Primary Research Finds Insider Abuse Is Routinely Undetected

REDWOOD SHORES, Calif., March 31, 2016 (GLOBE NEWSWIRE) — Imperva, Inc. (NYSE:IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today unveiled the March Hacker Intelligence Initiative Report: “Insiders: The Threat is Already Within.” This new report, published by the Imperva Defense Center and based on primary research conducted by Imperva, shows that insider threat events were found in 100 percent of the studied environments and went undetected by in-place security measures.

The Imperva Defense Center conducted the research by using a combination of machine learning-based behavioral analysis and deception technology to live production data and networks. Machine learning was used to analyze detailed activity logs of the data accessed by insiders. Deception technology added context to the analysis by identifying anomalies indicative of compromised end-points and user credentials. This deeper level of insight proved critical for finding true insider threats within a sea of anomalies.

Based on the studied environments and follow-on analysis, the researchers found:

  • Insider threat events were present in 100 percent of the studied environments, confirming suspicions that insider abuse of data is routinely undetected.
  • Deception technology, deployed to complement behavioral analysis, positively identified insider threats.
  • Insider threat incidents were not identified by any existing in-place security infrastructure.
  • Identified insider threats spanned malicious, compromised and careless insiders.
  • In most cases, insiders took advantage of granted, trusted access to data, rather than trying to directly hack in to databases and file shares.

“Just finding anomalies in user behavior will not solve the insider threat problem,” said Amichai Shulman, Co-founder and CTO of Imperva. “Enterprises need to have granular visibility into which users are accessing data, and more importantly, the actual queries and data accessed by each user. This deep level of insight proved critical to separating actual incidents from anomalies. Imperva CounterBreach allows customers to apply machine learning and deception technology to both user behaviors and the data that users have accessed, which is the key to pinpointing insider threats.”

Imperva CounterBreach, announced today, includes the technologies that the Imperva Defense Center used in this research.

About Imperva
Imperva® (NYSE:IMPV) is a leading provider of cyber security solutions that protect business-critical data and applications. The company’s SecureSphere, CounterBreach, Incapsula and Skyfence product lines enable organizations to discover assets and risks, protect information wherever it lives – in the cloud and on-premises – and comply with regulations. The Imperva Defense Center, a research team comprised of some of the world’s leading experts in data and application security, continually enhances Imperva products with up-to-the-minute threat intelligence, and publishes reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California. Learn more:, our blog, on Twitter.

© 2016 Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, CounterBreach, Incapsula and Skyfence are trademarks of Imperva, Inc. and its subsidiaries.

Winifred Shum Imperva Eskenzi PR

Primary Logo

Imperva Inc.