“We have all seen very high profile instances in which built-in controls have been too lax or security alerts have gone ignored or unnoticed and, as a result, critical data assets have bled from an organization,” said Mark Kraynak, Senior Vice President of Worldwide Marketing for Imperva. “Today, we are introducing technology to enable our customers to proactively define security strategies instead of reacting to security alerts. By doing this, Imperva customers will be able to protect against data access in real-time when suspicious behavior is detected.”
SecureSphere for SharePoint: The Granularity to Block Effectively
Aberdeen Group recently reported that SharePoint adoption has reached 65% with their enterprise customers. With nearly two-thirds of these enterprises using SharePoint as a collaboration tool, it is reasonable to assume that SharePoint holds business-critical data, including regulated or sensitive information. Recent high-profile SharePoint breaches have exposed the massive weaknesses in SharePoint access control, which leaves this sensitive information at risk. As SharePoint continues to gain traction in the enterprise, security and risk teams need solutions that can lockdown files that contain sensitive and regulated data.
New in SecureSphere 10.5, and unique to SecureSphere, is the ability to protect against access to SharePoint files in real-time based on business policy. Unlike ACLs and other traditional solutions, SecureSphere can control access based on a combination of behavioral and contextual factors such as the rate at which data is downloaded, time of day, source IP, etc. This gives SecureSphere for SharePoint customers the visibility and proactive control to help protect critical data assets from theft or misuse.
Data Owner Portal: The Power to Manage and Control Access
A Forrester report states that 22% of publicly reported data breaches and security incidents in 2013 were caused by data governance failure. This implies that the human element is playing a significant role in protecting critical files.
The Data Owner Portal, a feature of all of Imperva’s File Security products, is designed to limit access to sensitive and regulated files only to authorized people by extending file access control decisions to business line owners who understand what data is critical and confidential. Instead of limiting access control decisions to arbitrary IT rules, the Data Owner Portal integrates these key stakeholders into the process of aligning access rights based on business needs.
Additional Features of SecureSphere 10.5
New ThreatRadar Feeds Leverage Network Effect of Large Customer Base
With SecureSphere 10.5, Imperva is introducing two new feeds to ThreatRadar Reputation Services. ThreatRadar provides an automated defense against attacks and potential data breached by quickly detecting and protecting against known malicious sources. The two new feeds are Comment Spam and Malicious Scanners. These feeds demonstrate the positive network effect of threat intelligence generated from Imperva’s large installed base.
• The Malicious Scanner feed is part of Imperva’s crowd-sourced threat intelligence service, ThreatRadar Community Defense, which has gone from protecting 60 applications at launch in April 2013 to over 450 today.
• The Comment Spam feed is powered by the Incapsula network which protects tens of thousands of websites, delivering unique and market proven threat intelligence. This feed provides reputation information to both Incapsula and SecureSphere customers, highlighting the synergies and value of Incapsula. Imperva completed the acquisition of the remaining shares of Incapsula that were not owned by Imperva in March 2014.
SecureSphere for AWS: First Enterprise-Class WAF to Scale On-Demand
Previously announced, SecureSphere WAF for AWS is now shipping with SecureSphere 10.5. Imperva SecureSphere WAF for AWS is the first enterprise-class Web Application Firewall tailored specifically to protect applications residing on Amazon Web Services (AWS). Running natively in AWS, and leveraging all its capabilities, SecureSphere for AWS scales on-demand with AWS applications enabling organizations to move their datacenter infrastructure to the cloud without sacrificing the security controls that they have in their on premise applications.
10.5 Release Dramatically Lowers TCO in Database Security
With the release of Secure Sphere 10.5, Imperva dramatically lowers total cost of ownership for database security in large scale environments. Many organizations struggle to contain the costs of auditing and protecting large and growing database environments. Imperva reduces the costs by simplifying the process of adding new databases and optimizing the use of server and network resources. Key new features include:
• SecureSphere Gateway Clustering delivers cost-effective, resilient database auditing, without relying on third party solutions. With Gateway Clustering, we believe SecureSphere uses up to 90% fewer virtual appliances than other leading solutions.
• SecureSphere Deployment Automation streamlines and automates compliance by integrating SecureSphere into existing IT systems and processes. Compared with built-in database auditing, SecureSphere is designed to reduce labor costs by up to 70%.
• SecureSphere Agent Efficiency lowers total cost of ownership by reducing labor and infrastructure costs. Compared with built-in database auditing, we believe SecureSphere reduces infrastructure costs by up to 90%.