Database Security Tool Reaches Out

Tomorrow Imperva will roll out a new feature for its database security tool that tracks changes outside the contents of the database -- such as configurations, executables, and operating system registry keys.

The new ADC Change Management Module for Imperva's SecureSphere -- which Imperva will announce at the InfoSec World conference in Orlando, Fla. -- follows any modifications outside the database that could affect its security, company officials say. SecureSphere already tracks internal changes to the database.

"Up until now, we allowed our customers and users to direct changes to objects within a database server, like tables that contained data, or the data structure of the database server itself," says Amichai Shulman, Imperva's CTO. "Now they can track changes to objects outside the database that are relevant to security, such as the objects in the OS that the database is running on."

According to Shulman, the main reason for this requirement is to document changes to data or databases to help establish compliance with regulations and standards such as Sarbanes-Oxley. "This lets you document changes to make sure there's no change that's unauthorized," he says.

Imperva joins Guardium in offering this feature, says Rich Mogull, a vice president for Gartner. "It's a good feature that may really help those organizations struggling with compliance issues around database change management. We do see this popping up on more and more audits.

"The limitation is when organizations really don't have any good change management to build on," Mogull continued. "In those cases, a tool like this might be hard to get full value from."

The new module lets you track when a database administrator makes a change to a configuration file to add a new database on the same server. "It's also now possible [to detect and track] when someone makes a mistake or maliciously makes a change," Shulman says. And it lets organizations provide a SOX or PCI auditor with authorization or documentation that explains the change, or to launch a forensics investigation of something suspicious, he explains.

Eric Ogren, security analyst for the Enterprise Strategy Group, says this new offering reflects a shift in aligning database security and business operations. "There is a definite trend in the industry to align security with business operational needs. This is one of the few useful benefits of the compliance climate -- all application owners have to include reporting on security in their business plans," he says.

The SecureSphere Change Control Module is free for SecureSphere customers subscribing to the ADC security update service, according to Imperva.

— Kelly Jackson Higgins, Senior Editor, Dark Reading