SecureSphere Links Every Database Transaction to the Responsible Web Application User; Provides Query-Level Auditing

FOSTER CITY, Calif., June 5, 2006 – Imperva™, the leader in data security for the data center, today announced the SecureSphere™ Database Monitoring Gateway (DMG) which logs query-level details of database activity, audits usage for exception-based behavior,  and associates  every event with the responsible web application user. Traditional monitoring products only track database activity back to the web application accessing the database, but not to the actual web user. SecureSphere, a true auditor’s auditing product, records who pulled the trigger, not just the gun used to hold up a database.

“Database auditing is a critical industry requirement for us and places significant strain on our IT resources given the limitations of existing monitoring tools,” said Bob Coates, vice president of technology for FFF Enterprises, a leading distributor of plasma products, vaccines, clinical trial drugs and other biopharmaceuticals. “The ability of SecureSphere to log all database activity and the user associated with each event will be a huge cost and time saver for us. Without any manual data mining, we’ll be able to provide auditors all the information they need right down to the query-level”

Universal User Tracking and Auditing

For fast answers to the critical “who did it” audit question, SecureSphere logs database activity based on the web user’s login id regardless of the web application used or the database platform accessed. Traditional database monitoring products only know which application authenticated to the database, but not the end user who authenticated to the application. SecureSphere’s patent pending Universal User Tracking supports the leading databases and any web application including Oracle Financials, SAP, PeopleSoft, as well as packaged and custom programs. It requires zero changes to the database and application.

Logs All Details and Flags Exceptions

To simplify regulatory compliance audits, SecureSphere records the complete details of all database activity down to the query-level, even for the largest and busiest databases. In addition, SecureSphere automatically identifies database usage that is outside of acceptable and normal business practices. SecureSphere identifies audit-critical events by profiling each user’s established data access patterns and flagging actions that represent material deviations from the profile. Traditional database monitoring products are easily overwhelmed by high transaction rates and are forced to only record aggregated database activity, such as a customer table was read 10 times in a given time period.

Evasion-Proof Auditing

To meet audit industry best practices, the SecureSphere network appliance operates independent of the database server and captures activity before it even reaches the database. Traditional database logging products, which run on the database server, are at risk of a data base administrator or other privileged user turning them off or tampering with their logs. Furthermore, SecureSphere is not vulnerable to flaws in database server software or database communication protocols that can be exploited to evade audit mechanisms. This year, Imperva’s research organization, the Application Defense Center, has discovered and reported to Oracle and Microsoft several vulnerabilities that could be used to evade built-in and 3rd party audit tools.  See http://www.imperva.com/resources/adc/adc.html. Imperva issues updates to customers that enable SecureSphere to recognize and log attempts to use these undocumented evasion techniques.

“To meet regulatory, industry, and security compliance requirements, organizations need an auditing solution that provides 100 percent, not 50 or 60 percent, visibility into database  activity,” said Shlomo Kramer, founder and CEO of Imperva. “SecureSphere is the first monitoring gateway that can tell organizations when a specific end user accessed the database, precisely what they did, and whether their actions are a material exception to acceptable use policies or their job requirements. In addition, SecureSphere achieves this without requiring any changes to applications or databases.” 

Pricing and Availability

The SecureSphere Database Monitoring Gateway will be available on June 19th  from Imperva and its business partners worldwide. Pricing starts at $35,000 USD for an appliance and a license to monitor an unlimited number of databases

About Imperva

Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com

# # #

Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact

Marc Gendron
(781) 237-0341
marc@mqpr.net