Delivers Only Unified Security Platform to Provide Automated Protection Against Web Application Hacking, Database Breach and Worm Infection

FOSTER CITY, CA – February 14, 2005 – Imperva, Inc., the developer of the world’s first Dynamic Profiling Firewall, today announced it has extended SecureSphere’s database protection to include database management systems from Sybase® and IBM®. The new support includes Sybase Adaptive Server Enterprise® and IBM DB2® databases, including DB2 for Linux and DB2 for z/OS. Imperva’s SecureSphere Dynamic Profiling Firewall now protects database management systems from Oracle®, Microsoft®, Sybase and IBM in a single platform.

In a separate announcement, Imperva also announced its membership in the Sybase Business Solutions Alliance. SecureSphere will be demonstrated this week at RSA Conference 2005, San Francisco, Moscone Convention Center, February 14-18, booth #324.

“Protecting both databases and Web applications is critical to providing a comprehensive security solution for enterprise applications. Especially since many application attacks are direct assaults on the database that entirely bypass the Web application interface,” said Alan Norquist, vice president of marketing and business development for Imperva. “Extending SecureSphere’s database protection to include both Sybase and IBM DB2 allows Imperva to provide total application security across the entire enterprise for our large healthcare, ebusiness, and financial services customers.”

The SecureSphere Dynamic Profiling Firewall provides total application security by protecting against the key threats facing enterprise applications and databases, including:

  • Web application attacks such as SQL Injection, parameter tampering, cookie poisoning.
  • Direct database breaches such as data theft by unauthorized employees.
  • Worm infections on critical servers, including known infrastructure attacks and Zero Day worms.

SecureSphere cuts operational costs because deployment requires no changes to existing applications and infrastructure and SecureSphere operations requires no on-going manual tuning. This automation is due to Imperva’s Dynamic Profiling technology that can automatically create a profile of the application’s structure and dynamics by examining application and database traffic in the production environment. This application profile is used to identify and block attacks while also recognizing valid application changes and automatically incorporating them into the application profile.

Dynamic Database Protection
SecureSphere’s Dynamic Database Firewall technology protects against both direct internal attacks as well as attempts to compromise the database via a Web application. The database firewall utilizes the database elements of the Dynamic Profile to detect unauthorized or unusual database activity of any kind. Database elements include SQL queries, valid users and source addresses, as well as legitimate behaviors and authorized operations per user.

Dynamic Web Application Protection
SecureSphere’s Dynamic Web Firewall technology protects an application’s external Web interface by utilizing the Web elements of the Dynamic Profile, including legitimate URLs, HTTP methods, parameters, cookies, response codes and hidden fields. By automatically creating profiles that model normal user interactions with the Web server, the Dynamic Web Firewall can recognize and block attacks targeting enterprise web applications.

Dynamic Worm Protection
SecureSphere’s Web Worm Profiling technology protects against day zero Web worms that exploit previously unknown application vulnerabilities before a patch or signature has been distributed. SecureSphere’s worm profiling technology identifies zero day worm based not on attack specific signatures but on specific combinations of attributes that uniquely characterize day zero Web worms.

SecureSphere also protects against unauthorized users, dangerous protocols, common network layer attacks and worm infections using deep inspection firewall capabilities that provide full network access control services, including black- and white-listing to block. HTTP protocol checks that enforce RFC and expected usage rules are also included to block both known and unknown exploits. Industry-standard signature detection is also provided, including full Snort®-compatible support and multi-protocol detection of known attacks.

Unique Insight Into Application Vulnerabilities in Production
Imperva SecureSphere also helps companies proactively identify vulnerabilities when application changes are deployed in production. This capability is critical since many vulnerabilities are dependent on the specifics of an application’s deployment and only become apparent after an application has been placed in production. SecureSphere’s Application Vulnerability Profiling identifies security vulnerabilities created by deviations from system design best practices, as well as those introduced by the configuration complexities of web application production environments.

Pricing and Availability
SecureSphere support for Sybase and IBM DB2 databases is currently available worldwide. Existing SecureSphere customers with active subscription contracts are entitled to the new database support capabilities. Pricing for the complete SecureSphere appliance solution starts at $35,000 for a Dynamic Profiling firewall and centralized management appliance including 1 year of software subscription and support.

About Imperva
Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com

# # #

Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact
Marc Gendron
(781) 237-0341
marc@mqpr.net