Imperva SecureSphere Database Security Valuable Features

Andrew_Kampolo - PeerSpot reviewer
Senior Manager at Zamtel (Zambia Telecommunications Company Limited)

Imperva's most valuable features are ease of use and log correlation. I also like the ability to trace activity from the host machine to the server access, the user details, and the exact query that they executed. If a database administrator or application process executes a query on the database, people know exactly what was executed, including all the variables. 

For example, it will tell you how many rows they were trying to select on which table, and you get the OS information, network details, IPs, and the user. That fine-grained auditing available on the platform makes life easier and helps explain anything happening in your database.

View full review »
Mangalik Pal - PeerSpot reviewer
Senior Network Security Engineer at SNSIN

The audit feature is great. It is totally encrypted. Nobody can tamper with the details. For example, a DB admin can change the audit, however, if they are using the DAM product, that is totally different infrastructure so that the log, since it is an agent-based solution, whatever the activity will be done in the server regarding the database audit will be captured by the audit and that agent. The communication is totally encrypted and nobody can tamper with that data.

The initial setup is not overly complex.  

View full review »
RN
CEO at Cyberapp

The most valuable features of Imperva SecureSphere Database Security are vulnerability assessment, enrichment security policy, and security

View full review »
Buyer's Guide
Imperva SecureSphere Database Security
March 2024
Learn what your peers think about Imperva SecureSphere Database Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
SA
Executive Trainee at a financial services firm with 5,001-10,000 employees

The product’s most valuable feature is real-time highlights. It helps with detecting natural weaknesses. The users can see the activity as soon as it is visible to administrators. It makes it easier to determine if some action has to be taken against malicious activity. The users can scan the data and check if it meets CIS standards.

View full review »
EF
Consultant at Btechc

Reporting is the most valuable aspect. It's very fast, even versus IBM. IBM could take three, or four days to get a report. In Imperva, everything is online, and you get the reports very fast. 

It is very easy to configure the new dashboards, and reporting is easy to do. It takes maybe an hour to do it. 

The solution is very stable. 

View full review »
DC
Operator at Halliburton

I like Imperva SecureSphere platform forms. Imperva SecureSphere is the foundation for SecureSphere data, file and web application solutions. Imperva SecureSphere is designed to work together, however can be independently deployed.

View full review »
MariyaKuklyeva - PeerSpot reviewer
BDM at Softprom by ERC

The most valuable features of Imperva SecureSphere Database Security are the user-friendliness, easy-to-use interface compared to competitors, database operations do not need a specialist, and simple to manage for our security team. Additionally, the solution can show all the databases and the level of sensitivity. It can show what is more sensitive or less sensitive.

View full review »
TB
Technical Director at a consultancy with 11-50 employees

It's not just one feature because the whole process is important, starting from discovery to protection and prevention. If we use agent-based functionality instead of a gateway, the solution becomes more feature-rich.

View full review »
AJ
Network Engineer at CBN

The most valuable feature is the automatic reports on new databases, which gives us up-to-date inventory management.

View full review »
FB
Senior Solutions Architect at eLAAB Limited

The reporting ends up being the most visible feature even though the protection and automated blocking are as valuable. The reporting is very flexible, and users can create any type of reports they want. It gives them insight into the information they need to be effective at what they are responsible for.

View full review »
DA
Senior IT Security Specialist at National Water Company

The features which are most valuable are from the security perspective. We do not have other specific tools for vulnerability assessment. The package allows user activity monitoring. The second thing is for assessing the vulnerability of the database while it is running. 

View full review »
AJ
Network Engineer at CBN

It's great that we're able to send light event monitoring and administrative activities. SecureSephere has a robust recording system.

View full review »
AC
Project Manager at a energy/utilities company with 10,001+ employees

The tool happens to be very intelligent when it comes to processing policies and sounding alerts. It allows us to implement policies and measure actions against them, raising alerts accordingly. That is the best feature.

View full review »
EA
Core Banking Application Support at a financial services firm with 10,001+ employees

Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

View full review »
it_user548754 - PeerSpot reviewer
L3 Application Support Analyst at a financial services firm with 1,001-5,000 employees

I believe the most valuable feature is the GUI. It is still very much oversized for the job it does, but in comparison to other alternatives, it is still the best at the moment.

View full review »
it_user589365 - PeerSpot reviewer
Senior Analyst at a consultancy with 10,001+ employees

The most valuable feature of this product is vulnerability management since you don’t need to run different scans by logging into different databases. Everything can be done and monitored through the centralized console by a few clicks and without any hassle.

Also, the report generation option on a daily/weekly/monthly basis comes in very handy to the top management.

View full review »
it_user249771 - PeerSpot reviewer
Information Security Compliance Manager at a financial services firm with 10,001+ employees

The database activity monitoring module used for real time database monitoring and integrated into the security event and incident monitoring solution. Most importantly for our critical legacy databases that cannot be encrypted and require real time a activity monitoring.

View full review »
LM
Tech Lead at a financial services firm with 1,001-5,000 employees

I like almost everything about the solution. That includes sensitive data scanning, which is what is the most important. The data discovery is great as well. 

I like the activity monitoring. That was the main reason we purchased the tool.

The integration is great.

They do quite a lot of feature updates. 

View full review »
AA
Data Center Network Expert at TOSAN

The most valuable features include the compliance with standards for security in web applications, and the ability to detect vulnerabilities.

View full review »
it_user538203 - PeerSpot reviewer
Solution Architect at a financial services firm with 10,001+ employees

The most valuable features are:

  • DAM Module
  • Third-party data source integration: Feeds automation
  • Data enrichment: Provides better data quality and session handling
  • API: Used for process automation
View full review »
it_user254619 - PeerSpot reviewer
Operations Consultant at a financial services firm with 10,001+ employees

We utilise the following components:

  1. Database activity monitoring of Oracle/SQL/Sybase databases - we did have UDB running, but that was decommissioned
  2. Assessment scans using mostly custom checks to check for security settings - we did expand this at one point to check for best practise, but this was discontinued
View full review »
Arnab - PeerSpot reviewer
Data Analyst at a tech services company with 11-50 employees

Using the product is a good experience. Database reporting features are valuable to us.

View full review »
DA
Cyber Security Engineer at Isolutions Associates Ltd (ISOLS)

I would say the discovery module is the most valuable feature as it provides good visibility of the database environment to particular sites. It scans the entire front of the environment to detect any new databases found just to make sure there are not any malicious things going on. I think it's a very powerful tool in that sense. It also helps that the solution is able to block queries that are able to be run by given database administrators on databases and manages user rights. 

View full review »
DK
Technical Account Manager at a tech services company with 201-500 employees

The feature that I have found the most valuable is the firewall component.  

View full review »
BO
Security Engineer at a comms service provider with 5,001-10,000 employees

The solution is very good for auditing purposes, including collecting and archiving logs. 

We appreciate that we can use it on the DB server without harming the performance of the database is fantastic. It doesn't feel like it's lagging.

The initial setup is very simple. 

Overall it's a solid product.

The pricing is okay.

View full review »
RH
Senior Database Administrator at a financial services firm with 1,001-5,000 employees

The beauty of it is that it provides segregation of duties. Typically, in the traditional environment, DBAs administer the database, and they have too much access. We are in the process of implementing other Oracle solutions, and it brings some kind of segregation. Just because someone is a DBA does not mean that he or she should have access to all of the data. Some of the data can be masked so that privacy and security are enhanced, especially when it is customer data for an institution like a bank.

View full review »
SB
Security Consultant and Cybersecurity Support at a tech services company with 51-200 employees
  • DB Activity Monitoring
  • DB Firewall
  • CounterBreach

Their web application firewall (WAF) is quite good.

View full review »
it_user144273 - PeerSpot reviewer
Senior IT Security Consultant at a tech consulting company with 51-200 employees

WAF is a great security layer to protect an organization from a wide spectrum of application attacks residing in OSI layer 7. The Imperva device relies on signature-based policies, as well as on a web correlation engine. In addition, the packet inspection can be enhanced with the aid of stream signature policies, which are policy items focused on the stream rather than the HTTP/HTTPS protocol. Imperva can easily match a web user to the requests launched from his client. While the default policy subset is very rich and covers different regulations (e.g., PCI, SOX), there is always an option to create custom policies addressing specific needs. Security alerts are comprehensive of all the necessary details for the analysis, such as connection details, signature triggered, alert type (e.g., Protocol, Profile), severity and followed action (e.g., syslog forward, IP monitoring).

DAM also provides great value to audits and again, the data monitoring policies by default are very rich.

If you don't know exactly what kind of data you store in-house, SecureSphere allows you to actively scan and classify your information, automatically providing you detailed status of the data, which can be further reviewed and finalised by analysts or DBAs. This is also valid for user rights on the data, understanding the level of privileges granted to users and suggesting countermeasures in detailed aggregated charts and reports.

Once under monitoring, the data can be reviewed with an intuitive interface that allows the analyst to drill down, quickly narrowing the scope in a few clicks and focusing the attention only on the relevant queries. Once the pattern is identified, it is even possible to quickly report a detailed status of the findings, as well as generate a report template for future uses. This is on the hot data, what we have available in the management database. The time span can be increased indeterminately with a good retention configuration, combined with a SAN that stores the cold data, partitioned in daily slices and ready to be loaded into a separate database space for archives.

This is brilliant if you think about scalability, for you can obtain a very big archive while preserving system resources and performance. However, to get this configuration, in-depth tuning is needed for several weeks in order to get all relevant metrics (e.g. data stored per day, data spikes, backup speed, link transfer capacity, etc.) and adopt the appropriate customizations.

Audit data can also be correlated with application users by obtaining a detailed match of the database queries executed according to a particular web user’s HTTP requests.

The FAM module allows organizations to continuously audit storages and network shares and keep a detailed record of every file operation across the company. Scans are available also in this context, providing user rights as well as access to the monitored files. A data classification is also possible with the FAM.

All of Imperva’s features are extremely powerful, while a certain degree of knowledge is required to have a solid understanding of the product.

View full review »
it_user504735 - PeerSpot reviewer
Assistant lead - Security Operations at a comms service provider with 10,001+ employees

Web application security is pretty good. I have encountered very low false positives.

The correlated attack validation (CAV) is one of the unique aspects about the SecureSphere technology I like.

View full review »
SA
Manager - IT Security

There are three major main use cases of this solution. The first one is to fulfill compliance regulations. Customers—especially the banks, health sector, and manufacturing—need to comply with the regulations in different countries. They have to fulfill compliance regulations around the privacy of data. In order to fulfill those requirements, they're using Imperva. It helps them to fulfill these requirements, and they are not fined by the regulators. That is the first use case why people buy Imperva.

The second one is for security itself. They don't want a cybercriminal to have access to the data. Imperva is a security solution, and you can use it to block unauthorized access to your data. 

The third one is related to rightful access to the data. They want to know:

  • Who has access to the data internally?
  • What queries were being issued on the database?
  • What time did they log in?
  • What is going on within the environment?
  • Who is touching the data?
  • What are they doing with the data internally? 

Customers or organizations want to have access or have visibility into all these.

View full review »
it_user499686 - PeerSpot reviewer
Senior Database Administrator at a media company with 1,001-5,000 employees
  • SecureSphere Database Assessment
  • SecureSphere Database Activity Monitoring
View full review »
AZ
Information Security Analyst at a financial services firm with 501-1,000 employees

The integration with CounterBreach, which is the anomalous behavior detection feature, is the coolest thing and it's quite user friendly as far as the console goes. 

View full review »
it_user280122 - PeerSpot reviewer
Security Professional with 501-1,000 employees

There are many features that are valuable, it depends on the purpose. If the purpose is compliance or auditing, the most valuable feature are the audit log system, as it helps you to secure an audit trail and from user to action even if the user are privileged and even if the user logs in on the physical server. If the purpose is security the most valuable feature are the way it can drop and prevent the access of sensitive table/data set by rules and policies. Lastly, if the purpose is availability, the most valuable feature is the way it can drop connections set by rules and policies.

View full review »
it_user561654 - PeerSpot reviewer
IT Security Consultant at a tech company with 501-1,000 employees

Data discovery and classification: It gives you the ability to find your sensitive data where it exists, even though you may not have known it was there.

Vulnerability assessments: This feature helps you to know the possible vulnerabilities in your protected servers.

Database firewall: This is the most important feature. It provides you with the capability to block attacks (external or internal) in real time to your protected servers.

View full review »
it_user949830 - PeerSpot reviewer
IT Security at rmrf-tech

The most valuable feature is the protection from Botnets. The DDoS attack is one of the things that it protects against.

The functionality is very useable and easy to understand. It is also easy to update if you follow the instructions.

View full review »
it_user501258 - PeerSpot reviewer
ERS Consultant at a consultancy with 10,001+ employees
  • Easy agent setup
  • Big data
  • SIEM tool integration
View full review »
it_user254976 - PeerSpot reviewer
Officer- Informations Systems Security Audit at a government with 501-1,000 employees
  • Database activity monitoring
  • Web application firewall
View full review »
RB
Software Developer at a university with 1,001-5,000 employees

The best feature of this solution is the integration between components. It has a lot of different components that cover the needs of our customers.

View full review »
Roi Nahari - PeerSpot reviewer
CTO- Consulting Services at 2bsecure

The most valuable feature of this solution is the database security policy.

View full review »
MS
Security Specialist at a tech services company with 51-200 employees

The performance of the solution is good.

View full review »
OO
Cloud Solutions Architect at Snapnet Limited

The most valuable feature is the Data Masking. Most of our customers inquire about it, so it is very important to us.

View full review »
AP
Chairman & CEO at a tech vendor with 51-200 employees

The cyber intelligence feature is the most valuable. 

View full review »
it_user245442 - PeerSpot reviewer
Database Administrator II at a pharma/biotech company with 501-1,000 employees

The alerts on threats and system statuses.

View full review »
it_user577539 - PeerSpot reviewer
Senior Security Analyst at a tech services company with 10,001+ employees

As the member of an MSSP SOC team, we monitor dozens of appliances from multiple vendors. SecureSphere is one of the many tools that feeds our SIEM with relevant alerts regarding client activity of concern. Once we receive this, we use the alert monitor to delve into the details about what took place, when and where.

The level of detail provided is excellent, allowing the resources that manage the actual devices to determine whether or not, the activity is a legitimate concern and to rectify the activity in a timely manner.

View full review »
Rana Shahid - PeerSpot reviewer
Business Development Manager at gwc networks

It has a very user-friendly interface that's very detailed. 

View full review »
GD
Information Security Specialist with 51-200 employees

It has a user-friendly interface. It is a stable and scalable product. 

View full review »
it_user496329 - PeerSpot reviewer
Security Engineer at a tech company with 1,001-5,000 employees

Most of the configuration is out-of-the-box and it offers very granular security policies. Deployment and configuration is very easy. Once initial setup has been configured, all the rules and polices are applied automatically and we can start viewing the logs.

View full review »
it_user584112 - PeerSpot reviewer
Network And Security System Administrator at a international affairs institute with 1,001-5,000 employees
  • Flexibility
  • Provides the option of deployment architectures
View full review »
it_user541239 - PeerSpot reviewer
Regional Sales Engineer at a tech company with 1,001-5,000 employees
  • Flexible deployment modes
  • Custom policy creation
  • Complex vision of web apps
  • DB security
  • Intuitive logs
View full review »
Buyer's Guide
Imperva SecureSphere Database Security
March 2024
Learn what your peers think about Imperva SecureSphere Database Security. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.