Applications and data are the main targets for modern attacks. Adoption of dedicated application and data security concepts, technologies and

Transcription

1

2 Applications and data are the main targets for modern attacks. Adoption of dedicated application and data security concepts, technologies and methodologies is a must for all enterprises. Hype Cycle for Application Security. Gartner Inc., July 2012

3 A Business Security Stack for the Data Center. Solving the business security problem requires a broad and fully integrated platform that monitors and protects critical applications and the data they use across various systems in the data center. External Customers, Staff, Partners Hackers Tech. Attack Protection Logic Attack Protection Fraud Prevention Application Security Vulnerability Scanning Web Apps Virtual Patching Data C Systems an Automated capabilities to discover and classify high-value business data User rights management capabilities to better align access rights with corporate policy Auditing and reporting capabilities that enable a separation of duties

4 5 Files Databases Data Security Usage Audit User Rights Management Access Control Internal Employees Malicious Insiders Compromised Insiders enter d Admins Discovery & Classification Privileged User Activity Audit Sophisticated technical and logical attack protection and anti-fraud technologies Deployment flexibility though physical, virtual and SaaS offerings to address complex heterogeneous data center environments Integrated and centralized management

5

6 Protecting Businesses from Data Theft, Insider Abuse, and Fraud. As organizations adopt new technologies and architectures that increase the sophistication and openness of the data center; they expose their businesses to new threats. Attacks targeting highvalue data and critical applications have increased in sophistication, scale and frequency. Unfortunately, existing network and endpoint security solutions are easily circumvented by sophisticated attacks and do not provide visibility into the usage of data and thus cannot address insider abuse. The solution is a new protection layer positioned closely around business data and application systems in the data center. Imperva is pioneering a new category of business security solutions that protect critical applications and data from theft, insider abuse, and fraud, while at the same time streamlining regulatory compliance. We provide a comprehensive solution for monitoring and controlling all data usage and business transactions across the data center, from storage in a database or on a file server to consumption through applications. At-a- Glance Founded: Stock Symbol: Headquarters: 2002 NYSE: IMPV Redwood Shores, CA Employees: Approximately 500

7 Application Security Solutions Your Website is constantly exposed to application security threats like SQL injection, XSS, DDoS attacks, and Web fraud. Unfortunately, most Web attacks can circumvent network security products like IPS and next generation firewalls; these products are not designed to patch application vulnerabilities or detect evasion techniques. To protect your Web applications, you need a dedicated application security solution that can stop all types of Web attacks including attacks that exploit custom application vulnerabilities. Applications and data are the main However, existing identity, endpoint and network security solutions are insufficient for their protection. Application Security Road Map Beyond 2012: focus of modern cyberattacks. Breaking Silos, Increasing Intelligence, Enabling Mass Adoption Gartner, Inc., June 22, 2012 Web Application Security Web bapp Apps D

8 Imperva offers a suite of products that continuously protect Web applications against attacks like SQL injection, XSS, DDoS, and Web fraud. From its market-leading Web application firewall to advanced reputation and fraud prevention services, to easy, flexible cloud-based security services, Imperva provides a comprehensive set of application security solutions that protect against the most dangerous application threats. Web Application Protection Securing Web applications against cybercriminals, hacktivists, and state-sponsored attackers is a neverending effort. Malicious users probe Websites around-the-clock looking for vulnerabilities. Automation tools like off-the-shelf attack toolkits and botnets make it easy to execute large-scale attacks. Application Virtual Patching Remediating application vulnerabilities can take weeks or months, leaving Websites exposed to exploit for long periods. With legacy, partner and packaged applications, it may not be possible to fix vulnerabilities. Web application firewalls can reduce application development costs and eliminate the window of exposure by quickly mitigating vulnerabilities. Web Fraud Prevention Preventing Web fraud requires a multilayer defense. With criminals leveraging a variety of fraud schemes, including identity theft, fraud malware, brute force attacks, and phishing, organizations must implement the proper defenses to protect users and data. Unfortunately, though, integrating multiple types of fraud into Web applications can take months and cost hundreds of thousands of dollars. A Web application firewall can reduce integration efforts and centralize fraud and application security management. Denial of Service Protection Distributed Denial of Service or DDoS attacks are growing in number and severity. With the proliferation of DDoS attack tools and botnets for rent, hackers can launch a DDoS attack for as little as $50 USD. DDoS security services can ensure that your Web applications are always available, even if you suffer a large-scale DDoS attack. Site Scraping Prevention Automated clients are inundating Websites; they are harvesting and republishing Web content, conducting online espionage, and inadvertently slowing down application performance. Since site scrapers look like regular human users, it can be difficult to stop scraping attacks through application controls alone. The SecureSphere Web Application Firewall can help. It includes multiple defenses that detect site scraping attacks and block bots and known malicious sources.

9 Data Security Solutions Businesses often deploy infrastructure security solutions such as firewalls and anti-virus products to achieve data protection, yet find these do not provide the visibility and control over data usage needed to be effective. As a result, some enterprises turn to manual processes based on native auditing tools. This approach proves to be expensive, unable to scale, and cannot deliver the separation of duties needed to satisfy auditors. For effective data security, enterprises need a layer of security positioned close to the data that can identify, prioritize and help mitigate risk. Data Theft Prevention Preventing data theft by insiders is essential to any effective data security strategy. Sensitive data is an attractive target and insiders can easily commit fraudulent activity. Therefore, preventing data theft requires monitoring user activity and restricting access to sensitive data based on business need. Sensitive Data Auditing Auditing sensitive data access is required to achieve compliance with government and industry regulations and privacy acts. While audit requirements vary between regulations, all consider sensitive data auditing a key control to protecting regulated data. Malware and Targeted Attack Defense When malware infects someone inside your organization, the results can be disastrous. Compromised insiders are usually unaware that malware is present and can provide criminals with unrestricted access to networks and sensitive data. To defend against malware and targeted attacks, you must monitor sensitive data and generate security alerts or block access when unacceptable data access activity is observed. International Data Privacy Global companies need to comply with an increasing number of national data privacy laws. Today, nearly 90 countries have national data privacy laws. This creates a significant data protection burden on multinational organizations. When data is accessed across borders, businesses need appropriate monitoring and controls to ensure compliance with national data privacy laws. Access Rights Reviews Access rights reviews, sometimes called entitlement reviews, reduce unwarranted data access by aligning user rights with corporate policy. Establishing an access rights review workflow helps organizations build a repeatable process for permissions management, which is required by regulations like PCI DSS and SOX. Organizations should maintain an audit trail of the entitlement review process by recording whether reviewers accept or reject existing access rights, and any permissions management changes that are required.

10 Imperva offers a comprehensive data audit and protection suite that prevents data theft, audits sensitive data and privileged users, strengthens data privacy, and manages user access rights. The Imperva suite provides automated monitoring and controls for all database and file usage, and integrates with a range of related data security products to protect high value data and streamline regulatory compliance. Files Databases Data Security In an extended enterprise where security doesn't control the users or the devices, security must take a data-centric approach. Navigate the Future of the Security Organization Forrester Research, Inc., February 14, 2012

11 Application Security Products Imperva s comprehensive suite of solutions for enterprise application and data security in the data center. Web Application Firewall (WAF) Protects applications from current and future security threats by combining multiple security engines into a cohesive Web defense.» Dynamically Profiles legitimate Web application usage» Alerts or blocks requests that: Deviate from normal application and data usage Attempt to exploit known and unknown vulnerabilities Indicate a sophisticated, multi-stage attack» Fortifies Web defenses with research-driven intelligence on current threats» Virtually patches applications via integration with vulnerability scanners. Add-on subscription services for SecureSphere WAF deployments. Reputation Services Fraud Prevention Services Aggregates reputation data and updates security policies to identify:» Malicious IP addresses» Anonymous proxies» TOR networks» Phishing URLs» Undesirable geographic traffic sources Integrates with leading endpoint device identification and anti-malware products to enable organizations to identify and block fraudulent Web activity. Easy and affordable cloud-based services that offer businesses a powerful way to protect critical Web applications. CloudWAF DDoS Protection Protects Websites and online applications against current and emerging threats, including SQL Injection, Cross-site Scripting (XSS), illegal resource access, malicious bots, and other OWASP Top 10 threats. Blocks malicious Denial of Service attack traffic and allows filtered, legitimate traffic to flow to the customer Website so business can continue without interruption.

12 Data Security Products SecureSphere Database Security Discovery and Assessment Server (DAS)» Detects database software vulnerabilities and mis-configurations» Measures compliance with industry standards and best practices» Identifies "rogue" databases and databases that contain sensitive data Database Activity Monitoring (DAM) Database Firewall (DBF) User Rights Management for Databases (URMD) ADC Insights SecureSphere File Security User Rights Management for Files(URMF) File Activity Monitoring File Firewall SecureSphere for SharePoint Includes Discovery and Assessment Server functionality» Delivers real-time, automated, scalable database activity monitoring, auditing and reporting for heterogeneous database environments. Includes Database Activity Monitoring functionality» Blocks external attacks and internal threats» Virtually patches vulnerabilities via integration with SecureSphere DAS Add-on module DAM and DBF» Evaluates user rights to enable the elimination of excessive privileges and dormant accounts Optimized templates for effective deployment of SecureSphere database products within organizations running complex enterprise applications such as Oracle E-Business Suite, PeopleSoft and SAP Sold as a part of the File Activity Monitoring and File Firewall solutions» Enables the management of user access rights across multiple different file storage systems» Evaluates user rights to enable the elimination of excessive privileges and dormant accounts Includes all User Rights Management for Files functionality» Delivers real-time, automated, scalable file activity monitoring, auditing and reporting of file access activity. Includes all File Activity Monitoring functionality,» Blocks suspicious activity that violates corporate policies» Guards against mistakes introduced at the access control list level Imperva s unmatched, multi-layered SharePoint security bundle that includes:» SecureSphere FAM and URMF to safeguard files, folders and lists,» SecureSphere WAF to protect against Web-based attacks,» SecureSphere DBF to prevent unauthorized access to the Microsoft SQL database at the core of SharePoint.

13 Cloud Deployment For customers that need to protect their online assets, but cannot deploy appliances into their Web hosting infrastructure, we offer cloud-based application security and denial of service protection. Our global network secures and optimizes traffic before passing it on to the customer s Websites.

14 Enterprise Deployment The SecureSphere Suite is built on a common modular platform, which includes a single operating system and common code base.» SecureSphere gateways are hardware or virtual appliances that are deployed in the network near the assets they are meant to protect.» SecureSphere agents capture activity on the database and file servers themselves and can work either independently or on combination with file and database gateways.» The SecureSphere MX Management Server provides a single, centralized point for aggregating and managing security policies, real-time monitoring, logging, auditing and compliance reporting as well as incorporating reputation Information from ThreatRadar and security updates from the Imperva Application Defense Center ( ADC ).

15 World Class Client Services The Imperva Support, Professional Services, and Training teams are staffed with qualified specialists that have years of experience deploying SecureSphere, training users, and supporting customers. These experts understand the complexity of IT environments and can help you plan and navigate all phases of your implementation. Imperva Client Services offerings are built on three programs: Imperva Product Support Imperva's global team of support engineers are experts in security and compliance delivering technical assistance for all Imperva products. Imperva offers 24x7x365 coverage to its customer base from our multiple support centers. Professional Services Security and compliance projects are expected to be delivered on tight deadlines and usually with limited resources. Imperva Professional Services provide the expertise you need to augment and maximize your staff s productivity, stay on-budget, and deploy on-time, resulting in the greatest possible return on your Imperva investment. Training Imperva s product training courses help increase the efficiency of your organization by empowering you with Our consultant has done the expertise you need. Expert instructors bring real-world deployment experience to the classroom, and students a tremendous job during interact with peers and learn from their experiences. our deployment. He is very Exercises are performed on products running in our cloud based training lab environment so you get hands-on knowledgeable and easy to work experience to reinforce what you learn in class. with and that is a valuable For organizations with large-scale deployments, Imperva combination! Imperva has Client Services can assist in the creation of an Imperva Center of Excellence. Imperva experts will work with your delivered everything as promised. technical teams to establish a nucleus of Imperva expertise Harvey Ewing, Vice President, Director - that will drive the success of your deployment, ensuring that Information Security, PrimeLending you are attaining maximum business value.

16 The Application Defense Center The Imperva ADC is a premier research organization for security analysis, vulnerability discovery, and compliance expertise. Keeping Up With Hackers Hackers are, by definition, innovators and early adopters who constantly tweak attacks or create new methods to bypass enterprise defenses. This fact poses a serious challenge for security teams hoping to stay ahead of current threats. To keep Imperva and our customers current, the ADC engages in research activities including.» Attack monitoring The ADC team uses live sites and honeypots to understand attacks of all flavors across the globe.» Hacker forum research The ADC analyzes the content of online discussions to provide insight into who and how hackers are targeting as well as their attack methods.» Vulnerability research The ADC regularly investigate database and Web vulnerabilities to help security teams proactively identify and patch issues. Turning Research into Value The ADC team applies the lessons learned from core research to provide product updates and enhancements to Imperva customers and a variety of informational tools to the larger security community.» Product Enhancements ADC research delivers the foundation for many Imperva capabilities.» Security Updates The ADC provides product updates including attack signatures, database vulnerability assessments and pre-defined compliance reports.» Hacker Intelligence Initiative (HII) Every month, the ADC publishes research to shed light on hacker trends and methods.» Web Application Attack Report (WAAR) Bi-annually, the ADC publishes the industry s leading report which investigates the tools and attack techniques used by hackers to breach Web applications.» Industry Presentations ADC s researchers regularly speak at the security industry s premier events and conferences.» Social Media The results of ADC research and other useful information are published in a variety of media, including the Imperva Data Security blog (blog.imperva.com) and Twitter.com/Imperva.

17 Company Highlights Our Mission Protecting business data and applications from theft, insider abuse, and fraud Our Market Segment Business Security Our Global Business» Founded in 2002» Global operations, HQ in Redwood Shores, CA» 500+ employees» Customers in 60+ countries Our Customers 2,000+ direct; Thousands in cloud-based deployment» 8 of the top 10 global telecommunications providers» 5 of the top 10 US commercial banks» 3 of the top 5 global consumer financial services firms» 4 of the top 5 global computer hardware companies» 200+ government agencies and departments» and 267 of the Global Revenue ($M) Customers * Statistics reported as of December 2012

18 94% of compromised data involved servers... Yet 95% of security spend doesn t address the data center. It's time to re-balance your security portfolio Imperva 3400 Bridge Parkway, Suite 200 Redwood Shores, CA Tel:

19 Copyright 2012, Imperva All rights reserved. Imperva, SecureSphere are registered trademarks of Imperva. #ImpStory-EN-1212rev1