Imperva SecureSphere Audits Database Changes to Identify Unauthorized Acts

A new Imperva release combines automated database assessment and change monitoring in the name of compliance and auditing.

Imperva today announced the release of SecureSphere ADC Change Management Module, a tool allowing users to track changes to external database objects.

SecureSphere automates the processes required to produce compliance reports, perform change control audits and maintain secure database configurations. All changes made to a databases contents, tables and columns, as well as underlying infrastructure including control and configuration files, registry keys and other operating system settings are tracked by SecureSphere. In addition, SecureSphere performs an initial assessment that reads the state of critical objects—files, scripts and registry keys—on the system.

/zimages/3/28571.gifClick here to read more about Impervas firewall offerings.

Imperva officials touted their product as an answer to calls for integrated database change detection, assessment and management. Unauthorized database changes force IT organizations to perform time-consuming and costly forensic research to identify what changed, who changed it, and what the exact changes were, company officials said. While most organizations have a change control system in place, many lack a mechanism to identify changes that occur outside of this managed process, officials contended.

As a result, unauthorized and malicious activity at the database goes undetected, making the lack of visibility not only an auditing flaw, but also a security weakness, officials said.

"Monitoring, detecting and recording database changes is no longer just a security best practice but a regulatory requirement in many industries," said Amichai Shulman, CTO of Imperva and head of the Imperva Application Defense Center. "The SecureSphere Change Control Module performs the complex and manually intensive operations required to track changes, identify unauthorized exceptions and maintain audit-ready records of database modifications."

The SecureSphere Change Control Module is currently available at no cost to SecureSphere customers who subscribe to the ADC security update service.

/zimages/3/28571.gifCheck out eWEEK.coms for the latest database news, reviews and analysis.