Download Imperva SecureSphere Database Assessment

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Security-focused operating system wikipedia , lookup

IT risk management wikipedia , lookup

Cross-site scripting wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Mobile security wikipedia , lookup

Information privacy law wikipedia , lookup

Data remanence wikipedia , lookup

Computer security wikipedia , lookup

Transcript
Imperva SecureSphere
Discovery and
Assessment
DATA S H E E T
Uncover hidden risks and protect data
An essential step in protecting data is uncovering blind spots such as rogue or
vulnerable databases. These blind spots create security risks as attackers can exploit
Discovery and Assessment helps organizations reduce the risk of data breach by locating
sensitive data and identifying database vulnerabilities.
Imperva SecureSphere Database Discovery and Assessment
SecureSphere Discovery
and Assessment
Discover
databases
Classify
sensitive data
Detect
vulnerabilities
Remediate
and report
pinpoints sensitive data
databases
SecureSphere Discovery and Assessment provides an automated and reliable way to
security and compliance projects and reduce the resource impact of these projects.
1
DATA S H E E T
Discovery and
Assessment
Benefits
•
Uncover new, forgotten or rogue
databases
•
Discover where sensitive data
is stored across your database
infrastructure
•
Detect database vulnerabilities
based on the latest research from
the Imperva Defense Center
•
Automate database discovery,
sensitive data classification and
database vulnerability assessment
•
Audit database configurations and
measure compliance with industry
standards
•
Streamline regulatory compliance
with PCI DSS and HIPAA
Vulnerability Assessment—Detect Exposed Databases
SecureSphere Discovery and Assessment streamlines vulnerability assessment at the
data layer. It provides a comprehensive list of over 1500 tests and assessment policies
for scanning platform, software, and configuration vulnerabilities. Database assessments
leverage Common Vulnerabilities Scoring System (CVSS) and the latest research from the
Imperva Defense Center to assess database servers and assign a vulnerability severity
level. Assessment scans can be run on-demand or at scheduled intervals, giving security
teams the flexibility to scan when it least impacts IT operations. Assessment policies are
available for a broad range of databases including Oracle, Microsoft SQL, IBM DB2 and
more. The vulnerability assessment process, which can be fully customized, uses industry
best practices such as DISA STIG and CIS benchmarks.
Summary view of assessment test results
Reporting and Dashboard—Gain Visibility into Security Posture
SecureSphere Discovery and Assessment produces detailed reports that help provide
an understanding of an organization’s overall security posture. In addition to graphical
dashboards, it includes pre-defined assessment test reports as well as the ability to
create custom reports. Assessment test reports also provide concrete recommendations
to mitigate identified vulnerabilities and strengthen the security posture of a data
repository.
Pre-defined Assessment Policies—Automate Compliance
SecureSphere Discovery and Assessment includes pre-defined assessment policies
that simplify compliance with regulatory mandates such as Payment Card Industry
Data Security Standard (PCI DSS) and Health Insurance Portability and Accountability
Act (HIPAA). These pre-defined assessment policies simplify compliance audits across
increasingly complex data environments.
Risk-based Remediation—Prioritize and Track Vulnerabilities
SecureSphere Discovery and Assessment enables risk-based vulnerability management
with the Imperva RiskSense Vulnerability Manager add-on option. Imperva RiskSense
Vulnerability Manager generates a risk score by augmenting the vulnerability severity
level with contextual information such as business criticality of the database. The risk
2
DATA S H E E T
Imperva
SecureSphere
Cyber Security
Imperva SecureSphere is a
comprehensive, integrated
security platform that includes
SecureSphere Web, Database and
File Security. It scales to meet the
app and data security demands
of the largest organizations,
and is backed by the Imperva
Defense Center, a world-class
security research organization that
maintains the product’s cuttingedge protection against evolving
threats.
score helps organizations prioritize remediation efforts that represent the greatest risk.
Imperva RiskSense Vulnerability Manager also facilitates remediation with a built-in
User Rights Management—Find Excessive Rights
SecureSphere Discovery and Assessment enables automatic aggregation and review
of user rights with the User Rights Management for databases (URMD) add-on option.
of excessive rights and dormant accounts based on organizational context, object
sensitivity and actual usage. Using URMD organizations can demonstrate compliance
with regulations such as SOX, PCI DSS 7, and PCI DSS 8.1.4 and reduce the risk of a data
breach.
Database Auditing and Protection—The Next Step for Data Security
For complete visibility and control of user access to sensitive data, SecureSphere
Discovery and Assessment can be extended to include database activity monitoring
organizations can implement security policies to block or alert on attempts to exploit a
vulnerability, providing virtual patch protection while software patches are developed by
software vendors.
© 2017, Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula, Skyfence,
CounterBreach, ThreatRadar, and Camouflage and design are trademarks of Imperva, Inc. and its subsidiaries.
All other brand or product names are trademarks or registered trademarks of their respective holders.
3
imperva.com