* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Imperva SecureSphere Database Assessment
Survey
Document related concepts
Transcript
Imperva SecureSphere Discovery and Assessment DATA S H E E T Uncover hidden risks and protect data An essential step in protecting data is uncovering blind spots such as rogue or vulnerable databases. These blind spots create security risks as attackers can exploit Discovery and Assessment helps organizations reduce the risk of data breach by locating sensitive data and identifying database vulnerabilities. Imperva SecureSphere Database Discovery and Assessment SecureSphere Discovery and Assessment Discover databases Classify sensitive data Detect vulnerabilities Remediate and report pinpoints sensitive data databases SecureSphere Discovery and Assessment provides an automated and reliable way to security and compliance projects and reduce the resource impact of these projects. 1 DATA S H E E T Discovery and Assessment Benefits • Uncover new, forgotten or rogue databases • Discover where sensitive data is stored across your database infrastructure • Detect database vulnerabilities based on the latest research from the Imperva Defense Center • Automate database discovery, sensitive data classification and database vulnerability assessment • Audit database configurations and measure compliance with industry standards • Streamline regulatory compliance with PCI DSS and HIPAA Vulnerability Assessment—Detect Exposed Databases SecureSphere Discovery and Assessment streamlines vulnerability assessment at the data layer. It provides a comprehensive list of over 1500 tests and assessment policies for scanning platform, software, and configuration vulnerabilities. Database assessments leverage Common Vulnerabilities Scoring System (CVSS) and the latest research from the Imperva Defense Center to assess database servers and assign a vulnerability severity level. Assessment scans can be run on-demand or at scheduled intervals, giving security teams the flexibility to scan when it least impacts IT operations. Assessment policies are available for a broad range of databases including Oracle, Microsoft SQL, IBM DB2 and more. The vulnerability assessment process, which can be fully customized, uses industry best practices such as DISA STIG and CIS benchmarks. Summary view of assessment test results Reporting and Dashboard—Gain Visibility into Security Posture SecureSphere Discovery and Assessment produces detailed reports that help provide an understanding of an organization’s overall security posture. In addition to graphical dashboards, it includes pre-defined assessment test reports as well as the ability to create custom reports. Assessment test reports also provide concrete recommendations to mitigate identified vulnerabilities and strengthen the security posture of a data repository. Pre-defined Assessment Policies—Automate Compliance SecureSphere Discovery and Assessment includes pre-defined assessment policies that simplify compliance with regulatory mandates such as Payment Card Industry Data Security Standard (PCI DSS) and Health Insurance Portability and Accountability Act (HIPAA). These pre-defined assessment policies simplify compliance audits across increasingly complex data environments. Risk-based Remediation—Prioritize and Track Vulnerabilities SecureSphere Discovery and Assessment enables risk-based vulnerability management with the Imperva RiskSense Vulnerability Manager add-on option. Imperva RiskSense Vulnerability Manager generates a risk score by augmenting the vulnerability severity level with contextual information such as business criticality of the database. The risk 2 DATA S H E E T Imperva SecureSphere Cyber Security Imperva SecureSphere is a comprehensive, integrated security platform that includes SecureSphere Web, Database and File Security. It scales to meet the app and data security demands of the largest organizations, and is backed by the Imperva Defense Center, a world-class security research organization that maintains the product’s cuttingedge protection against evolving threats. score helps organizations prioritize remediation efforts that represent the greatest risk. Imperva RiskSense Vulnerability Manager also facilitates remediation with a built-in User Rights Management—Find Excessive Rights SecureSphere Discovery and Assessment enables automatic aggregation and review of user rights with the User Rights Management for databases (URMD) add-on option. of excessive rights and dormant accounts based on organizational context, object sensitivity and actual usage. Using URMD organizations can demonstrate compliance with regulations such as SOX, PCI DSS 7, and PCI DSS 8.1.4 and reduce the risk of a data breach. Database Auditing and Protection—The Next Step for Data Security For complete visibility and control of user access to sensitive data, SecureSphere Discovery and Assessment can be extended to include database activity monitoring organizations can implement security policies to block or alert on attempts to exploit a vulnerability, providing virtual patch protection while software patches are developed by software vendors. © 2017, Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula, Skyfence, CounterBreach, ThreatRadar, and Camouflage and design are trademarks of Imperva, Inc. and its subsidiaries. All other brand or product names are trademarks or registered trademarks of their respective holders. 3 imperva.com