Scuba by Imperva Preferred by IT Security Pros, Database Administrators, and Compliance Officers; Security and Audit Assessments Key Drivers

FOSTER CITY, Calif., Jun 19, 2007 – Imperva®, the global leader in data security and compliance solutions for the data center, today announced that Scuba by Imperva, the company’s free cross-platform database vulnerability scanner, has been downloaded more than 3,000 times in less than six months by organizations worldwide including 53 Fortune 500 companies. The majority of users (75 percent) were IT security professionals, database administrators, and compliance officers; interested in conducting a combination of security (86 percent) and audit (50 percent) assessments; primarily on Microsoft SQL Server and Oracle databases.

To support the Scuba by Imperva community, Imperva today launched an online forum (scuba.imperva.com/bb) where users can share their experience using the tool, discuss results from their assessments, request new features, and more. In addition, fresh insights on data security and compliance are regularly posted by Amichai Shulman, head of the Application Defense Center (ADC), on his blog at: blog.imperva.com/.

Scuba by Imperva enables users to quickly, easily, and safely identify risks in production databases, and generate reports that serve as both a “to do” list and evidence for requesting additional resources to remediate vulnerabilities. Created by the Imperva ADC, an internationally-recognized data security and compliance research organization, Scuba by Imperva is a lightweight Java utility that safely identifies and documents vulnerabilities and misconfigurations in Oracle, Microsoft SQL Server, IBM DB2, and Sybase production databases.

Who is Downloading Scuba by Imperva and Why

In six months, Scuba by Imperva has been downloaded more than 3,000 times. Following is a summary of the constituents that have adopted the industry’s only free database-specific vulnerability scanner:

Downloads by user group

  • Database administrators (26%)
  • IT Security (24%)
  • Application/database development (19%)
  • IT/compliance management (14%)
  • Other (17%)

Downloads by industry segment

  • Professional Services / Consulting (28%)
  • Finance (17%)
  • Public Sector (17%)
  • Hi-Technology (12%)
  • Healthcare/Health Insurance (9%)
  • Retail/E-tail (6%)
  • Media and Telecommunications (4%)
  • Other (7%)

“Database assessment is the first and most crucial step for implementing security and compliance best practices,” said Amichai Shulman, CTO of Imperva and head of the Imperva Application Defense Center. “Market consumption of Scuba by Imperva over the past six months has surpassed all of our expectations. In addition, the profile of users who have downloaded the tool demonstrates that even the largest and most savvy IT organizations and industries require domain specific expertise to effectively manage their database security, audit, and compliance functions.”

Free, Safe and Always Up-To-Date Assessment

Scuba by Imperva requires a valid database administration login and password, and only tests for the existence of conditions that comprise vulnerabilities. It does not run exploits against the database or provide information useful to exploiting the vulnerabilities it finds. Scuba by Imperva downloads the latest threat landscape information from the ADC, ensuring that it always assesses for the most recent security risks. Reports are provided in HTML, and enable the prioritization of vulnerabilities and misconfigurations. A summary report provides an overall risk assessment of each database, including the total assessments passed and failed, and a distribution of discovered vulnerabilities by severity. A detailed report includes pass/fail results for each vulnerability test as well as a high, medium or low severity ranking.

Scuba by Imperva is available immediately at www.imperva.com/scuba. It is a free product with a perpetual license.

About the Imperva ADC

Imperva’s independent research organization, the ADC, is internationally recognized for its leadership in security and compliance research and education. ADC research combines extensive lab work with hands-on practice in real world environments to ensure that Imperva’s products have the most advanced technology, up-to-date threat protection, and practical compliance automation on the market. The ADC also regularly works with vendors of commercial business application and database products to communicate newly discovered vulnerabilities and mitigation techniques to the market in an effort to raise overall awareness and protection. For more information visit: www.imperva.com/resources/adc/adc.html.

About Imperva

Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com

# # #

Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact

Marc Gendron
(781) 237-0341
marc@mqpr.net