WP Data Security Fabric | Advanced Data Monitoring | Imperva

Home > Data Security > Data Security Fabric > Data Activity Monitoring 

Data Activity Monitoring

Imperva Data Security Fabric (DSF) Data Activity Monitoring provides the robust compliance and security coverage necessary for protecting your data—with full visibility into data usage, vulnerabilities, and access rights

Simplify data compliance and stop breaches

Today's digital and knowledge economy is fueling exponential data growth by using more and more data to drive value for organizations. To protect your data and your business, you need compliance and security solutions that take a data-centric approach. Imperva Data Security Fabric (DSF) Data Activity Monitoring helps organizations unleash the power of their data by reducing the risk of non-compliance or a security breach incident.

Robust compliance and security coverage

DSF Data Activity Monitoring provides continuous monitoring to capture and analyze all data store activity from both application and privileged user accounts, providing detailed audit trails that show who accesses what data, when, and what was done to the data. It unifies auditing across diverse on-premises platforms, providing oversight for relational databases, NoSQL databases, mainframes, big data platforms, and data warehouses. It also supports databases hosted in Microsoft Azure and Amazon Web Services (AWS) — including PaaS offerings such as Azure SQL and Amazon Relational Database Services (RDS). Detailed data activity is captured automatically, making it easier to fulfill audit requests.
Data privacy

Automatic data store profiles

Automatically examine application and database traffic to create a profile of baseline normal activity

Data Discovery Classification

Data store vulnerability scans

Run assessment tests on data stores to scan for known vulnerabilities

Sensitive Data Management 1

Data access auditing

Audit all access to sensitive data by privileged and application users

icon dark attack threat

Real-time monitoring

Alert or block database attacks and abnormal access requests, in real time

Users

User rights management

Identify excessive and dormant user rights to sensitive data

icon dark automation gears 60

Automated updates

Detect and virtually patch database software vulnerabilities

Imperva DSF's difference: Unifies visibility

unifies visibility bg mobile
DSF Data Activity Monitoring displays the information generated from all of your data stores - regardless of their location - in a central and unified dashboard. Real-time information presented includes system events, alerts, violations, blocked sources, gateway and agent status, system warnings, database auditing, file server auditing, archiving information, and more.

Data access auditing

The ability to monitor and record all events involving access to sensitive data is a critical aspect of securing your data. This capability provides visibility into transactions being conducted in day-to-day operations. It creates an audit trail that can assist in analyzing data theft, sensitive data exposure, and other behavior that may negatively impact your company's data. Auditing assists in several areas regarding operations, including:
Data access auditing bg mobile
  • Regulatory Compliance

    Imperva policies can be configured with predefined settings that allow you to easily maintain compliance with regulatory bodies such as Sarbanes Oxley (SOX), Payment Card Industry (PCI), the Health Insurance Portability and Accountability Act (HIPAA), and more.

  • Data Forensics

    Imperva DSF Data Activity Monitoring enables you to conduct data forensics, follow an audit trail, and ultimately understand the what, when, and how of questionable or problematic activity. Imperva filters and views enable you to select a specific policy, determine the time frame of data to be displayed, filter by various aspects such as operations, table groups, and types of operations, and then display the resulting data in easy-to-read graphical views.

Imperva Data Security Fabric uses the Common Vulnerability Scoring System (CVSS) to analyze the risk presented by the vulnerabilities discovered in your network and data and assign a Risk score. CVSS is “an open framework for communicating the characteristics and impact of IT vulnerabilities.” It is maintained by the National Institute of Standards and Technology as part of the Security Content Automation Protocol (SCAP) framework. Scoring vulnerabilities using CVSS provides an accurate model for measuring the risk inherent in discovered vulnerabilities and prioritizing them for mitigation. For more information about CVSS, see nvd.nist.gov/cvss.cfm

NIST logo

Monitoring and security policies

Monitoring is a key phase in Imperva Data Security Fabric’s (DSF) data management lifecycle. Imperva DSF is equipped with a friendly user interface that clearly displays monitoring event information in a central location. DSF Data Access Monitoring displays real-time information that includes system events, alerts, violations, blocked sources, gateway and agent status, system warnings, database auditing information, file server auditing information, archiving information, and more.

Monitoring events, alerts, and violations can take on many aspects. Depending on your specific implementation, there may be several types of users with varying roles and associated security policies. You can use the pre-configured severity ratings in Imperva DSF or customize your policies to fine-tune how events are interpreted to determine if an alert is a false positive, an attack, or something else.

  • Regular events
    A generic term for any change or action that has been detected by Data Security Fabric.
  • Learning events
    The discovery of a new item to be protected in the network.
  • Security events
    The discovery of an event that violates a security policy on monitored traffic.
  • Violation
    An indication that a security event has taken place which violates a policy. A single security event can trigger multiple violations.
  • Alerts
    Notifications that an event or group of events (security events) have taken place that violate a policy.
Data activity monitoring Diagram
Data activity monitoring Diagram

User rights management

Imperva Data Security Fabric (DSF) User Rights Management enables you to scan your data store locations for granted user rights and display various details regarding these rights – such as who granted them, who received them, objects to which rights have been granted, and more. It then enables you to perform an organized review of these rights to determine if they are appropriate, approve or reject the granting of these rights, or assign them to another for review – and produce reports on the entire process.

User Rights Management (URM) is a capability that will assess database access entitlements. It helps satisfy SOX or PCI provisions requiring data access to be granted only to individuals who “need to know.” It looks at information about the data type, sensitivity, and other monitored information about the organizational context of the user. URM maps users and privileges to all the database objects across all organization databases.

Imperva DSF enforces user rights management based on data type and user role. You can also see the last time the user logged in and the last time privileges were used. The result allows you to quickly identify dormant users or rights that need to be disabled.

User right management diagram
User right management diagram

Software update

The Imperva Data Security Fabric (DSF) Software Update capability dramatically simplifies and streamlines the process of managing software updates in a large deployment and provides a user-friendly, secure, and efficient method of updating your entire installation – for both Gateways and Agents.

Imperva Data Security Fabric protects all data types with a single system that delivers multiple business capabilities

Imperva Data Security Fabric is the first data-centric solution that enables your organization's security and compliance teams to quickly and easily secure sensitive data, no matter where it resides, with an integrated, proactive approach to visibility and predictive analytics.

Imperva Data Security Fabric is composed of cutting-edge orchestrated technical capabilities that work in unison to protect your data across your entire organization:

Data Risk Prioritization

Data Discovery & Classification

Data Activity Monitoring

Data Risk Analytics

Data Retention & Archive

Ecosystem Integrations

Data Encryption & Tokenization

Static Data Masking

Automated Workflows & Playbooks