Automatic data store profiles
Automatically examine application and database traffic to create a profile of baseline normal activity
Simplify data compliance and stop breaches
Today's digital and knowledge economy is fueling exponential data growth by using more and more data to drive value for organizations. To protect your data and your business, you need compliance and security solutions that take a data-centric approach. Imperva Data Security Fabric (DSF) Data Activity Monitoring helps organizations unleash the power of their data by reducing the risk of non-compliance or a security breach incident.
Robust compliance and security coverage
DSF Data Activity Monitoring provides continuous monitoring to capture and analyze all data store activity from both application and privileged user accounts, providing detailed audit trails that show who accesses what data, when, and what was done to the data. It unifies auditing across diverse on-premises platforms, providing oversight for relational databases, NoSQL databases, mainframes, big data platforms, and data warehouses. It also supports databases hosted in Microsoft Azure and Amazon Web Services (AWS) — including PaaS offerings such as Azure SQL and Amazon Relational Database Services (RDS). Detailed data activity is captured automatically, making it easier to fulfill audit requests.
Data store vulnerability scans
Run assessment tests on data stores to scan for known vulnerabilities
Data access auditing
Audit all access to sensitive data by privileged and application users
Real-time monitoring
Alert or block database attacks and abnormal access requests, in real time
User rights management
Identify excessive and dormant user rights to sensitive data
Automated updates
Detect and virtually patch database software vulnerabilities
Imperva DSF's difference: Unifies visibility
DSF Data Activity Monitoring displays the information generated from all of your data stores - regardless of their location - in a central and unified dashboard. Real-time information presented includes system events, alerts, violations, blocked sources, gateway and agent status, system warnings, database auditing, file server auditing, archiving information, and more.
Data access auditing
The ability to monitor and record all events involving access to sensitive data is a critical aspect of securing your data. This capability provides visibility into transactions being conducted in day-to-day operations. It creates an audit trail that can assist in analyzing data theft, sensitive data exposure, and other behavior that may negatively impact your company's data. Auditing assists in several areas regarding operations, including:
-
Regulatory Compliance
Imperva policies can be configured with predefined settings that allow you to easily maintain compliance with regulatory bodies such as Sarbanes Oxley (SOX), Payment Card Industry (PCI), the Health Insurance Portability and Accountability Act (HIPAA), and more.
-
Data Forensics
Imperva DSF Data Activity Monitoring enables you to conduct data forensics, follow an audit trail, and ultimately understand the what, when, and how of questionable or problematic activity. Imperva filters and views enable you to select a specific policy, determine the time frame of data to be displayed, filter by various aspects such as operations, table groups, and types of operations, and then display the resulting data in easy-to-read graphical views.
Imperva Data Security Fabric uses the Common Vulnerability Scoring System (CVSS) to analyze the risk presented by the vulnerabilities discovered in your network and data and assign a Risk score. CVSS is “an open framework for communicating the characteristics and impact of IT vulnerabilities.” It is maintained by the National Institute of Standards and Technology as part of the Security Content Automation Protocol (SCAP) framework. Scoring vulnerabilities using CVSS provides an accurate model for measuring the risk inherent in discovered vulnerabilities and prioritizing them for mitigation. For more information about CVSS, see nvd.nist.gov/cvss.cfm
Monitoring and security policies
Monitoring is a key phase in Imperva Data Security Fabric’s (DSF) data management lifecycle. Imperva DSF is equipped with a friendly user interface that clearly displays monitoring event information in a central location. DSF Data Access Monitoring displays real-time information that includes system events, alerts, violations, blocked sources, gateway and agent status, system warnings, database auditing information, file server auditing information, archiving information, and more.
Monitoring events, alerts, and violations can take on many aspects. Depending on your specific implementation, there may be several types of users with varying roles and associated security policies. You can use the pre-configured severity ratings in Imperva DSF or customize your policies to fine-tune how events are interpreted to determine if an alert is a false positive, an attack, or something else.
- Regular events
A generic term for any change or action that has been detected by Data Security Fabric. - Learning events
The discovery of a new item to be protected in the network. - Security events
The discovery of an event that violates a security policy on monitored traffic. - Violation
An indication that a security event has taken place which violates a policy. A single security event can trigger multiple violations. - Alerts
Notifications that an event or group of events (security events) have taken place that violate a policy.
User rights management
Imperva Data Security Fabric (DSF) User Rights Management enables you to scan your data store locations for granted user rights and display various details regarding these rights – such as who granted them, who received them, objects to which rights have been granted, and more. It then enables you to perform an organized review of these rights to determine if they are appropriate, approve or reject the granting of these rights, or assign them to another for review – and produce reports on the entire process.
User Rights Management (URM) is a capability that will assess database access entitlements. It helps satisfy SOX or PCI provisions requiring data access to be granted only to individuals who “need to know.” It looks at information about the data type, sensitivity, and other monitored information about the organizational context of the user. URM maps users and privileges to all the database objects across all organization databases.
Imperva DSF enforces user rights management based on data type and user role. You can also see the last time the user logged in and the last time privileges were used. The result allows you to quickly identify dormant users or rights that need to be disabled.
Software update
The Imperva Data Security Fabric (DSF) Software Update capability dramatically simplifies and streamlines the process of managing software updates in a large deployment and provides a user-friendly, secure, and efficient method of updating your entire installation – for both Gateways and Agents.
Imperva Data Security Fabric protects all data types with a single system that delivers multiple business capabilities
Imperva Data Security Fabric is the first data-centric solution that enables your organization's security and compliance teams to quickly and easily secure sensitive data, no matter where it resides, with an integrated, proactive approach to visibility and predictive analytics.
Imperva Data Security Fabric is composed of cutting-edge orchestrated technical capabilities that work in unison to protect your data across your entire organization:
Data Discovery & Classification
Discover ungoverned data, classify all data, and assess vulnerabilities.
Learn more
Data Activity Monitoring
Gain complete visibility and ensure compliance with continuous monitoring, auditing and analyzing all data store and data types.
Learn more
Data Retention & Archive
Meet any data archiving requirement using the most cost efficient storage technology available.
Learn more
Data Risk Management
Detect and report non-compliant, risky, or malicious data access behavior across all of your data repositories enterprise-wide to accelerate remediation.
Learn more
Ecosystem Integrations
Enhance the value of your existing technology investments - for both incident context and additional data capabilities.
Learn more
Data Encryption & Tokenization
Protect critical data with encryption, key management, and tokenization wherever it resides.
Learn more
Static Data Masking
Modify sensitive data so it is of no value to unauthorized users while still being usable by your systems.
Learn more
Automated Workflows & Playbooks
Achieve higher scale and increase DevOps efficiency through the use of automated workflows delivered through trusted repositories.
Learn more
Sensitive Data Management
Identify, locate, classify, and secure sensitive data across various data stores located either on-premises or in the cloud.
Learn more
See how we can help you secure your data everywhere
