Imperva Rolls Out Integrated Risk Management Solution For Database SecurityImperva Rolls Out Integrated Risk Management Solution For Database Security
SecureSphere version 7 combines risk scoring and visualization for databases and data, allowing organizations to detect and fix problems before a breach or audit failure can occur
April 7, 2009
REDWOOD SHORES, Calif., April 6, 2009 -- Imperva, the data security leader, today announced the first integrated risk management platform for protecting databases, data, and the applications that use them. The new capabilities, which as are available as part of SecureSphere version 7, combine risk scoring and visualization for databases and data allowing organizations to immediately detect and fix problems before a breach or audit failure can occur. The company also introduced the SecureSphere Discovery and Assessment Server, an automated solution for identifying sensitive data and vulnerabilities in databases. Finally, Imperva announced it has repackaged its five data security products as the SecureSphere Data Security Suite to align its offerings with customer deployment scenarios.
In its recently published U.S. Cost of a Data Breach Study, Ponemon Institute, a privacy and information management research firm reported that data breach incidents cost U.S. companies $202 per compromised customer record in 2008. This is an increase of 46 percent since Ponemon's first annual report on breach costs in 2005. The SecureSphere Suite integrates risk management that spans the entire data security spectrum - discovery, assessment, scoring, monitoring, protection and audit. This allows customers to identify and remediate latent threats before they lead to breaches or regulatory compliance failures.
Push Button Database Discovery and Vulnerability Assessment To automate the manual task of locating database servers, classifying sensitive data, and identifying vulnerabilities, Imperva is introducing the SecureSphere Discovery and Assessment Server (DAS). This solution provides extended and enhanced capabilities previously available with SecureSphere in a standalone solution appropriate for both large and mid-sized enterprises. It is also available as a module with the SecureSphere Database Activity Monitoring, Database Firewall, and the Data Security Suite offerings. DAS reduces to a few mouse clicks the following tasks:
Scans the network for all database servers
Identifies and classifies sensitive data into relevant pre-define categories
Supports custom, user-defined sensitive data classifications
Pinpoints security vulnerabilities on each database including missing patches, default passwords, and more
Global to Granular Views of Data Risks
To eliminate the guess work associated with understanding and remediating threats to sensitive data, SecureSphere now provides automated risk management capabilities with its Database Activity Monitoring (DAM), Database Firewall (DBF), and Data Security Suite (DSS) solutions. Using data gathered by the discovery and vulnerability assessment modules, SecureSphere assigns risk scores to databases and data based on:
Whether sensitive data is stored on a database
What type of sensitive data is stored on the database, such as credit card numbers, usernames/passwords, salaries, etc.
Whether the database meets applicable requirements mandated by regulations including SOX, PCI DSS, NERC CIPS, or HIPAA
Using the SecureSphere Risk Explorer visualization tool, users can graphically navigate all the databases in their environment, easily locate databases that are at a risk to prioritize remediation activities, and drill down to root causes to fix problems.
"The business impact and costs associated with data breaches and regulatory compliance violations are forcing organizations to move upstream from the tactical approach of protecting computing devices to a risk-based model that focuses on protecting data," said Amichai Shulman, CTO of Imperva. "Imperva's focus from the very first release of SecureSphere has been oriented on protecting sensitive data. With version 7.0 we have added innovations that make it easier than ever to identify and classify sensitive data, discover data that is at risk, find the root cause of vulnerabilities, and protect against them."
SecureSphere Data Security Suite
To align the packaging of its assessment, monitoring, protection, audit, and risk management solutions with customer deployment scenarios, Imperva has repackaged its product line as the SecureSphere Data Security Suite. This modular set of offerings can be purchased together as a full suite or individually to meet current requirements and be expanded to satisfy future needs. The SecureSphere Data Security Suite is comprised of:
Web Application Firewall: Security for Web applications
Database Firewall: Auditing and Protection for Databases
Database Activity Monitoring: Visibility into Database usage
Discovery and Assessment Server: Discovery and Assessment for Databases
MX Management Server: Comprehensive Centralized Data Security Management
Pricing and Availability The SecureSphere Discovery and Assessment Server and the complete SecureSphere Data Security Suite will be available in the second quarter of 2009 from Imperva and its business partners worldwide. Pricing for the Discovery and Assessment Server starts at $12,500 for 25 database servers. Pricing for the full suite starts at $50,000. Individual components, when purchased stand alone, are priced separately.
Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world's leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
AI in Cybersecurity: Using artificial intelligence to mitigate emerging security risks
Quantifying the Gap Between Perceived Security and Comprehensive MITRE ATT&CK Coverage
2021 Gartner Market Guide for Managed Detection and Response Report