We just raised a $30M Series A: Read our story

Imperva SecureSphere Database Security OverviewUNIXBusinessApplication

Imperva SecureSphere Database Security is the #2 ranked solution in our list of top Database Security tools. It is most often compared to IBM Guardium Data Protection: Imperva SecureSphere Database Security vs IBM Guardium Data Protection

What is Imperva SecureSphere Database Security?

Imperva SecureSphere Database Security:

  • Audits all access to sensitive data.
  • Alerts or blocks database attacks and unauthorized activities, in real time.
  • Detects and virtually patches database vulnerabilities.
  • Identifies excessive user rights and dormant users, and enables a complete rights review cycle.
  • Accelerates incident response and forensics investigations with advanced analytics.
Imperva SecureSphere Database Security Buyer's Guide

Download the Imperva SecureSphere Database Security Buyer's Guide including reviews and more. Updated: October 2021

Imperva SecureSphere Database Security Customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens

Imperva SecureSphere Database Security Video

Pricing Advice

What users are saying about Imperva SecureSphere Database Security pricing:
  • "They have introduced new price models, which makes the product more affordable now."
  • "This is an expensive solution and the price should be reduced."
  • "The price is very high but compared to the price of the overall solution, then I think it's a good deal because the solution itself is great."
  • "It is very expensive."

Imperva SecureSphere Database Security Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Derrick Akankwasa
Cyber Security Engineer at Isolutions Associates Ltd (ISOLS)
Real User
Top 20
Great discovery module feature; scans and blocks whatever is necessary

Pros and Cons

  • "The discovery module provides good visibility."
  • "Reporting could be improved."

What is our primary use case?

Most of our clients are banks and insurance and financial institutions that want to achieve compliance. They want to achieve auditing for their regulatory compliances as well. On the database side, that includes being able to monitor DBS and to block certain activities on the DVF. On the application side, it also has to be preventative and that's also part of compliance. This solution enables clients to achieve data security, whether on cloud or on prem. We offer support services and we are a service provider for database security through Imperva and also application security through Imperva to our clients. I'm a cyber security engineer and we are gold partners of SecureSphere DS. 

What is most valuable?

I would say the discovery module is the most valuable feature as it provides good visibility of the database environment to particular sites. It scans the entire front of the environment to detect any new databases found just to make sure there are not any malicious things going on. I think it's a very powerful tool in that sense. It also helps that the solution is able to block queries that are able to be run by given database administrators on databases and manages user rights. 

What needs improvement?

I've been part of various projects and also interact with clients because I do pre-sales. Most of the feedback I receive relates to clients wanting to see an improvement in the reporting. They like the ability and functionality of the solution but they feel the reporting is lacking. The general feeling is also that the GUI has been the same for a very long time and there is room for improvement there. It could look a little better and then if the reports are also improved that would make a big difference all round. 

From a basic implementation point of view, there are some features that are very technical, clients want everything very granular and they always say Imperva bundles everything. You do a signature, and ABC updates and you trust what the ABC is doing. I think if it were a little more granular and detailed in terms of how, for example, a query stream is being detected or something like that, rather than just blocking something, it would give the administrator a better view and understanding of what's happening. 

For how long have I used the solution?

I've been using this solution for almost a year. 

What do I think about the stability of the solution?

The physical appliances are always very stable. In terms of CPU usage, things like the gateway load, payway load, they come with a little bit more capacity on that front. I think the issue always comes with the virtual appliances where you may run out of space, or maybe there are new versions of whichever hypervisor you are running that could change and maybe affect the virtual machines running on top. On the physical side, there's never an issue, it's stable. 

What do I think about the scalability of the solution?

Database security is highly scalable because depending on the number of sites available, you're able to assume that you have the running agent. You can then access the IP for the gateway, you can log in your logs which are managed by the NX, so it's all fine. It's highly scalable for the database. I think even if you have branches all over the country, you can manage them centrally where you have agents monitoring whichever database is allocated to whichever site. We have deployed over 60 projects all over East Africa. I currently handle four, which are two application and two database.

How are customer service and technical support?

Their technical support is good and the response is guaranteed until the problem is solved. I think when it comes to response time, it's always very quick. Maybe just one simple criticism would be that it's very hard to get a remote station with them and everything is always email and sending logs. I'd like to see more hands-on and direct contact with the environment. 

How was the initial setup?

Complexity really depends on the client's environment, but I would say the initial set up for basic deployment of the components should take roughly six working days. It has to be integrated with everything. Installing links to all the other databases could take maybe another 10 work days, so around two weeks. I do the deployment. 

What's my experience with pricing, setup cost, and licensing?

Customers are very, very satisfied with the licensing costs and there's not really anyone that competes with Imperva so the clients are very happy. Their requirements are covered. 

What other advice do I have?

I would definitely recommend Imperva. I swear on it and try to pitch Imperva every time. I know its abilities, I know what you're going to get. I know how user friendly it is. It's easy to create policies. Reports are very okay. It's got various compatibilities, desk deployment, so Imperva is what I would recommend. 

I would rate this solution a nine out of 10. 

Disclosure: My company has a business relationship with this vendor other than being a customer: partner
EA
Core Banking Application Support at a financial services firm with 10,001+ employees
Real User
Top 20
Good granular auditing, but have had issues with the WAF and do not find it user friendly

Pros and Cons

  • "Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do."
  • "The solution is expensive."

What is our primary use case?

We primarily use the solution for monitoring database activities.

What is most valuable?

Currently, we have audit features for auditing databases, for example, granular auditing, which we really enjoy. We've been using it to check what users do. 

Apart from the WAF, which we've had issues with, every other feature we've been able to use very well. We use it for scanning databases, which is perfect. We need to run vulnerabilities counts as well, and this solution is great for that.

What needs improvement?

The feature right now that we have not been able to use successfully is the firewall aspect, the WAF.

In terms of the WAF, we tried their blocking functionality at some point, and our entire company came to a halt due to the fact that it was blocking even database connections. It was hanging our databases. Until now, we've not been able to fully use their database blocking functionality very well. That is the only aspect that I wish could be improved tomorrow.

The entire system is not user-friendly for me, and definitely not as user-friendly as Oracle Vault. It should be more user-friendly, to make it much more competitive in the space. 

The technical support is not offered by the company itself. Rather, you can only get technical support via partners. It isn't that good and because of this, we want to leave the product.

The solution is expensive.

If we can look at a system that can do 360 annual. There is an app call bridge that is something they've introduced, however, we don't have that yet. I don't know if that is able to do application monitoring as well, but I wish they had a feature that could do both the database and application monitoring.

For how long have I used the solution?

I've been using the solution for about four to five years now.

What do I think about the stability of the solution?

The stability is okay. I don't recall any kind of bug or glitch. It doesn't freeze or crash. Aside from issues with WAF, it's good.

What do I think about the scalability of the solution?

The scalability is fine for our purposes. We are able to modify the product, and we are able to do things to suit what we need, so it's okay for us. If I were to rate them out of ten on scalability, I'd give them a six.

How are customer service and technical support?

One of the reasons we want to leave this solution is the fact that we don't have any technical support whatsoever. If there was some on offer, it might convince us to stay. Technical support is typically handled by partners, and they do not do a good job. We've been trying to reach the parent company directly because we are unsatisfied with the level of service we've received and we've had no luck. Therefore, we'll probably leave the service altogether.

What's my experience with pricing, setup cost, and licensing?

The solution is pretty pricey. It's not the least expensive option. An organization will have to ensure they have the budget to cover the cost or having the product. I'd say that the amount of money they charge is unreasonable sometimes. If I were to rate them out of ten on pricing, I would give them a one.

Which other solutions did I evaluate?

We're currently looking to move away from Imperva. We're considering Audit Vault.

What other advice do I have?

The solution is okay, however, there is a lot to be improved upon. For that reason, I'd rate them five out of ten overall.

It's not a bad tool. It's a good tool. I tend to recommend it to others, however, if you're a small company, it may not make sense due to the fact that it is quite expensive.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Learn what your peers think about Imperva SecureSphere Database Security. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,721 professionals have used our research since 2012.
DK
Technical Account Manager at a tech services company with 201-500 employees
Reseller
Top 5Leaderboard
The company's focus on their market sector makes them stand out from the competition

Pros and Cons

  • "The technical support for Imperva is super, super, super."
  • "They have very good documentation and knowledgebase resources that add to the depth of their support."
  • "The company focuses on and has a passion for security."
  • "Imperva needs to improve their cloud capabilities."

What is our primary use case?

We primarily use the product for data security.  

What is most valuable?

The feature that I have found the most valuable is the firewall component.  

What needs improvement?

What I would like to see improved is Imperva making further development in terms of them going to the Cloud. Our business is moving to the cloud, so we want to have cloud availability as an option. Imperva can do the cloud database, but they are still working at building it out and it does not seem to me to be fully operational.  

For how long have I used the solution?

We have been using Imperva for a little bit more than six years.  

What do I think about the stability of the solution?

We are experiencing good stability with this product. We have not had any crashes and no major problems navigating its management.  

What do I think about the scalability of the solution?

I think that SecureSphere is very scalable. Across our whole company, everyone is using it. We are 50 people. Right now at this size, we only require two people for maintenance.   

How are customer service and technical support?

The technical support for Imperva is super, super, super. They have a very experienced support team. They can diagnose all of our issues and are always very fast. They have very good documentation and knowledgebase resources that add to the depth of their support.  

Which solution did I use previously and why did I switch?

I have previously used McAfee as a similar solution. We decided to switch because McAfee is a little bit tricky to get to work the way it should work. I had experience with their version 6.4 solution and it used a lot of resources and had too much overhead.  

How was the initial setup?

The initial setup is moderately difficult. You have to understand the database and how the database communicates and also some knowledge about the platform. For example, if you have got the Unix environment you have got to understand how to work with that together with the product.  

What's my experience with pricing, setup cost, and licensing?

Initially, SecureSphere was expensive but they have incentives on their packages now. They have introduced new price models, which makes the product more affordable now. It is now at a pricing level in the range where most people are looking for this type of solution.  

Which other solutions did I evaluate?

Before choosing Imperva, we did evaluate other options including IBM Guardian Data Protect and also Oracle Audit Vault. In the end, we finally made the choice to go with Imperva first of all because they are a company that is very much into digital security. Security is the central focus of their business, so that is one of their strong areas. Then their product support is one of the best. The solution is very advanced in terms of comparing their available resources and training to other companies. These resources make it a very complete solution.  

What other advice do I have?

Imperva Security Sphere is something that I recommend any day, anytime because they are very much focused on security as a passion. So you find it has tons of capacity for scalability. It is focused on security. Even the solution's usability is very good.  

On a scale from one to ten (where one is the worst and ten is the best), I would rate this product as a nine scored out of ten possible points.  

Features that I would like to see to make it to ten-out-of-ten means that they will need to add a few things. First, they need to onboard database encryption features. Then they need to add some of the other features which they do not have that other competitors already have. They can do more to offer a broader range of features and be more feature-rich.  

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
AZ
Information Security Analyst at a financial services firm with 501-1,000 employees
Real User
CounterBreach detection feature is a key benefit for us; management of the solution can be a challenge

Pros and Cons

  • "The integration with CounterBreach is great."
  • "Database security from the access management perspective could be better."

What is our primary use case?

Our use case for the solution is for monitoring, reporting and access management as well as looking for alerts in anomalies of behavior. I'm an information security analyst and we're a customer of Imperva. 

What is most valuable?

The integration with CounterBreach, which is the anomalous behavior detection feature, is the coolest thing and it's quite user friendly as far as the console goes. 

What needs improvement?

I think the biggest challenge with their product is the management of it. Not that it needs a lot of engineering, but it requires a lot of upkeep and deployment of a lot of servers that require regular updating. If you want to make any changes it's a lot of work to get things moving. I personally find it quite difficult to work with in that regard.

The product would be better with improvement to the database security from the access management perspective. A lot of it falls into content on the database and is difficult to retrieve. Also, looking into databases themselves, table sets and data sets and being able to retrieve that information.

For how long have I used the solution?

I've been using this solution for a couple of months. 

What do I think about the stability of the solution?

I think it's a pretty stable product, but there's a lot you need to know about it. It's not like most fast products that you can just log in and get a feel for. You have to really get an understanding of how it was set up and the policies that are in place on it. 

How are customer service and technical support?

The technical support is all right. They're not great, they're not terrible.

What other advice do I have?

I would recommend including the entire team on the initial implementation because it's something that's not easy to pass along down the road. There's a lot to understand initially, and to upkeep it you have to know all that information.

I would rate this solution a seven out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
KW
Deputy Director/IT Infrastructure & Security at a educational organization with 1,001-5,000 employees
Real User
Top 20
Good in terms of stability, but it is expensive and would benefit from better integration with other environments

Pros and Cons

  • "This is a stable product."
  • "I would like to see integration such that there is support for different kinds of environments, such as on-premises versus cloud."

What is our primary use case?

Our primary use for this product is as an application firewall.

What needs improvement?

The system reports vulnerabilities in my vulnerability assessment, but I need something to generate warning messages.

I would like to see integration such that there is support for different kinds of environments, such as on-premises versus cloud.

For how long have I used the solution?

We have been using Imperva SecureSphere Database Security for more than five years.

What do I think about the stability of the solution?

This is a stable product.

What do I think about the scalability of the solution?

We are not concerned with scalability because we do not have the need.

How are customer service and technical support?

We don't speak directly with the vendor. We only call the managed solution provider.

Which solution did I use previously and why did I switch?

We did not use another similar product prior to this one.

What about the implementation team?

This is a managed service, so I did not handle the installation.

What's my experience with pricing, setup cost, and licensing?

This is an expensive solution and the price should be reduced.

What other advice do I have?

We may or may not continue using this product in the future, and I may recommend it to others, depending on their environment.

I would rate this solution a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
RS
Presales Engineer at gwc networks
Real User
A comprehensive monitoring and auditing solution

Pros and Cons

  • "It has a very user-friendly interface that's very detailed."
  • "Overall, it's a very good product but they could do with some modifications log-wise."

What is most valuable?

It has a very user-friendly interface that's very detailed. 

What needs improvement?

Overall, it's a very good product but they could do with some modifications log-wise — it should be more comprehensive. Otherwise, 95% of the product is very good.

The interface could be more user-friendly.

For how long have I used the solution?

We have been using this solution for roughly two to three years.

What do I think about the scalability of the solution?

Imperva SecureSphere Database Security is both completely scalable and stable.

How are customer service and technical support?

I don't have much experience with technical support, but when I have spoken with them, they have been helpful.

How was the initial setup?

The initial setup was very straightforward; not complex at all.

Deployment time varies, but in terms of implementation, it's a very good product. There is no hectic environment during the implementation. It is a very straightforward implementation.

What's my experience with pricing, setup cost, and licensing?

The price is very high but compared to the price of the overall solution, then I think it's a good deal because the solution itself is great.

What other advice do I have?

I would highly recommend this solution. It's a very expensive solution, but if you have the budget for it, I would definitely recommend Imperva Database Security.

On a scale from one to ten, I would give Imperva Database Security a rating of nine.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
AP
Chairman & CEO at a tech vendor with 51-200 employees
Real User
Top 20
A stable solution with cyber intelligence feature for preventing threats to the database

What is our primary use case?

We use it to prevent threats to the database. It is like a firewall in front of the database servers.

What is most valuable?

The cyber intelligence feature is the most valuable. 

What needs improvement?

It is very expensive. Its price can be better.

For how long have I used the solution?

I have been using this solution for three years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is easy to scale technically, but it is so expensive.  We have about five administrators who use this solution.

How are customer service and technical support?

Their technical support is very good. In a few situations, they took too long to respond. I would rate them a nine out…

What is our primary use case?

We use it to prevent threats to the database. It is like a firewall in front of the database servers.

What is most valuable?

The cyber intelligence feature is the most valuable. 

What needs improvement?

It is very expensive. Its price can be better.

For how long have I used the solution?

I have been using this solution for three years.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

It is easy to scale technically, but it is so expensive. 

We have about five administrators who use this solution.

How are customer service and technical support?

Their technical support is very good. In a few situations, they took too long to respond. I would rate them a nine out of ten.

How was the initial setup?

The initial setup is easy. It took us four weeks to deploy it.

What's my experience with pricing, setup cost, and licensing?

It is very expensive.

What other advice do I have?

I would advise others to use a professional service to certify for the latest implementations. I would rate Imperva SecureSphere Database Security a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
GD
Information Security Specialist with 51-200 employees
Real User
It is user-friendly, stable, and scalable

What is our primary use case?

It is mainly used for database activity monitoring. Some customers use it to monitor all transactions in the database, such as privilege operations, grant commands. They collect all the data and see all transactions and store them. Sometimes, they also use security alerts with the database update monitoring, but generally, it is used only for regulations.

What is most valuable?

It has a user-friendly interface. It is a stable and scalable product. 

What needs improvement?

Its reporting can be improved. The reporting feature is currently not good enough for our clients.

For how long have I used the solution?

I have been using this solution for about five years.

What do I think about the stability of the solution?

Stability is its main…

What is our primary use case?

It is mainly used for database activity monitoring. Some customers use it to monitor all transactions in the database, such as privilege operations, grant commands. They collect all the data and see all transactions and store them. Sometimes, they also use security alerts with the database update monitoring, but generally, it is used only for regulations.

What is most valuable?

It has a user-friendly interface. It is a stable and scalable product. 

What needs improvement?

Its reporting can be improved. The reporting feature is currently not good enough for our clients.

For how long have I used the solution?

I have been using this solution for about five years.

What do I think about the stability of the solution?

Stability is its main feature. There aren't any stability-related issues.

What do I think about the scalability of the solution?

It is scalable.

How are customer service and technical support?

I have contacted them. Sometimes, they are good, and sometimes, they are not. 

How was the initial setup?

The initial setup was really easy. It took us two hours to deploy. 

What other advice do I have?

I would recommend this solution. I would rate Imperva SecureSphere Database Security a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Product Categories
Database Security
Buyer's Guide
Download our free Imperva SecureSphere Database Security Report and get advice and tips from experienced pros sharing their opinions.