Imperva SecureSphere Database Security Reviews

Banks need to know who is accessing their data for compliance reasons. The other use case is related to creating, managing, and auditing databases. Some organizations cannot audit their databases because it involves lots of heavy processing, so they would rather have a third party do the database monitoring. That's where Imperva comes in. My enterprise clients use Imperva on-premises, but some customers are using FlexProtect, which is a cloud-based solution. About 10 security engineers at my company use Imperva currently.

Imperva's most valuable features are ease of use and log correlation. I also like the ability to trace activity from the host machine to the server access, the user details, and the exact query that they executed. If a database administrator or application process executes a query on the database, people know exactly what was executed, including all the variables. 

For example, it will tell you how many rows they were trying to select on which table, and you get the OS information, network details, IPs, and the user. That fine-grained auditing available on the platform makes life easier and helps explain anything happening in your database.

Our organization is a financial institution that stores transactional data. If that data changes or if someone outside the bank attempts to access it, we should receive an alert. We have implemented use cases to monitor and alert us in these scenarios.

It is very effective, and we use four main features. The first feature is cluster management, which allows me to redirect an agent to another gateway if one goes down. This ensures continuous monitoring without any loss of logs or database monitoring. The second feature is the ability to receive alerts if anyone tries to tamper with our Database Activity Monitoring settings or the Database Security Monitoring agent on the target database, allowing me to identify who is attempting unauthorized changes. It has a large pool of automated policies that we can refer to and apply. This makes it much easier to implement these policies and ensure database security.

The solution has a lot of use cases. I work in support. We support customers with issues they have with the system. We fine-tune the security policies and block the traffic according to the customers’ needs.

The gateway handles all database traffic. The solution is user-friendly. We use the data masking features to hide special information from the Imperva administrators. Imperva plays a key role in our security. We need to manage huge amounts of data for the enterprise, and Imperva enables us to do it. The AI helps us profile the traffic. It gives us statistics on the profiles that connect to the databases and run SQL queries. We can write policies based on the details.

We use Imperva SecureSphere Database Security to monitor user activities within databases. It includes detecting DDA activities, unauthorized queries, abnormal user behavior, and potential security breaches. It allows us to check and filter activities based on IP addresses, enabling us to track the sources of incoming requests. If any application uses SQL queries, SecureSphere can monitor these activities for unusual or unauthorized patterns. Additionally, we can set alerts for updates whenever a user profile is added to the database to ensure there is no malicious activity.

The product’s most valuable feature is real-time highlights. It helps with detecting natural weaknesses. The users can see the activity as soon as it is visible to administrators. It makes it easier to determine if some action has to be taken against malicious activity. The users can scan the data and check if it meets CIS standards.

We are using Imperva SecureSphere Database Security for database protection.

The most valuable features of Imperva SecureSphere Database Security are vulnerability assessment, enrichment security policy, and security

The solution provides significant benefits such as compliance and security. Its data risk analytics tool helps reduce numerous events to more manageable incidents.

The product's most valuable features are PPA auditing and database assessments. It has an efficient real-time alert functionality as well.

The use case is for database services, security purposes, and access capabilities. In DAM, we cannot use inline mode due to the blocking that is there. Details can be shared and accessed to see, for example, information about the DB, who's using it, its applications, et cetera. There are all kinds of reporting that can be accessed. We submit reports to the customer.

The audit feature is great. It is totally encrypted. Nobody can tamper with the details. For example, a DB admin can change the audit, however, if they are using the DAM product, that is totally different infrastructure so that the log, since it is an agent-based solution, whatever the activity will be done in the server regarding the database audit will be captured by the audit and that agent. The communication is totally encrypted and nobody can tamper with that data.

The initial setup is not overly complex.  

Our customers are using Imperva SecureSphere Database Security for GDP compliance.

Using Imperva SecureSphere Database Security has improved our organization by providing us with safety from vulnerabilities. We have better rules and rights management for our sensitive database.