Imperva enhances its SecureSphere database activity monitoring tool with new analytical capabilities that can help users detect brute force attacks and unauthorized operations. Imperva also includes enhancements to make it easier to create audit, security and user monitoring controls around SAP data.
Imperva has built new analytic capabilities into its database activity
monitoring tool to enable auditors to more easily analyze and correlate
The new feature, contained within SecureSphere 6.2, is called Interactive
Audit Analytics and allows auditors to piece together patterns and identity
unauthorized operations and attacks. For example, if there are a number of the
failed log-ins in a very short time from an external IP and a machine with an
unknown user and device name, it would likely be a brute force attack,
explained Mark Kraynak, vice president of marketing for Imperva.
"Interactive Audit Analytics provides views that correlate database
operations source users behind them, the application or tools used, and date
and time of the activity," he said. "With this information, auditors and
security personnel can pinpoint unauthorized events taking place outside of a
maintenance window, executed by unauthorized users or through unexpected
applications or tools."
The new version also includes the ability to assess the performance of
database servers running SQL statements by examining query response time.
In addition to the analytical features, the new version includes a new level
of SAP transactional awareness meant to
bridge the gap between SAP audit data trails
and their associated business transactions. Much of the data managed by SAP
applications falls within the scope of industry mandates like SOX and the PCI DSS.
However, SAP business transactions and
their arbitrary underlying data structures are not easily reconciled, Imperva
officials contended. The end result is business users and auditors being unable
to establish controls that provide the granularity of supporting audit data
required for regulatory compliance reporting.
SecureSphere is looking to bridge this gap by offering a premapped list of
more than 150 privileged SAP transactions
and the ability to recognize/piece together customized transactions. The idea
is to abstract obscure data structures so that business users and auditors
can collaborate to create audit, security and privileged user monitoring
controls that meet their business and compliance requirements.
As part of the launch, the company is also offering the "The Best DAM Solution"
challenge. Enterprises may get a $1,000 money-back guarantee if they evaluate
SecureSphere for 30 days and do not find it to be the best DAM solution they
have ever seen. As part of the challenge, organizations must deploy and evaluate
Imperva in a production environment. No purchase commitment is required.