London, UK: Imperva, Inc., has launched its Imperva SecureSphere 11.5. The latest release of the industry-leading SecureSphere platform, which includes Web Application Firewall and Database Activity Monitoring, is designed to block attacks that attempt to compromise web application user accounts, extends SecureSphere data protection to Amazon Web Services and adds data protection for next generation big data engines.
Cloud adoption, consumerization, and bring your own device (BYOD) programs fundamentally alter traditional enterprise security threat models. The data cybercriminals are after is no longer housed only in traditional databases within enterprise data centers, but is exploding into public clouds, and into next generation big data engines. Simultaneously, cyber criminals are leveraging vast databases of known user credentials and sophisticated automation to systematically take over web application user accounts and then commit fraud or launch further attacks. SecureSphere 11.5 adds critical new capabilities to defend enterprise data and applications against the attacks of this “new normal” threat landscape.
“Enterprise data has evolved beyond traditional data centers and relational database constructs,” said Mark Kraynak, Chief Product Officer, Imperva. “SecureSphere 11.5 directly protects sensitive enterprise data regardless of whether it is stored on-premises or in the cloud, in traditional enterprise databases or new big data engines. Similarly, cyber criminals have evolved beyond a reliance on end point, network and even application vulnerabilities to direct compromise of application user accounts. We have evolved our leading Web application firewalls to match changes in cyber-criminal behavior.”
According to the 2015 Verizon Breach report, over 50 percent of successful web application attacks involved compromised user credentials. To address this reality, Imperva is also announcing a new subscription service, ThreatRadar Account Takeover Protection that enables SecureSphere Web Application Firewall to protect web application accounts from being compromised. ThreatRadar Account Takeover Protection combines real-time:
Awareness of credentials known to be compromised from past breaches;
Knowledge of login device reputation and risk, for example, understanding that the device is jailbroken or associated with past fraud activities;
Detection of credential stuffing and dictionary attacks against passwords; and
Analysis of behavior across multiple devices and accounts.
These capabilities combine to identify account takeover attempts and compromised accounts, and protect against hackers before they gain access to protected web applications and services. This real-time threat intelligence, combined with the existing ThreatRadar Reputation and Bot Protection services, enables SecureSphere Web Application Firewall to accurately protect against account takeover attempts, and limits the ability of cyber criminals to access critical data and perform fraudulent transactions.
In addition to account risk, today’s threat models add the complexity of sensitive data being housed in next generation big data engines, as well as moving out of datacenters and into IaaS clouds. SecureSphere 11.5 addresses this by adding:
Database Activity Monitoring and Database Firewall for Amazon Web Services – As enterprises move valuable data onto Amazon Web Services, the world’s most popular IaaS cloud, both hackers and auditors will follow. SecureSphere 11.5 provides data monitoring, and event alerting and reporting, and is designed to block unauthorized data access across AWS and on-premises data centers. With SecureSphere Web Application Firewall and SecureSphere data protection both available on AWS, enterprises get consistency in the cloud and on-premises to save time, improve productivity, and ultimately increase security and compliance accuracy in today’s hybrid cloud environments.
SecureSphere Data Protection for Big Data – When it comes to meeting security and compliance requirements for protecting data, coverage is critical. Today, many organizations do not have sufficient data protection for emerging big data deployments, leaving them at risk for data breaches and compliance-related penalties. SecureSphere 11.5 includes data monitoring for leading big data engines including Cloudera, Hortonworks, IBM BigInsights and MongoDB. This enables customers to efficiently demonstrate big data compliance through automated processes, audit analysis, customizable reports and an efficient approach to monitor big data activity.
“Today’s threat landscape requires a holistic approach to directly protecting apps and the data behind them from attack and theft,” said Scott Crawford, Research Director of Information Security, 451 Group. “The enterprise security posture must account for the inherent insecurity of user credentials and sensitive data sprawl beyond highly controlled data centers and traditional database engines. SecureSphere 11.5 offers broad coverage with protection for web applications, web application user accounts, and data across structured, unstructured, semi-structured, and cloud repositories.”