Imperva SecureSphere Database Activity Monitoring v8.5
November 01, 2011
basic: X2500 appliance with management server (M100): $55,000
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Multiple deployment options, and audit and forensic capabilities.
- Weaknesses: Pricey. Not as simple to use as one would expect in an appliance-based solution.
- Verdict: Delivers a lot of capabilities. We make this our Recommended choice.
SecureSphere Database Activity Monitoring (DAM) v8.5 from Imperva continuously monitors and audits all database operations, including privileged user access and response, to detect and block attacks and data leaks. The product uses a dynamic profiling behavior-based baseline to help determine malicious behavior or variances in use.
The solution is deployed as a set of hardware appliances. We used two, the M100 Management Server and the X2500 database activity monitoring appliance. Imperva also offers a virtual appliance that can be deployed on in-house hardware.
SecureSphere DAM enables continuous monitoring and granular auditing of all database operations in real time, providing organizations with a detailed audit trail that shows the "who, what, when, where and how" of each transaction. The solution captures all database activity, including data definition language (DDL), data manipulation language (DML), and data control language (DCL). In addition, it will record read-only activity (SELECTs), changes made to stored procedures, triggers and database objects, as well as SQL errors and database login activity. Additionally, it looks for various database attacks at the OS, protocol and SQL levels, including SQL injection, buffer overflow denial-of-service attacks and protocol violations.
The user interface is fairly easy to pilot. However, the documentation was lacking in detail relating to management and configuration of the system.
The application was at the high end of the pricing scale, but it delivers quite a number of capabilities. It is a true enterprise-class solution.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Cybercriminals already able to hack ATM biometric readers
- 185M incidents bypassed perimeter defenses - report
- OVH suffers massive 1.1Tbps DDoS attack
- IoT assault, connected devices increasingly used for DDoS attacks
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- End-of-support devices on networks weakening cyberdefenses, report
- Android.Lockerscreen using pseudorandom passcodes to ensure payouts
- FBI investigating hacked mobile phones of Democratic officials
- 70% of IDTMs want UK gov to do more so young people enter tech field
- 69% of office professionals in the UK hoard data