Uncover hidden risks
You can’t protect what you don’t know about. Discover forgotten or rogue databases, classify sensitive data, and assess databases for vulnerabilities and misconfigurations. Imperva Discovery and Assessment automates database discovery and classification.
Comply with regulations and industry standards
Limit the scope and costs of compliance by automating manual, time-consuming audit activities. Discover databases and data in scope for audits. Implement least privilege and need-to-know data access. Schedule regular database vulnerability scans using pre-defined assessment tests such as PCI DSS and HIPAA. Demonstrate compliance with database vulnerability assessment results.
How Discovery and Assessment Works
Discovers unknown databases
Automate database discovery and gain visibility into unknown databases. Scan your enterprise network and identify database services and servers. Configure database discovery to scan specific network segments on-demand or at scheduled intervals. Scan results include: IP address, ports used, and whether it’s new or existing.
Pinpoints and classifies sensitive data
Automate data classification and identify systems in scope for audits. Pinpoint sensitive data locations and classify using dictionary and pattern-matching classification methods. Scan database content and metadata for pre-defined and custom data types. Pre-defined data types include: credit card numbers, national identifiers, email, system credentials, and more.
Identifies security gaps attackers can exploit
Automate your database security assessment process to detect database vulnerabilities and misconfigurations such as default passwords. Leverage over 1,500 pre-defined vulnerability tests, based on CIS and DISA STIG benchmarks that are updated regularly by the Imperva research team. Run scans on-demand or at scheduled intervals. Get detailed reports, including recommended remediation steps.
Address Database Vulnerabilities
Imperva Discovery and Assessment automatically finds the vulnerabilities and misconfigurations in your databases based on industry standards such as DISA STIG and CIS. Then gives you a risk score, tells you how to mitigate those risks, and facilitates remediation
Finds excessive user rights
Automate review and authorization of user rights. Aggregate user rights across data stores with user rights management capabilities. Correlate user access rights with organizational context and data sensitivity, and identify excessive user rights to sensitive data. Demonstrate compliance with GDPR, SOX and PCI DSS.
Specifications and System Requirements
| Specification | Description |
|---|---|
| Supported Databases |
|
| Supported Main Frame |
|
| Supported Flat File |
|
Related Content
“We now spend less time on issues such as software changes and can direct more energy on protecting our members’ data and company information.“
Sharon Black
Sr. Manager of Information Security,
BlueCross BlueShield of Tennessee
“Increasing the visibility into threats allows us to make informed decisions into securing our environment.”
Edward Messina,
IT Security and Risk Manager,
Monash University