Imperva enhances database activity monitoring with analytics

Imperva announced a new version of its SecureSphere database activity monitoring (DAM) solution that adds analytics intelligence to automate forensic and audit investigations. SecureSphere now provides near real time multidimensional views of audit data, collects native audit logs from new platforms, and bridges the gap between obscure SAP audit data trails and their associated business transactions.

To provide fast, reliable, and repeatable answers to baseline audit questions — Who, What, Where, When and How — SecureSphere now features Interactive Audit Analytics. This new capability enables non technical database auditors to analyze, correlate, and view database activity from virtually any angle with just a few mouse clicks. Now SecureSphere users can easily identify trends and piece together patterns that may conceal security risks or compliance problems. For example, Interactive Audit Analytics make it simple to:

• Analyze failed logins with 1 click to determine whether a brute-force attack has occurred and identify the source and destination of the attack.
• Investigate unauthorized operations with 1 click to pinpoint those that were successfully completed or resulted in SQL errors
• Track privileged activities with 1-3 clicks to confirm that DDL and DCL activities were performed at scheduled times and by appropriate users
• Analyze with 1 click the performance of database servers and long running SQL statements.

To extend its monitoring capabilities and eliminate changes to existing infrastructures, Imperva has added a third database audit collection mechanism called the native log collector. This capability complements Imperva’s existing network- and agent-based collection options to deliver the broadest and most flexible database auditing platform on the market.