How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
The primary use case is for database monitoring. We are also using the blocking part, which is used for: * Any suspicious activities which are done, such as delete command and query command, outside the admin, the solution is supposed to block them. * The blocking of compromised databases through cloning. Blocking will not allow the cloning. We use it for blocking and auditing. Our job is monitoring. We are a government entity and provide services to other ministries. We use Imperva for its Database Activity Monitoring and File Integrity Monitoring tools. We have also enabled Database Firewall.
Our primary use for this solution is securing banking web applications. It protects the web service of one of the big Internet banks in Iran.
The primary use for our company is to enable the auditing on the DB level. The main target is to track the activities happening and by whom on critical tables. Based on that requirement, we purchased this database auditing solution because it was specific to Oracle for auditing purposes.
We generally use Imperva as a database firewall and for activity monitoring. The solution has to fit the organization first. Once we know the product is a fit, we support in the creation of reports. We look at the core users (administrators, auditors, accountants, etc.) who need to get information and we look at the responsibility matrix. Our responsibility is the database and we try to implement the total solution for an organization. This means reports are created for the specific needs of, say, IT security administrators, top management, IT guys, etc. This shows each group or individual what they need to know. We try to make it so database administrators do not have to directly interface with the solution by creating report editors and report creators based on the unique assessment of the organization. Imperva is a high-end product and it doesn't come cheap. Most government agencies don't use it because of its expense. But those who use it, like it and it's on the wishlist of many organizations.
My team and I deploy this solution for customers. In Israel, I'm the team leader of the whole Application Security Division.
We do not use this solution directly. Rather, we procure it for our customers and assist with the implementation.
I am using Imperva in different projects for application defense.
I use this solution to discover missing data, and to find weaknesses or miscalculations in my database standards.
The primary use case is specific to database security through log auditing, to identify the actions performed by various users. That gets logged. Then policies are used to see whether any action performed by a database user is below a threshold or above a threshold; whether there should there be an alert because of it. It is used by specific teams within our organization to monitor activity, to see whether there is any malicious activity or a user who's not supposed to be performing a certain action.