• Overview
  • Specifications
  • Discover Hidden Risks to Protect Sensitive Data

    data theft prevention

    You can’t protect against problems if you don’t know they exist. For example, organizations can be blindsided by a breach of production data copied to unmanaged testing servers. SecureSphere Database Assessment solves this by quickly identifying sensitive data, database vulnerabilities and misconfigurations so that you can prioritize and mitigate them. SecureSphere Database Assessment helps you stay in compliance by ensuring that database protection conforms to regulations, best practices, and a company’s internal governance policies.

    Key Capabilities

    • Manage Data Risk

      It’s easy to prioritize database risks with SecureSphere Database Assessment. Database Assessment calculates the risk associated with each database asset by looking at data sensitivity, combined with a view of what vulnerabilities impact the data. A dashboard with drill down capabilities supports risk-based prioritization of mitigation efforts and reporting.

    • Discover Sensitive Data

      You can make informed decisions by locating sensitive data. Database Assessment highlights sensitive data and provides its location down to the database object, row, and column. Object- and column-level classification enables your organization to focus on in-scope data, and build granular policies that streamline protection, auditing, and reporting.

    • Cyber Security Best Practices

      Malicious insiders and hackers can easily steal data by exploiting unpatched systems and accessing accounts using default passwords or administrative rights. SecureSphere helps you reduce the chances of security breaches with assessments for database platforms and configurations. Database Assessment includes a library of more than 1500 vulnerability and misconfiguration tests along with industry standard assessment policies based on DISA, STIG, and CIS.

    • Simplify Test and Scan Complexity

      Enterprise policies defining sensitive data requirements will overlap. SecureSphere provides an abstraction layer that supports the creation of logical test sets and database groups. By utilizing policy test tags and the database groups, the complexity of overlapping policies is minimized, reducing significantly the need to create custom tests and vulnerability scans. With the optional ADC Insights services customers utilizing the pre-defined reports will receive regular vulnerability updates from Imperva Advance Center ensuring scans are seeking out the latest known vulnerabilities.

    • Close the Window of Vulnerability

      SecureSphere continuously protects databases from vulnerabilities, even when patches aren’t available or you’re not yet ready to deploy them. SecureSphere Database Firewall and Database Assessment work in conjunction to immediately block threats by applying virtual patches that prevent vulnerabilities from being exploited. Virtual patching buys your organization time so you can patch on your own schedule.

    • Management at Scale

      Simple best practice tasks like quarterly password updates on database servers cripple systems not designed for enterprise scale. SecureSphere provides an automation API that enables the programmatic update of the database configuration and other settings via existing IT workflow processes and provisioning systems. The need for staff to click through the user interface manually updating configurations files is eliminated, saving hundreds of hours and reducing the risk of error.

  • Discovery and Assessment Server Specifications

    Specification Description
    Supported Database Platforms
    • Oracle
    • Oracle Exadata
    • Microsoft SQL Server
    • IBM DB2 (on LUW and z/OS)
    • SAP Sybase
    • IBM Informix
    • Oracle MySQL
    Automated Discovery
    • Automated discovery of database servers and services.
    • Reported information: IP, ports, database version
    Data Classification
    • Financial Data – credit card, bank account numbers, transaction number, etc.
    • SOX – Transaction balance, profit amount, share amount, etc.
    • Personally Identifiable Information – Social Security Numbers, email, address, etc.
    • Credentials – login, password, etc.
    • Custom data types
    Vulnerability Assessment
    • Operating System vulnerabilities
    • Database vulnerabilities
    • Configuration flaws
    • Risk scoring and mitigation steps
    Enterprise Application Assessments
    • SAP
    • Oracle E-Business Suite
    • PeopleSoft
    Compliance Assessments
    • PCI DSS
    • SOX
    • HIPAA
    • DISA STIG
    • CIS Benchmarks
    Risk Management
    • Data Risk Explorer and risk scoring based on sensitive data and location. Recommended mitigation activities prioritization.
    Scheduling
    • One time and scheduled discovery and assessment tests
    Actions
    • Accept in scope
    • Reject out of scope
    • Group by site or category
    • Inventory export/import
    Assessment Updates
    • Daily Application Defense Center updates for latest vulnerabilities
    Performance Overhead
    • Network monitoring – Zero impact on monitored servers
    • Network based assessment scans - non-intrusive database assessments
    Management
    • Web User Interface (HTTP/HTTPS)
    • Command Line Interface (SSH/Console)
    Role-Based Controls
    • Flexible role-based management delegates operations and report viewing
    Event Notification
    • SNMP
    • Syslog
    • Email
    • Incident management ticketing integration
    • Real-time dashboard
    Reports
    • Clear, concise summary and detailed assessment reports
    • Risk analysis reports prioritize risk, severity of vulnerability
    • Reports include remediation actions
    Report Formats
    • HTML, PDF, CSV Reports
    Related Products
    • User Rights Management for Databases (add-on)
    • Database Activity Monitoring
    • Database Firewall