Imperva Advances Protection Against Data BreachesImperva Advances Protection Against Data Breaches
Proactive Controls Close Massive Security Gaps Caused by IT Complexity
May 1, 2014
REDWOOD SHORES, Calif., April 29, 2014 – Imperva Inc. (NYSE: IMPV), pioneering the third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual data centers, today announced the availability of SecureSphere 10.5. With today’s announcement, Imperva is addressing the massive security gaps left by increasingly complex IT infrastructures, and is delivering industry leading protection against insider threats.
“We have all seen very high profile instances in which built-in controls have been too lax or security alerts have gone ignored or unnoticed and, as a result, critical data assets have bled from an organization,” said Mark Kraynak, Senior Vice President of Worldwide Marketing for Imperva. “Today, we are introducing technology to enable our customers to proactively define security strategies instead of reacting to security alerts. By doing this, Imperva customers will be able to protect against data access in real-time when suspicious behavior is detected.”
SecureSphere for SharePoint: The Granularity to Block Effectively
Aberdeen Group recently reported that SharePoint adoption has reached 65% with their enterprise customers.1 With nearly two-thirds of these enterprises using SharePoint as a collaboration tool, it is reasonable to assume that SharePoint holds business-critical data, including regulated or sensitive information. Recent high-profile SharePoint breaches have exposed the massive weaknesses in SharePoint access control, which leaves this sensitive information at risk. As SharePoint continues to gain traction in the enterprise, security and risk teams need solutions that can lockdown files that contain sensitive and regulated data.
New in SecureSphere 10.5, and unique to SecureSphere, is the ability to protect against access to SharePoint files in real-time based on business policy. Unlike ACLs and other traditional solutions, SecureSphere can control access based on a combination of behavioral and contextual factors such as the rate at which data is downloaded, time of day, source IP, etc. This gives SecureSphere for SharePoint customers the visibility and proactive control to help protect critical data assets from theft or misuse.
Data Owner Portal: The Power to Manage and Control Access
A Forrester report states that 22% of publicly reported data breaches and security incidents in 2013 were caused by data governance failure.2 This implies that the human element is playing a significant role in protecting critical files. IT departments have to rely on an arbitrary set of security rules across all key stakeholders. However, business needs vary widely across an organization, and when the rules are generic, they are either too permissive in some cases, too strict in others.
The Data Owner Portal, a feature of all of Imperva’s File Security products, is designed to limit access to sensitive and regulated files only to authorized people by extending file access control decisions to business line owners who understand what data is critical and confidential. Instead of limiting access control decisions to arbitrary IT rules, the Data Owner Portal integrates these key stakeholders into the process of aligning access rights based on business needs.
Additional Features of SecureSphere 10.5
New ThreatRadar Feeds Leverage Network Effect of Large Customer Base
With SecureSphere 10.5, Imperva is introducing two new feeds to ThreatRadar Reputation Services. ThreatRadar provides an automated defense against attacks and potential data breached by quickly detecting and protecting against known malicious sources. The two new feeds are Comment Spam and Malicious Scanners. These feeds demonstrate the positive network effect of threat intelligence generated from Imperva’s large installed base.
· The Malicious Scanner feed is part of Imperva’s crowd-sourced threat intelligence service, ThreatRadar Community Defense, which has gone from protecting 60 applications at launch in April 2013 to over 450 today.
· The Comment Spam feed is powered by the Incapsula network which protects tens of thousands of websites, delivering unique and market proven threat intelligence. This feed provides reputation information to both Incapsula and SecureSphere customers, highlighting the synergies and value of Incapsula. Imperva completed the acquisition of the remaining shares of Incapsula that were not owned by Imperva in March 2014.
SecureSphere for AWS: First Enterprise-Class WAF to Scale On-Demand
Previously announced, SecureSphere WAF for AWS is now shipping with SecureSphere 10.5. Imperva SecureSphere WAF for AWS is the first enterprise-class Web Application Firewall tailored specifically to protect applications residing on Amazon Web Services (AWS). Running natively in AWS, and leveraging all its capabilities, SecureSphere for AWS scales on-demand with AWS applications enabling organizations to move their datacenter infrastructure to the cloud without sacrificing the security controls that they have in their on premise applications.
10.5 Release Dramatically Lowers TCO in Database Security
With the release of Secure Sphere 10.5, Imperva dramatically lowers total cost of ownership for database security in large scale environments. Many organizations struggle to contain the costs of auditing and protecting large and growing database environments. Imperva reduces the costs by simplifying the process of adding new databases and optimizing the use of server and network resources. Key new features include:
· SecureSphere Gateway Clustering delivers cost-effective, resilient database auditing, without relying on third party solutions. With Gateway Clustering, we believe SecureSphere uses up to 90% fewer virtual appliances than other leading solutions.
· SecureSphere Deployment Automation streamlines and automates compliance by integrating SecureSphere into existing IT systems and processes. Compared with built-in database auditing, SecureSphere is designed to reduce labor costs by up to 70%.
· SecureSphere Agent Efficiency lowers total cost of ownership by reducing labor and infrastructure costs. Compared with built-in database auditing, we believe SecureSphere reduces infrastructure costs by up to 90%.
Imperva, pioneering the third pillar of enterprise security, fills the gaps in endpoint and network security by directly protecting high-value applications and data assets in physical and virtual data centers. With an integrated security platform built specifically for modern threats, Imperva data center security provides the visibility and control needed to neutralize attack, theft, and fraud from inside and outside the organization, mitigate risk, and streamline compliance. Over 3,000 customers in more than 75 countries rely on our SecureSphere® platform to safeguard their business. Imperva is headquartered in Redwood Shores, California. Learn more: www.imperva.com, our blog, on Twitter.
Forward Looking Statements
This press release contains forward-looking statements, including without limitation those regarding our belief regarding the benefits of SecureSphere. These forward-looking statements are subject to material risks and uncertainties that may cause actual results to differ substantially from expectations. Investors should consider important risk factors, which include: the risk that our products are not adopted at levels that we anticipate; the risk that competitors may be perceived by customers to be better positioned to help handle security threats and compliance; and other risks detailed under the caption “Risk Factors” in the company’s Form 10-K filed with the Securities and Exchange Commission, or the SEC, on February 28, 2014 and the company’s other SEC filings. You can obtain copies of the company’s SEC filings on the SEC’s website at www.sec.gov.
You May Also Like
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks