SecureSphere Database Discovery and Vulnerability Assessment

Hidden risks expose your data. SecureSphere Database Discovery and Vulnerability Assessment (DAS) discovers unknown databases, classifies sensitive data and detects database vulnerabilities.

Uncover hidden risks

You can’t protect what you don’t know about. Discover forgotten or rogue databases, classify sensitive data, and assess databases for vulnerabilities and misconfigurations. Imperva SecureSphere automates database discovery and classification.

Comply with regulations and industry standards

Limit the scope and costs of compliance by automating manual, time-consuming audit activities. Discover databases and data in scope for audits. Implement least privilege and need-to-know data access. Schedule regular database vulnerability scans using pre-defined assessment tests such as PCI DSS and HIPAA. Demonstrate compliance with database vulnerability assessment results.

How SecureSphere Discovers & Classifies Data

Discovers unknown databases

Automate database discovery and gain visibility into unknown databases. Scan your enterprise network and identify database services and servers. Configure database discovery to scan specific network segments on-demand or at scheduled intervals. Scan results include: IP address, ports used, and whether it’s new or existing.

Pinpoints and classifies sensitive data

Automate data classification and identify systems in scope for audits. Pinpoint sensitive data locations and classify using dictionary and pattern-matching classification methods. Scan database content and metadata for pre-defined and custom data types. Pre-defined data types include: credit card numbers, national identifiers, email, system credentials, and more.

Identifies security gaps attackers can exploit

Automate your database security assessment process to detect database vulnerabilities and misconfigurations such as default passwords. Leverage over 1,500 pre-defined vulnerability tests, based on CIS and DISA STIG benchmarks that are updated regularly by the Imperva research team. Run scans on-demand or at scheduled intervals. Get detailed reports, including recommended remediation steps.

Prioritizes and fixes database vulnerabilities

Prioritize database vulnerabilities with the Imperva RiskSense Vulnerability Manager add-on option. Calculate a risk score for vulnerabilities based on severity level and business criticality of the database. Shorten time-to-remediate with built-in workflow, role-based user access, and exceptions management.

Finds excessive user rights

Automate review and authorization of user rights. Aggregate user rights across data stores with SecureSphere User Rights Management for Databases (URMD) add-on option. Correlate user access rights with organizational context and data sensitivity, and identify excessive user rights to sensitive data. Demonstrate compliance with GDPR, SOX and PCI DSS.


Specifications and System Requirements


 Specification Description
Supported Databases
  • Oracle®
  • SQL Server®
  • DB2®
  • Sybase ASE®
  • Teradata®
  • MySQL®
  • HSQL
  • Netezza
  • Postgres SQL
  • IMS via export to VSAM (KSDS, ESDS) or QSAM data files
  • And more
Supported Main Frame
  • DB2®
  • VSAM
  • IMS
Supported Flat File
  • Hadoop HDFS
  • XML
  • CSV


Key Resources

White paper

Top 5 Database Security Threats

What are the top database security threats and how can you protect your databases?

Read whitepaper ›
Free tool

Scuba: Database Vulnerability Scanner

Uncover database vulnerabilities and misconfigurations with this free database vulnerability scanner.

Download tool ›