Imperva SecureSphere Database Security Overview
Imperva SecureSphere Database Security is the #1 ranked solution in our list of top Database Security tools. It is most often compared to IBM Guardium Data Protection: Imperva SecureSphere Database Security vs IBM Guardium Data Protection
What is Imperva SecureSphere Database Security?
Imperva SecureSphere Database Security:
- Audits all access to sensitive data.
- Alerts or blocks database attacks and unauthorized activities, in real time.
- Detects and virtually patches database vulnerabilities.
- Identifies excessive user rights and dormant users, and enables a complete rights review cycle.
- Accelerates incident response and forensics investigations with advanced analytics.
Imperva SecureSphere Database Security Buyer's Guide
Download the Imperva SecureSphere Database Security Buyer's Guide including reviews and more. Updated: June 2021
Imperva SecureSphere Database Security Customers
BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens
Imperva SecureSphere Database Security Video
Filter Archived Reviews (More than two years old)
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
CEO at eLAAB Limited
Jun 16, 2019
A comprehensive firewall and data security solution package with superior reporting capability
What is our primary use case?We generally use Imperva as a database firewall and for activity monitoring. The solution has to fit the organization first. Once we know the product is a fit, we support in the creation of reports. We look at the core users (administrators, auditors, accountants, etc.) who need to get information and we look at the responsibility matrix. Our responsibility is the database and we try to implement the total solution for an organization. This means reports are created for the specific needs of, say, IT security administrators, top management, IT guys, etc. This shows each group or individual… more »
Pros and Cons
- "Flexible reporting allows for customization that keeps the admins from having to interact with system automation."
- "Performance can be slow under heavy loads, but this should be adjusted by scaling."
What other advice do I have?Imperva is a good product if you look at its core functionality and the way it's built. It's a newer product and very consistent. Oracle has been around a long time and may suffer from that legacy a little. If clients want a product which covers all database management systems, then Imperva can work out of the box. Ideally, you can deploy within a day or two of signing a contract. Implementation time with Imperva is much shorter than with Oracle. I think I would rate Imperva a nine out of ten, despite the occasional performance issues. It delivers on the core functionality. If it's running…
Senior IT Security Specialist at National Water Company
Jun 12, 2019
Assesses the vulnerability of the database while it is running
What is our primary use case?The primary use for our company is to enable the auditing on the DB level. The main target is to track the activities happening and by whom on critical tables. Based on that requirement, we purchased this database auditing solution because it was specific to Oracle for auditing purposes.
Pros and Cons
- "A solution which does what other name brand products do for a lower cost."
- "The interface is not user-friendly."
What other advice do I have?I would give Imperva an eight out of ten as a solution. It meets our requirements equally to what we got from IBM Guardium which we went with based on little more than their name. In a later review, we considered Imperva and realized that both products had almost the same features. If the same functionality is provided by both, it is hard to justify the more expensive product. Now we will save the extra money. At that time, the administrator was not comfortable with the change to Imperva but we provided official training from Imperva. He had experience with other solutions for database…
Learn what your peers think about Imperva SecureSphere Database Security. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
511,307 professionals have used our research since 2012.
Arash Azari Samani
Unix System Administrator at a financial services firm with 1,001-5,000 employees
A scalable solution that helps to secure our web-based financial applications
What is our primary use case?Our primary use for this solution is securing banking web applications. It protects the web service of one of the big Internet banks in Iran.
Pros and Cons
- "This solution has helped secure our Internet-based services, protecting us against DoS and other types of web-based attacks."
- "The GUI for this solution could use some improvement."
What other advice do I have?Imperva is a product leader in this line, and it is very good. In fact, I have experience with other products, and I would say that this solution is best-in-class. If we had support then this solution would be perfect. I would rate this solution a nine out of ten.
CTO- Consulting Services at 2bsecure
Jun 7, 2019
Provides valuable security when it is properly implemented and maintained
What is our primary use case?My team and I deploy this solution for customers. In Israel, I'm the team leader of the whole Application Security Division.
Pros and Cons
- "The most valuable feature of this solution is the database security policy."
- "Technical support for this solution needs improvement."
What other advice do I have?My advice for anybody implementing this solution is to know what you are doing before deploying. You need to learn the security concept of this product. You need to know what you want to protect, and then learn how to protect it. You cannot just deploy this solution and leave it like that. You need to know how to maintain this product. Things are being constantly improved in this solution, but there is no such thing as perfect. I would rate this solution eight out of ten.
IT Security at rmrf-tech
Jun 5, 2019
Provides us with the tools we need to defend against Botnets and DDoS attacks
What is our primary use case?I am using Imperva in different projects for application defense.
Pros and Cons
- "The functionality is very useable and easy to understand."
- "It would be better to update the solution by using a GUI that guides me, rather than through a CLI."
What other advice do I have?There are many functions in this solution that I do not use at this time. This is a fine product, and one of the best. We needed it for DDoS protection and for Botnet protection, and all of this works fine. I would rate this solution an eight out of ten.
Software Developer at a tech services company with 201-500 employees
Jun 3, 2019
Good Integration between components helps us to meet the needs of our customers
What is our primary use case?I use this solution to discover missing data, and to find weaknesses or miscalculations in my database standards.
Pros and Cons
- "It has a lot of different components that cover the needs of our customers."
- "Integration with other databases or third-party products would be useful."
What other advice do I have?My advice is to do a POC before implementing this solution. I would rate this solution an eight out of ten.
Project Manager at a energy/utilities company with 10,001+ employees
Mar 31, 2019
Policies and alerts allow us to detect malicious activity in critical databases
What is our primary use case?The primary use case is specific to database security through log auditing, to identify the actions performed by various users. That gets logged. Then policies are used to see whether any action performed by a database user is below a threshold or above a threshold; whether there should there be an alert because of it. It is used by specific teams within our organization to monitor activity, to see whether there is any malicious activity or a user who's not supposed to be performing a certain action.
Pros and Cons
- "The tool happens to be very intelligent when it comes to processing policies and sounding alerts. It allows us to implement policies and measure actions against them, raising alerts accordingly."
- "The only challenge I see is that SecureSphere is deployed on servers or databases which are held on physical infrastructure. However, there are databases which are hosted on cloud platforms and Imperva has a separate tool altogether for that, not SecureSphere."
What other advice do I have?My advice is to go to IT CentralStation and download the report on database security tools. In general, it's all about the policies that you put into the tool to get the output. The tool itself is pretty smart. As someone who is designing the policies or the outputs or the queries, it is like putting a query into a SQL database to get the results. The better or more optimized the query is, the better output you will receive, and so it goes with this solution. When selecting a vendor, pricing, of course, is the most important thing to look at. Then, you look at the scalability options, at how…
Operator at Halliburton
Jul 10, 2017
Allows people to secure data, while seamlessly allowing the distribution of that data in an effortless manner.
Pros and Cons
- "I like Imperva SecureSphere platform forms. Imperva SecureSphere is the foundation for SecureSphere data, file and web application solutions."
- "SecureSphere activity log can be used with Imperva CounterBreach in an effort to protect enterprise data from theft and loss caused."
What other advice do I have?Imperva SecureSphere provides great options to secure data and would not hesitate to use it.
Network And Security System Administrator at a international affairs institute with 1,001-5,000 employees
Feb 24, 2017
Monitors and protects internet banking applications. Provides the option of deployment architectures.
What other advice do I have?We recommend implementing it.
Regional Sales Engineer at a tech company with 1,001-5,000 employees
Feb 19, 2017
Offers flexible deployment modes and custom policy creation.
What other advice do I have?For DAM, I recommend that you invest proper resources in the business part of the project. It is very important to set expectations properly.
Feb 16, 2017
Facilities data enrichment and process automation. It manages cluster capacity.
What other advice do I have?Give it a try. Write down your requirements as detailed as possible, and perform a PoC using this list. If you find gaps that require additional development, it could take some time until you actually get it.
IT Security Consultant at a tech company with 501-1,000 employees
Feb 14, 2017
Blocks external and internal attacks on protected servers in real time.
What other advice do I have?They must take into account that this solution, like others, must be sized correctly. If they do not size the solution correctly, they might have some issues.
L3 Application Support Analyst at a financial services firm with 1,001-5,000 employees
Feb 14, 2017
I believe the most valuable feature is the GUI. If load is big and there are advanced filtering rules in place, gateways or MX can crash.
What other advice do I have?Use the newest version (at the moment I think it is 11.5) and pay extra for staff training and additional consultation on how to set up rules, etc.
Senior Security Analyst at a tech services company with 10,001+ employees
Feb 8, 2017
The level of detail allows resources managing devices to determine whether activity is a legitimate concern. In the current environment, rebranding exported PDF files is a pain.
Senior Analyst at a consultancy with 10,001+ employees
Jan 26, 2017
You don’t need to run scans by logging into different databases. It is monitored through the centralized console.
What other advice do I have?You should follow both the guide and the tutorials. The tool is handy only if it is implemented properly. Implementation is a bit complicated; hence, it is advisable to create documentation alongside. It would be more beneficial to use the directory present on the Imperva site before logging for any issues.
Senior System Engineer at a financial services firm with 1,001-5,000 employees
Jan 3, 2017
We found new patterns of user behaviour and corrected authorisations.
What other advice do I have?We are very satisfied with this product. It's simple to use, customize and administer. Installation is simple and easy, even on mainframe.
Sep 6, 2016
It relies on signature-based policies, as well as on a web correlation engine.
What other advice do I have?Doing the initial Imperva training before putting your hands on the product helps a lot. Getting assistance from Imperva during the initial stage of your new environment is highly recommended.
Senior Database Administrator at a media company with 1,001-5,000 employees
Sep 5, 2016
It helped us classify our large inventory and apply additional security controls based on the data classification.
What other advice do I have?Out of the box, Imperva comes with a lot of security modules & features that straight away add value to your organisation’s security objectives. That’s just the beginning in my opinion. There are enough customization options available for administrators to get Imperva to work for them the way they want it to. The ability to use custom scripts for scans and the ability to use TCP-level capture of database events are excellent features to use in an enterprise.
Assistant lead - Security Operations at a comms service provider with 10,001+ employees
Aug 31, 2016
The technology includes unique correlated attack validation. My suggestion to Imperva: Improve the UI.
What other advice do I have?Before implementing this product, get your hands dirty with the world wide web. The more you know about the internet, the more useful it is.
Security Engineer at a tech company with 1,001-5,000 employees
Aug 31, 2016
Most of the configuration is out-of-the-box and the security policies it offers are granular.
What other advice do I have?It is the best product for cyber security & forensic investigation for external and internal threat identification and prevention.
ERS Consultant at a consultancy with 10,001+ employees
Aug 31, 2016
It covers the legal obligations for Turkish banks and fulfills requirements for our clients.
What other advice do I have?SecureSphere fulfills so many requirements for our clients. Additionally, if they want to evaluate and correlate data more comprehensively, they can use this product with SIEM tools such as ArcSight or Splunk.
Security Professional with 501-1,000 employees
ConsultantTop ReviewerTop 5
Dec 30, 2015
With the audit log system, it can secure an audit trail from privileged users with user logs on a physical server, but the UX is not great and sometimes confusing.
Officer- Informations Systems Security Audit at a government with 501-1,000 employees
Jun 22, 2015
It provides you with audit logs for changes to the database.
What other advice do I have?Implement this product across all systems running applications as access to one unprotected system can be elevated to a protected one. Also, have reports produced frequently using the tools available in the system and analyze them to know and investigate the sources of attacks the WAF has blocked. That's because they could be internal indicating a compromise or a malicious user within. Ensure that your SharePoint environment is also protected as though it may be internal, attacks can be directed at it.
Information Security Compliance Manager at a financial services firm with 10,001+ employees
Jun 4, 2015
This is a very complex solution with a wide range of capabilities.
What other advice do I have?Ensure the vendor clearly captures your specific database monitoring requirements and that might include importing the metadata of the database for proper monitoring. Training should be included in the implementation budget as this is a very complex solution with a wide range of capabilities.
May 28, 2015
It's a pretty decent product but the learning mode feature should be improved.
What is most valuable?The alerts on threats and system statuses.
How has it helped my organization?I can drill down/troubleshoot errors much quicker.
What needs improvement?Design/ease of the learning mode feature.
For how long have I used the solution?I have used the product for about a year.
What was my experience with deployment of the solution?No, the engineer did a very smooth job at deployment.
What do I think about the stability of the solution?No I have not.
What do I think about the scalability of the solution?No I have not.
How are customer service and technical support?Customer Service: 8/10. Technical Support: I haven’t had an issue in the year I have used the product.
Which solution did I use previously and why did I switch?I did,…
Operations Consultant at a financial services firm with 10,001+ employees
May 26, 2015
Sometimes convincing the engineering team that there was a problem was a bit harder than it should have been, but the on-site engineers who supported the implementation were excellent.
What other advice do I have?Go through the POC process and test all ITIL processes to ensure you understand what will be required for the entire lifecycle of implementation/support. Engage with DBA teams to provide DBA support and knowledge. If it's possible, ensure there are people who understand databases on the SecureSphere support team.
Product CategoriesDatabase Security
Download our free Imperva SecureSphere Database Security Report and get advice and tips from experienced pros sharing their opinions.