

For more information on CounterBreach 2.0, visit To read the HII report which details how machine learning is used to detect dynamic peer groups visit

About Imperva

Imperva® (NASDAQ: IMPV) is a leading provider of cyber security solutions that protect business-critical data and applications. The company’s SecureSphere, CounterBreach, Incapsula and Camouflage product lines enable organizations to discover assets and risks, protect information wherever it lives – in the cloud and on-premises – and comply with regulations. The Imperva Defense Center, a research team comprised of some of the world’s leading experts in data and application security, continually enhances Imperva products with up-to-the-minute threat intelligence, and publishes reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California. Learn more:, our blog, on Twitter.

© 2017 Imperva, Inc. All rights reserved. Imperva, the Imperva logo, CounterBreach, Incapsula, SecureSphere, ThreatRadar, and Camouflage along with its design are trademarks of Imperva, Inc. and its subsidiaries.

Source: Imperva, Inc.

Tami Casey
Eskenzi PR
Lara Lackie