Imperva SecureSphere Database Security Reviews

As the member of an MSSP SOC team, we monitor dozens of appliances from multiple vendors. SecureSphere is one of the many tools that feeds our SIEM with relevant alerts regarding client activity of concern. Once we receive this, we use the alert monitor to delve into the details about what took place, when and where.

The level of detail provided is excellent, allowing the resources that manage the actual devices to determine whether or not, the activity is a legitimate concern and to rectify the activity in a timely manner.

We currently export PDF files to provide to the client. Rebranding this is a pain in the current environment. Having multiple and flexible export options would be better. Exporting to CSV or other formats and allowing the simple application of corporate logos to the reports, instead of vendor logos would be helpful.

In our environment, we use the SIEM to monitor the alerts, then log into SecureSphere to examine the activity in its alert monitor. Once we know that, if our level 1 analysts cannot determine whether or not the activity is false-positive, then we will export the activity and send it to the DBAs for them to examine closer.

I have used this solution for five years.

I don’t deploy, only monitor.

I’ve never had to contact them.

It has a very user-friendly interface that's very detailed. 

Overall, it's a very good product but they could do with some modifications log-wise — it should be more comprehensive. Otherwise, 95% of the product is very good.

The interface could be more user-friendly.

We have been using this solution for roughly two to three years.

Imperva SecureSphere Database Security is both completely scalable and stable.

I don't have much experience with technical support, but when I have spoken with them, they have been helpful.

The initial setup was very straightforward; not complex at all.

Deployment time varies, but in terms of implementation, it's a very good product. There is no hectic environment during the implementation. It is a very straightforward implementation.

The price is very high but compared to the price of the overall solution, then I think it's a good deal because the solution itself is great.

I would highly recommend this solution. It's a very expensive solution, but if you have the budget for it, I would definitely recommend Imperva Database Security.

On a scale from one to ten, I would give Imperva Database Security a rating of nine.

Imperva SecureSphere Database Security is used to store data for if there is an emergency we can restore it.

The performance of the solution is good.

The solution could improve by having more integration.

I have been using Imperva SecureSphere Database Security for six months.

The solution is stable.

Imperva SecureSphere Database Security is scalable.

We have three people in my organization using the solution.

I have not needed to use the support.

The installation is straightforward.

We have five engineers that do the implementation and maintenance of the solution.

The price of the solution is reasonable and it requires a license.

I rate Imperva SecureSphere Database Security a nine out of ten.

It is mainly used for database activity monitoring. Some customers use it to monitor all transactions in the database, such as privilege operations, grant commands. They collect all the data and see all transactions and store them. Sometimes, they also use security alerts with the database update monitoring, but generally, it is used only for regulations.

It has a user-friendly interface. It is a stable and scalable product. 

Its reporting can be improved. The reporting feature is currently not good enough for our clients.

I have been using this solution for about five years.

Stability is its main feature. There aren't any stability-related issues.

It is scalable.

I have contacted them. Sometimes, they are good, and sometimes, they are not. 

The initial setup was really easy. It took us two hours to deploy. 

I would recommend this solution. I would rate Imperva SecureSphere Database Security a nine out of ten.

Most of the configuration is out-of-the-box and it offers very granular security policies. Deployment and configuration is very easy. Once initial setup has been configured, all the rules and polices are applied automatically and we can start viewing the logs.

We are able to prevent and protect external and internal threats by using Imperva’s complete product line.

I would like to see some more granular audit logs for database activities.

I have been using it for 5-6 years.

I have not encountered any issues with deployment, stability or scalability issues. Deployment is very easy, and it offers more stability and scalability.

There are delays in responses from technical support, but you do get a response per SLA.

Initial setup was pretty straightforward.

Anyone can implement this solution if you study the guides.

It is worth the investment for retail, banking, government and IT organizations.

It is the best product for cyber security & forensic investigation for external and internal threat identification and prevention.

• Flexibility
• Provides the option of deployment architectures

• Easy monitoring
• Protection of internet banking applications

I was working for Crescendo International, which is a small company in Romania. My primary role was in network solution integration. I was the only person in the country with experience of three deployments of Imperva products at two major banks.

• The upgrade procedure is not clear
• There is no easy rollback
• There is no possibility to select different ways for two different types of cipher suit negotiation in two arm deployments. Most of the banks now use ECDHE for PFSC.
• No SNI support

We have been using the solution for two years.

There were many stability issues with the upgrade procedure. The technical support team didn't know how to handle them.

We encountered some stability issues.

The level of technical support is bad.

We did not use a previous solution.

The initial setup was straightforward.

Please be more transparent about licensing on subscriptions such as for ThreatRadar.

We evaluated F5 Networks.

We recommend implementing it.

• Flexible deployment modes
• Custom policy creation
• Complex vision of web apps
• DB security
• Intuitive logs

We have seen our security risk decreased due to customization and meeting all the security needs for every application.

I would like to see more parameters configurable for the kernel reverse proxy.

I have used this product for eight years, on both sides; from deployment to customers and administration of the existing infrastructure.

The stabillity issues we encountered were fluently fixed.

We did not encounter any scalability issues.

Technical support was very professional and elastic.

We used to deploy a different solution. We switched due to the valuable features mentioned.

Initial setup was straighforward.

It is a good idea to invest in threat detection licenses.

We evaluated:

• WAF: F5 and Radware
• DAM: IBM Guardium

For DAM, I recommend that you invest proper resources in the business part of the project. It is very important to set expectations properly.