We Secure What
Matters Most:
The Data Center
In physical, virtual, and
W
eb
A
pp
lic
at
io
n S
ec
ur
ity
Databa
se
Se
cu
rit
y
File Se
curit
y
Data Center Security Leader
Imperva, pioneering the third pillar of enterprise security, fills the gaps in traditional security by directly protecting high-value applications and data assets in physical and virtual data centers.
We Put Security Where It Matters Most
At Imperva we’re focused on one thing: closing the dangerous gap
in today’s enterprise security that leaves your business vulnerable
to attack, theft, and fraud. What we do is called data center security.
What we deliver is a new layer of protection that keeps the
high-value applications and data assets in your physical and virtual data
centers safe, yet accessible. And what we’re pioneering is a third
pillar of enterprise security designed specifically for the modern,
hyperconnected world.
Rather than focus on the infrastructure, we add a layer of protection that
directly surrounds the applications and data assets targeted by today’s
hackers and malicious insiders. With a comprehensive, integrated
security platform, we provide the visibility and control you need to:
•
Neutralize threats without adding complexity or slowing down
business
•
Quickly and cost-effectively achieve regulatory compliance
•
Reduce risk with automated, repeatable processes
1
Automated capabilities to discover and classify high-value business data2
User rights management capabilities to better align access rights with corporate policy3
Auditing and reporting capabilities that enable a separation of duties4
Sophisticated technical and logical attack protection and anti-fraud technologies5
Deployment flexibility though physical, virtual and SaaS offerings to address complex heterogeneous data center environments6
Integrated and centralized managementAt-a- Glance
Founded:
2002
Stock Symbol:
NYSE: IMPV
Headquarters:
Redwood Shores, CA
Employees:
Approximately 700
6 7
Web Application Protection
Securing web applications against cybercriminals, hacktivists, and state-sponsored attackers is a never-ending effort. Malicious users probe websites around-the-clock looking for vulnerabilities. Automation tools like off-the-shelf attack toolkits and botnets make it easy to execute large-scale attacks.
Application Virtual Patching
Remediating application vulnerabilities can take weeks or months, leaving websites exposed to exploit for long periods. With legacy, partner and packaged applications, it may not be possible to fix vulnerabilities. Web application firewalls can reduce application development costs and eliminate the window of exposure by quickly mitigating vulnerabilities.
Web Fraud Prevention
Preventing web fraud requires a multilayer defense. With criminals leveraging a variety of fraud schemes, including identity theft, fraud malware, brute force attacks, and phishing, organizations must implement the proper defenses to protect users and data. Unfortunately, though, integrating multiple types of fraud into web applications can take months and cost hundreds of thousands of dollars. A web application firewall can reduce integration efforts and centralize fraud and application security management.
Denial of Service Protection
Distributed Denial of Service – or DDoS – attacks are growing in number and severity. With the proliferation of DDoS attack tools and botnets for rent, hackers can launch a DDoS attack for as little as $50 USD. DDoS security services can ensure that your web applications are always available, even if you suffer a large-scale DDoS attack.
Site Scraping Prevention
Automated clients are inundating websites; they are harvesting and republishing web content, conducting online espionage, and inadvertently slowing down application performance. Since site scrapers look like regular human users, it can be difficult to stop scraping attacks through application controls alone. The SecureSphere Web Application Firewall can help. It includes multiple defenses that detect site scraping attacks and block bots and known malicious sources.
Application Security Solutions
Your website is constantly exposed to application security threats like SQL injection, XSS, DDoS attacks, and web fraud. Unfortunately, most web attacks can circumvent network security products like IPS and next generation firewalls; these products are not designed to patch application vulnerabilities or detect evasion techniques. To protect your web applications, you need a dedicated application security solution that can stop all types of web attacks including attacks that exploit custom application vulnerabilities.
Imperva offers a suite of products that continuously protect web applications against attacks like SQL injection, XSS, DDoS, and web fraud. From its market-leading web application firewall to advanced reputation and fraud prevention services, to easy, flexible cloud-based security services, Imperva provides a comprehensive set of application security solutions that protect against the most dangerous application threats.
”
“
Firewalls and intrusion
prevention systems don't provide
sufficient protections for most
public-facing websites or internal
business-critical and custom
web applications.
Jeremy D'Hoinne, Adam Hils,
Web Application Firewalls Are Worth the Investment for Enterprises
Sensitive Data Auditing
Auditing sensitive data access is required to achieve compliance with government and industry regulations and privacy acts. While audit requirements vary between regulations, all consider sensitive data auditing a key control to protecting regulated data.
International Data Privacy
Global companies need to comply with an increasing number of national data privacy laws. Today, nearly 90 countries have national data privacy laws. This creates a significant data protection burden on multinational organizations. When data is accessed across borders, businesses need appropriate monitoring and controls to ensure compliance with national data privacy laws.
Access Rights Reviews
Access rights reviews, sometimes called entitlement reviews, reduce unwarranted data access by aligning user rights with corporate policy. Establishing an access rights review workflow helps organizations build a repeatable process for permissions management, which is required by regulations like PCI DSS and SOX. Organizations should maintain an audit trail of the entitlement review process by recording whether reviewers accept or reject existing access rights, and any permissions management changes that are required.
Data Theft Prevention
Preventing data theft by insiders is essential to any effective data security strategy. Sensitive data is an attractive target and insiders can easily commit fraudulent activity. Therefore, preventing data theft requires monitoring user activity and restricting access to sensitive data based on business need.
Malware and Targeted Attack Defense
When malware infects someone inside your organization, the results can be disastrous. Compromised insiders are usually unaware that malware is present and can provide criminals with unrestricted access to networks and sensitive data. To defend against malware and targeted attacks, you must monitor sensitive data and generate security alerts or block access when unacceptable data access activity is observed.
Data Security Solutions
Businesses often deploy infrastructure security solutions – such as firewalls and anti-virus products – to achieve data protection, yet find these do not provide the visibility and control over data usage needed to be effective. As a result, some enterprises turn to manual processes based on native auditing tools. This approach proves to be expensive, unable to scale, and cannot deliver the separation of duties needed to satisfy auditors. For effective data security, enterprises need a layer of security positioned close to the data that can identify, prioritize and help mitigate risk.
Imperva offers a comprehensive data audit and protection suite that prevents data theft, audits sensitive data and privileged users, strengthens data privacy, and manages user access rights. The Imperva suite provides automated monitoring and controls for all database and file usage, and integrates with a range of related data security products to protect high value data and streamline regulatory compliance.
”
“
In an extended enterprise where
security doesn't control the users or
the devices, security must take a
data-centric approach.
Navigate the Future of the Security Organization Forrester Research, Inc., February 14, 2012
10 11
Application Security Products
SecureSphere Web Application SecurityWeb Application
Firewall (WAF) Protects applications from current and future security threats by combining multiple security engines into a cohesive web defense
• Dynamically Profiles legitimate web application usage • Alerts or blocks requests that:
› Deviate from normal application and data usage › Attempt to exploit known and unknown vulnerabilities › Indicate a sophisticated, multi-stage attack
• Fortifies web defenses with research-driven intelligence on current threats
• Virtually patches applications via integration with vulnerability scanners
• Safeguard AWS Applications with the only Enterprise-class WAF for AWS
ThreatRadar
Reputation Services Aggregates reputation data and updates security policies to identify:
• Malicious IP addresses • Anonymous proxies • TOR networks • Phishing URLs
• Undesirable geographic traffic sources
ThreatRadar Community Defense, delivers crowd-sourced threat intelligence to SecureSphere WAF. Community Defense gathers attack data from SecureSphere deployments around the world and translates this data into attack patterns, policies, and reputation feeds.
Fraud Prevention
Services Integrates with leading endpoint device identification and anti-malware products to enable organizations to identify and block fraudulent web activity.
DDoS Protection Service
DDoS Protection Service for SecureSphere
A secure, ultra-high capacity service that safeguards organizations from crippling DDoS attacks.
• Block advanced application DDoS attacks and encrypted HTTPS attacks with exclusive bot mitigation technology • Avoid application outages and brand damage • Protect in minutes with effortless deployment
Imperva Cloud Security Products
Incapsula Incapsula is an easy and affordable service that integrates four effective web solutions – Web Application Firewall (WAF), a DDoS mitigation service, load balancing and failover, plus a content delivery network (CDN) – into a single cloud-based service.
Gartner Magic Quadrant for Web Application Firewalls
Enterprise-class WAF for AWS
The first enterprise-class Web Application Firewall that scales on-demand with AWS applications, SecureSphere for AWS supports server elasticity and easy deployment, including:
• CloudFormation: Customers can define network settings and elasticity parameters like scaling groups in different availability zones
• Elastic Load Balancing: Balance traffic load, detect unavailable instances, and route around them
• CloudWatch: Detect critical issues like high CPU or bandwidth utilization; Automatically spawns new WAF instances which registers with the SecureSphere Management Server and synchronize security settings
Gartner, Inc. has released the 2014 Magic Quadrant for
Web Application Firewalls. Imperva has been positioned as a
Leader in this quadrant based on our completeness of vision
and ability to execute in the Web Application Firewall market.
Read the report here:
www.imperva.com/go/WAF-MQ
Gartner "Magic Quadrant for Web Application Firewalls" by Jeremy D'Hoinne, Adam Hils, Joseph Feiman, and Greg Young, June 17, 2014.Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Data Security Products
SecureSphere Database SecurityDatabase
Assessment (DA) • Detects database software vulnerabilities and mis-configurations• Measures compliance with industry standards and best practices • Identifies "rogue" databases and databases that contain
sensitive data Database Activity
Monitor (DAM) Includes Database Assessment functionality• Delivers real-time, automated, scalable database activity monitoring, auditing and reporting for heterogeneous database environments
Database Firewall
(DBF) Includes Database Activity Monitor functionality• Blocks external attacks and internal threats • Virtually patches vulnerabilities via integration with
SecureSphere DA User Rights
Management for Databases (URMD)
Add-on module DAM and DBF
• Evaluates user rights to enable the elimination of excessive privileges and dormant accounts
ADC Insights Optimized templates for effective deployment of SecureSphere database products within organizations running complex enterprise applications such as Oracle E-Business Suite, PeopleSoft and SAP
SecureSphere Database Security Benefits
Unparalleled Database Asset Coverage to Address Compliance and Security Requirements • Relational Database Management System (RDBMS)
• Data warehouses • Big Data platforms • Mainframe databases
Lowest Total Cost of Ownership in Large Scale Environments • Cost scales gracefully as your data grows exponentially • Save 80% over typical manual approaches
• Minimal impact on server and network resources
SecureSphere File Security
File Activity Monitor
(FAM) Delivers real-time, automated, scalable file activity monitoring, auditing and reporting of file access activity
• Includes all User Rights Management for Files functionality • Includes Data Owner Portal to power to manage and control
access sensitive and regulated files File Firewall (FFW) Includes all File Activity Monitoring functionality
• Blocks suspicious activity that violates corporate policies • Guards against mistakes introduced at the access control list level SecureSphere for
SharePoint Imperva’s unmatched, multi-layered SharePoint security solution that includes:
• Safeguard files, folders and lists • Protect against web-based attacks
• Prevent unauthorized access to the Microsoft SQL database at the core of SharePoint
Directory Services
Monitor (DSM) • Helps achieve security and compliance goals for Microsoft Active Directory • Provides flexible reporting and real-time auditing and alerting
on all changes
• Addresses critical concerns such as separation of duties and privileged user monitoring
Streamlining Regulatory and Industry Compliance
SecureSphere Data-Centric Audit and Protection
SecureSphere supports relational databases, file systems, mainframe, and SharePoint repositories, providing out-of-the-box audit and security policies to identify unauthorized access to sensitive data and to protect against data breaches.
Today, more than ever, organizations are challenged by the growing number of regulations and privacy acts. The momentum spans all verticals and geographies. Many organizations need to comply with more than one regulation, and are struggling with the increased complexity of technical implementations. Imperva solutions help organizations implement regulatory requirements across multiple regulations and streamline compliance efforts. SecureSphere Data Security solutions provide:
• Assessment and Risk Management • User Rights Management
• Audit and Reporting • Attack Protection
14 15
Protecting On-Premise Data Center Assets
The SecureSphere Suite is built on a common modular platform, which includes a single operating system and common code base.
• SecureSphere offers non-intrusive network monitoring gateways, lightweight agents, or a hybrid mix of the two.
• SecureSphere gateways are hardware or virtual appliances that are deployed in the network near the assets they are meant to protect.
• The SecureSphere MX Management Server provides a single, centralized point for aggregating and managing security policies, real-time monitoring, logging, auditing and compliance reporting as well as incorporating reputation Information from ThreatRadar and security updates from the Imperva Application Defense Center (“ADC”).
Mainframe, BigData, RDBMS WAF & DDoS Protection
Protecting Cloud Data Center Assets
Comprehensive Data Center Security for the Cloud
As organizations adopt cloud computing, critical applications and data assets move to the cloud in different ways. And just as the cloud extends the concept of the data center, Imperva has extended our leading SecureSphere platform into the industry’s most comprehensive portfolio for cloud security.
DATACENTER
Skyfence, an Imperva company, delivers a cloud security gateway that
provides comprehensive discovery, risk assessment, and control over SaaS applications.
For internally facing corporate applications, the move from on premise to Software as a Service (SaaS) applications such as Office365, Salesforce.com, Workday and NetSuite can result in significant cost savings and increased flexibility.
Imperva SecureSphere is a comprehensive, integrated security platform
that includes SecureSphere Web, Database, and File Security.
Infrastructure as a Service (IaaS) providers offer significant cost savings for externally facing, production applications many organizations are leveraging today. Amazon Web Services is the public IaaS platform that most customers use today.
SecureSphere for Amazon Web Services allows organizations to move their
applications to the AWS cloud without sacrificing security
Incapsula, an Imperva company, delivers an application-aware global
network that provides best-in-class content delivery network, website security as well as DDoS protection.
18 19
World Class Client Services
Imperva is dedicated to the success of our customers by offering world class customer service to complement your organization’s data center security and compliance strategies. Imperva understands the complexity of IT environments and can help you plan and navigate through all phases of your implementation. Whether you need Imperva expertise on day one, are managing a global security operations center, or require product training, Imperva offers a comprehensive set of support, professional services, and product training programs to meet your data center security objectives.
Technical Support
Imperva’s team of Support engineers delivers technical assistance for all Imperva products, leveraging their SecureSphere expertise and deep knowledge of security and compliance. The team is positioned across the globe to provide 24x7x365 coverage.
Professional Services
The Professional Services team provides guidance and expertise across all stages of the deployment lifecycle, ensuring that you achieve the greatest return and value from your Imperva investment. Our service offerings range from planning and design to optimization and management.
Training and Certification
Imperva offers hands-on, practical experience with instructor led educational courses delivered at Imperva’s classrooms, on-site, or via the web. You can also become a certified Imperva specialist with our product-specific certification offerings.
The Application Defense Center
The Imperva ADC is a premier research organization for security analysis, vulnerability discovery, and compliance expertise.
Keeping Up with Hackers
Hackers are, by definition, innovators and early adopters who constantly tweak attacks or create new methods to bypass enterprise defenses. This fact poses a serious challenge for security teams hoping to stay ahead of current threats. To keep Imperva and our customers current, the ADC engages in research activities including.
• Attack Monitoring – The ADC team uses live sites and honeypots to
understand attacks of all flavors across the globe.
• Hacker Forum Research – The ADC analyzes the content of online discussions
to provide insight into who and how hackers are targeting as well as their attack methods.
• Vulnerability Research – The ADC regularly investigate database and web
vulnerabilities to help security teams proactively identify and patch issues.
Turning Research into Value
The ADC team applies the lessons learned from core research to provide product updates and enhancements to Imperva customers and a variety of informational tools to the larger security community.
• Product Enhancements – ADC research delivers the foundation for many
Imperva capabilities.
• Security Updates – The ADC provides product updates including attack
signatures, database vulnerability assessments and pre-defined compliance reports.
• Hacker Intelligence Initiative (HII) – Every month, the ADC publishes research
to shed light on hacker trends and methods.
• Web Application Attack Report (WAAR) – Annually, the ADC publishes the
industry’s leading report which investigates the tools and attack techniques used by hackers to breach web applications.
• Industry Presentations – ADC’s researchers regularly speak at the security
industry’s premier events and conferences.
• Social Media – The results of ADC research and other useful information are
published in a variety of media, including the Imperva Data Security blog (blog. imperva.com) and Twitter.com/Imperva.
”
“
Our consultant has done a tremendous job
during our deployment. He is very knowledgeable
and easy to work with – and that is a valuable
combination! Imperva has delivered everything
as promised.
Harvey Ewing, Vice President, Director - Information Security, PrimeLending
* Statistics reported as of July 2014
Company Highlights
Our Mission
We protect high-value applications and data assets in physical, virtual, and cloud data centers
Our Market Segment
Data center security
Our Global Business
• Founded in 2002
• Global operations, HQ in Redwood Shores, CA • 700 employees
• Customers in 90 countries
Our Customers
3,300+ direct; thousands Cloud-Based
• 7 of the top 10 global telecommunications providers • 5 of the top 10 US commercial banks
• 3 of the top 5 global consumer financial services firms • 3 of the top 5 global computer hardware companies • 375+ government agencies and departments
• 400 of the Global 2000
“
94% of compromised data involved servers. . .
Yet 95% of security spend doesn’t address the
data center.
It's time to re-balance your security portfolio
0 30 60 90 120 150 2009 2010 2011 2012 2013 0 500 1000 1500 2000 2500 3000 2009 2010 2011 2012 2013
Revenue ($M)
Customers
Imperva3400 Bridge Parkway, Suite 200 Redwood Shores, CA 94065 Tel: +1-650-345-9000 www.imperva.com
We Secure What
Matters Most:
The Data Center
In physical, virtual, and
cloud environments
© 2014 Imperva, Inc. All rights reserved. Imperva and SecureSphere are registered trademarks of Imperva. #ImpStory-EN-0914rev5
