How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
Our primary use for this product is as an application firewall.
We use it to prevent threats to the database. It is like a firewall in front of the database servers.
Most of our clients are banks and insurance and financial institutions that want to achieve compliance. They want to achieve auditing for their regulatory compliances as well. On the database side, that includes being able to monitor DBS and to block certain activities on the DVF. On the application side, it also has to be preventative and that's also part of compliance. This solution enables clients to achieve data security, whether on cloud or on prem. We offer support services and we are a service provider for database security through Imperva and also application security through Imperva to our clients. I'm a cyber security engineer and we are gold partners of SecureSphere DS.
It is mainly used for database activity monitoring. Some customers use it to monitor all transactions in the database, such as privilege operations, grant commands. They collect all the data and see all transactions and store them. Sometimes, they also use security alerts with the database update monitoring, but generally, it is used only for regulations.
We primarily use the product for data security.
We primarily use the solution for monitoring database activities.
Our use case for the solution is for monitoring, reporting and access management as well as looking for alerts in anomalies of behavior. I'm an information security analyst and we're a customer of Imperva.
The primary use case is for database monitoring. We are also using the blocking part, which is used for: * Any suspicious activities which are done, such as delete command and query command, outside the admin, the solution is supposed to block them. * The blocking of compromised databases through cloning. Blocking will not allow the cloning. We use it for blocking and auditing. Our job is monitoring. We are a government entity and provide services to other ministries. We use Imperva for its Database Activity Monitoring and File Integrity Monitoring tools. We have also enabled Database Firewall.
Our primary use for this solution is securing banking web applications. It protects the web service of one of the big Internet banks in Iran.
The primary use for our company is to enable the auditing on the DB level. The main target is to track the activities happening and by whom on critical tables. Based on that requirement, we purchased this database auditing solution because it was specific to Oracle for auditing purposes.
We generally use Imperva as a database firewall and for activity monitoring. The solution has to fit the organization first. Once we know the product is a fit, we support in the creation of reports. We look at the core users (administrators, auditors, accountants, etc.) who need to get information and we look at the responsibility matrix. Our responsibility is the database and we try to implement the total solution for an organization. This means reports are created for the specific needs of, say, IT security administrators, top management, IT guys, etc. This shows each group or individual what they need to know. We try to make it so database administrators do not have to directly interface with the solution by creating report editors and report creators based on the unique assessment of the organization. Imperva is a high-end product and it doesn't come cheap. Most government agencies don't use it because of its expense. But those who use it, like it and it's on the wishlist of many organizations.
My team and I deploy this solution for customers. In Israel, I'm the team leader of the whole Application Security Division.
We do not use this solution directly. Rather, we procure it for our customers and assist with the implementation.
I am using Imperva in different projects for application defense.
I use this solution to discover missing data, and to find weaknesses or miscalculations in my database standards.
The primary use case is specific to database security through log auditing, to identify the actions performed by various users. That gets logged. Then policies are used to see whether any action performed by a database user is below a threshold or above a threshold; whether there should there be an alert because of it. It is used by specific teams within our organization to monitor activity, to see whether there is any malicious activity or a user who's not supposed to be performing a certain action.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.