Automatically uncover dangerous user data access
Imperva Data Security uses machine learning to automatically uncover unusual data activity, surfacing actual threats before they become breaches. How? It first establishes a baseline of typical user access to database tables and files, then detects and alerts you to abnormal behavior.
Identify suspicious data access with peer group analysis
Analyze the data access behavior of particular users with a consolidated view of their database and file activity. Look into incidents and anomalies specific to the individual, view the baseline of typical user activity, and compare a given user with that user’s peer group.
Spotlight critical threats to your data
Pinpoint high-risk incidents and prioritize what matters the most, combining machine learning with grouping and scoring capabilities. Investigate events by filtering open incidents by severity, then take a deeper look into specific incident details about the user and the data accessed.
Accelerate breach investigation and response
Interpret critical incidents in plain language. You don’t have to be a database expert to be able to carry out a successful investigation. Data risk analytics gives you granular visibility into how data is being used by whom and provides actionable insights so you can quickly contain a breach before damage happens.
Simplify and optimize your SIEM feed
Just a few moderate sized databases can generate terabytes of raw log data per day. Multiply this by 10s or 100s of databases and your costs to capture and store this info grow exponentially. Imperva Data Security automatically processes data access logs and sends only high priority incidents to your SIEM.
How Data Risk Analytics Detects Risky User Behavior
User and data profiling
Imperva Data Security applies data risk analytics to detect careless, compromised and malicious insiders independently profiling both users and data, rather than just user activity. By analyzing from both perspectives, we detect the truly worrisome incidents that warrant your attention.
Dynamic peer group analysis
Sometimes you really do need to know what your peers are up to. To understand risky user behavior, it’s important to identify the true peer groups across the enterprise. Using Dynamic Peer Group Analysis technology, data risk analytics automatically learns how users across your organization access enterprise files and places them into “virtual” working groups. Once peer groups are identified, we flag risky file access from unrelated individuals.
Data access domain expertise
Imperva machine learning technology accurately uncovers insider threats by leveraging algorithms tailored to identify abusive data access. The solution establishes a behavioral baseline by analyzing granular user-centric details (such as user identity and client IP) and data-centric details (such as table name and SQL operation).
Dimensionality reduction
To accurately identify breaches, every data access needs to be captured and analyzed. Imperva monitors every transaction with minimal impact to production databases, and uses dimensionality reduction techniques to process billions of events per day on a single analytics server.
Specifications and System Requirements
| DATA RISK ANALYTICS | |
|---|---|
| Database Platforms |
|
| File Systems |
|
| File Operating Systems |
|
| Syslog Formats Supported |
|
| SIEM integration |
|
Related Content
“We now spend less time on issues such as software changes and can direct more energy on protecting our members’ data and company information.“
Sharon Black
Sr. Manager of Information Security,
BlueCross BlueShield of Tennessee
“Increasing the visibility into threats allows us to make informed decisions into securing our environment.”
Edward Messina,
IT Security and Risk Manager,
Monash University