@Imperva Protecting What Matters Most

© 2015 Imperva, Inc. All rights reserved.

Protecting What Matters Most

Ing. Pablo Javier López

RSM, SOLA

March 2016

Cyber attacks

are bad and getting

• Leaked films and scripts

• Employee lawsuit

• Media field day

Significant

economic

• Stock price fell by 14%

• Impacted profits by 46%

• Total expected cost

of the attack: $236M


There are two kinds of big companies

in the United States. There are those

who’ve been hacked… and those who

don’t know they’ve been hacked.

FBI DIRECTOR JAMES COMEY

October 2014

6


of companies have

been hacked at

one time or another

7

© 2015 Imperva, Inc. All rights reserved. 8

PERIMETER/NETWORK

ENDPOINT

APPLICATION

Traditional

security

doesn’t work


Applications and data

moving to the cloud

Malware leverages

unsuspecting users

Insiders bypass the perimeter

and compromise your data

PERIMETER/NETWORK

Traditional

security

doesn’t work

9



moving to the cloud

Malware leverages

unsuspecting users



PERIMETER/NETWORK

Traditional

security

doesn’t work




moving to the cloud

Malware leverages

unsuspecting users



PERIMETER/NETWORK

Traditional

security

doesn’t work

11 © 2015 Imperva, Inc. All rights reserved.



moving to the cloud

Malware leverages

unsuspecting users



PERIMETER/NETWORK

Traditional

security

doesn’t work

12 © 2015 Imperva, Inc. All rights reserved.


BYOD

Duping users into opening

up vulnerabilities

Conspiring with users

to steal data

ENDPOINT

PERIMETER/NETWORK

Traditional

security

doesn’t work



BYOD


up vulnerabilities


to steal data

ENDPOINT

PERIMETER/NETWORK

Traditional

security

doesn’t work



Hackers breach

applications effectively

APPLICATION

ENDPOINT

PERIMETER/NETWORK

Traditional

security

doesn’t work



APPLICATION

ENDPOINT

PERIMETER/NETWORK

Traditional

security

doesn’t work


Traditional

security


Protect

what’s


Protecting

is exactly what Imperva does


APPLICATION

• Protects structured and

unstructured data where

it resides: databases

and file servers

• Protects where it’s accessed:

Web applications

• Guards against both outside

threats and internal actors


business-critical data

and applications

PROTECTING

24

Imperva products

Products that cover both Protect and Comply

Partners

User Rights

Management for File

Data Loss

Prevention

SecureSphere

File Firewall

File Activity

Monitor

SecureSphere Database

Assessment Server

SecureSphere

Database Firewall

SecureSphere

for Big Data


Activity Monitor

User Rights

Management

Data Masking

Vulnerability

Assessment

Incapsula

Back Door Detection

Incapsula

Website Security

SecureSphere

WAF ThreatRadar

Skyfence

Cloud Discovery

Skyfence

Cloud Analytics

Skyfence

Cloud Protection

Skyfence

Cloud Governance

Incapsula

Infrastructure Protection

Incapsula

Website Protection

Incapsula

Name Server Protection

SecureSphere

WAF

SecureSphere

for SharePoint


Security and compliance

are our ONLY focus


Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Greg Young, Nicole Papadopoulos, 15 June 2015. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

THE ONLY LEADER

TWO CONSECUTIVE

YEARS

Gartner Magic

Quadrant for

Web Application

Firewalls, 2015

29


A Leader with Highest

Ranking in ‘Current

Offering’ Category

Forrester Wave for

DDoS Providers,

2015

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc.

The Forrester Wave™ is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed

scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave.

Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. 30


Big Picture

Competitive

Environment – DCAP

Gartner Market Guide

for Data-Centric Audit

and Protection,

December 2015

Source: Gartner, Market Guide for Data-Centric Audit and Protection, 15 December 2015


EASY TO MANAGE FAST TO DEPLOY GROWS SMARTER

33


GROWS SMARTER

FAST TO DEPLOY

EASY TO MANAGE

Total

of ownership

34


in security and

compliance

35


We’re committed to

now and in the future

37


Product Overview


RSM, SOLA

March 2016

Imperva products

Products that cover both Protect and Comply

Partners

User Rights

Management for File

Data Loss

Prevention

SecureSphere

File Firewall

File Activity

Monitor


Assessment Server

SecureSphere

Database Firewall

SecureSphere

for Big Data


Activity Monitor

User Rights

Management

Data Masking

Vulnerability

Assessment

Incapsula

Back Door Detection

Incapsula

Website Security

SecureSphere

WAF ThreatRadar

Skyfence

Cloud Discovery

Skyfence

Cloud Analytics

Skyfence

Cloud Protection

Skyfence

Cloud Governance

Incapsula


Incapsula

Website Protection

Incapsula


SecureSphere

WAF

SecureSphere

for SharePoint


Web Application Firewall


RSM, SOLA

March 2016


SecureSphere Web Application Firewall

Overview

1

42


Large Scale Data Breaches Continue to Occur

43

Adobe 36,000,000

Target 70,000,000

EBAY 145,000,000

Anthem 80,000,000

Home Depot 56,000,000

JPMC 76,000,000

US OPM 21,000,000

2015 2014 2013

Evernote 50,000,000

Primera 11,000,000

Ashley

Madison 39,000,000

• Web applications are a key target in most cyber attacks

• Technical attacks exploit vulnerabilities in web applications

• Business logic attacks abuse web application functionality


TR

SecureSphere Web Application Firewall

NG Firewall

IPS/IDS

44

Web

Servers

web app attacks

- Technical attacks - OWASP Top 10 (SQLi, XSS, RFI, etc.)

- Business logic attacks - bad IPs, bad bots, ATO, DDoS attacks

network access control

user/app access control

non web app attacks

• Reputation Service

• Bot Protection

• Community Defense

• Account Takeover Protection

• Fraud Prevention Services

ThreatRadar Subscription Services

Web App Firewall

SecureSphere

legitimate

traffic

SecureSphere

Management

Server (MX)


Defenses Required to Protect Web Applications

45

Co

rre

late

d A

tta

ck

Va

lid

ati

on

Vir

tua

l P

atc

hin

g

DD

oS

Pro

tec

tio

n

Dynamic Profiling

Attack Signatures

Protocol Validation

Cookie Protection

Fraud Connectors

IP Geolocation

IP Reputation

Anti-Scraping Policies

Bot Mitigation Policies

Account Takeover Protection

Technical

Vulnerabilities

Business Logic

Attacks and more


Next Generation Firewalls & IPS – Easy to Evade

46

Co

rre

late

d A

tta

ck

Va

lid

ati

on

Vir

tua

l P

atc

hin

g

DD

oS

Pro

tec

tio

n

Dynamic Profiling

Attack Signatures

Protocol Validation

Cookie Protection

Fraud Connectors

IP Geolocation

IP Reputation

Anti-Scraping Policies

Bot Mitigation Policies

Account Takeover Protection

Technical

Vulnerabilities

Business Logic

Attacks

False positives and negatives

Easy to evade


Imperva ThreatRadar

Confidential 47

• Global Threat Intelligence Service

• Globally crowd-sourced

• Curated by Imperva ADC

• Adds “gods-eye” context of threat

landscape to WAF


SecureSphere WAF + ThreatRadar

48

SecureSphere WAF Correlation Engine

∂

TR

Bo

t P

rote

ctio

n

TR

AT

O P

rote

ctio

n

ThreatRadar(TR) threat intelligence

TR

Rep

uta

tio

n S

erv

ice

Removes Unwanted

Traffic

Cuts Infrastructure

Cost

Improves SOC

Efficiency

Improves Security

Posture

∂

Pro

toco

l V

alid

atio

n

Att

ack S

ign

atu

res

Ap

plic

atio

n P

rofilin

g

SecureSphere Core Engine


By analyzing traffic, SecureSphere

automatically learns…

Directories

URLs

Parameters Expected user

input

So it can alert on or block abnormal requests

Imperva SecureSphere: Dynamic Profiling™

Confidential 49


Patented Dynamic Profiling

• Cuts deployment time from months to days

• Eliminates ongoing administration burden

Confidential 50

0

100

200

300

400

500

600

700

01-jun 06-jun 11-jun 16-jun 21-jun 26-jun

636

243

32 33

76 55

40 25 21 11 13 28 24 18

41 7 4 5 7 4 8 11 15 2 3 4 1

Date

Pro

file

Ch

an

ges

Dynamically learns app

Dynamically learns changes

Avoid 5-15 manual changes per week

will save 5 – 30 man hours


Virtual Patching

Confidential 51

Application

scanned

Results

imported

Mitigation policies

Automatically created

Application

protected


Virtual Patching

Confidential 52

Application

scanned

Results

imported

Mitigation policies

Automatically created

Application

protected

http://welcome.hp.com/country/us/en/welcome.html

http://www.ibm.com/us/en/

http://www.whitehatsec.com/home/abt/abt.html


Graphical Security Reports

Confidential 53

Pre-defined compliance reports

Custom reports

Reports created on demand or emailed

daily, weekly, or monthly

PDF and CSV (Excel) format

Integration with 3rd party reporting and

SIEM tools


Out-of-Band, In-line, and Virtual Options

Confidential 54

MX Management

Gateway Virtual Gateway Gateway

ThreatRadar

Users


WAF Deployment Scenarios

Confidential 55

On-Premises

WAF

WAF

Web

Servers

WAF for AWS

& Azure

WAF

Web

Servers

Web

Servers

Cloud

WAF


Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Greg Young, Nicole Papadopoulos, 15 June 2015. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

THE ONLY LEADER

TWO CONSECUTIVE YEARS

Gartner Magic

Quadrant for

Web Application

Firewalls


Imperva Incapsula

Ing. Pablo López, Regional Sales manager SOLA

March 2016


Incapsula Overview

Confidential 58

Performance Security Availability

Solving Top Operational Problems

Delivered from the Cloud


Incapsula Application Delivery Cloud

Confidential 59


Enrutando el trafico del Website a través de Incapsula, el trafico no

genuino es eliminado y el trafico legitimo es acelerado

Web Application Firewall (WAF) Denegación Distribuida de Servicio (DDOS) Denegación Distribuida de Servicio (DDOS) Balanceo de Carga Balanceo de Carga Content Delivery Network (CDN)


WEB APP

The Incapsula Security Model

Confidential 61

Access Control

Blocks unwanted IPs, Regions, Countries

Bot Mitigation

Blocks automated attackers, bad bots, scrapers, spammers

WAF Blocks Hacking attacks

OWASP Top 10 attacks (SQLi, XSS, etc.)

Custom Rule & Policy Engine

Application specific attacks


Website Protection



Comprehensive DDoS Protection

Confidential 62

DNS

WEB

UDP, TCP

SSH, FTP, Telnet

SMTP

SIP

DDoS Protection Service Protected Assets


Comprehensive DDoS Protection

Confidential 63

• 2 Tbps+ mitigation capacity

• Unlimited protection (any frequency and attack size)

• Proprietary technology (SW, HW, algorithms)

• 24x7 SOC - experienced security experts

DDoS Protection Service Protected Assets

DNS

Web Application

Infrastructure

DNS Servers

Web Servers

Networks, Servers

HTTP/S

DNS

SSH, FTP, Telnet, SMTP, etc.

Layer

3, 4

3, 4, 7

3, 4, 7

Who is Incapsula

Market Leading Products

Global 2Tbps

Network of 27 Datacenters

Over 96,000 Customers

North America Top 10 Red Herring – 2011

Market Leading Solutions

• Gartner MQ Leader for Web Application Firewalls 2014, 2015

• Forrester Wave Leader, DDoS Service Providers 2015

• Security Innovator of the Year Cloud Awards.com 2014

• Readers Choice: DDoS Protection Solution of the Year Search Security 2014

• Best DDoS Mitigation Service Top Ten Reviews 2013 – 2014

• Best Web Security & Performance Service Top Ten Reviews 2012 – 2014


Trusted by Thousands of Customers

Confidential 66

http://michigan.aaa.com/

http://www.livepositively.com/?wt.mc_id=CCSLP


Protección Base de datos

DAM/DBF Ing. Pablo Javier López

RSM, SOLA

March 2016


Identify Your Use Cases

5 Key Steps

Data Audit and Protection Lifecycle

4

Confidential 68


Map Requirements To An Data Audit and Protection Lifecycle

Discover Assess Set

Controls Audit & Secure

Measure & Report

Review, certify and investigate

Sensitive data

Vulnerabilities and security

gaps

Access rights and policies

Monitor, alert and block


– Discover Sensitive Data and Analyze Risks

HIPAA

Discover Electronic Protected health Information (ePHI)

- Identify and locate all “Individually identifiable health information”

MAS

MAS 2.0.1 MAS 2.0.5

PCI

PCI 3 PCI 10

SOX

SOX 302 SOX 404

SOX COSO Risk Assessment Requirements

- Management has to identify and analyze relevant risks to achieve objectives.

- Formal risk assessments built throughout the systems development methodology.


Discover Database Services

1. Run service discovery scan

2. Analyze results, accept/reject

3. Build out the Site Tree

Site Tree

Service Discovery Scan

Service Discovery Scan


Identify Sensitive Data

CONFIDENTIAL

1. Create Data Classification Scan

- Select data types

- Create custom data types

2. Analyze results, accept/reject

Predefined Data Types

Custom Data Types

Classified Database Data


– Assess Vulnerabilities and Security Gaps

HIPAA

Data Safeguards

-A covered entity must maintain reasonable and appropriate administrative, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information in violation of the Privacy Rule

MAS

MAS 2.0.1 MAS 2.0.5

PCI

PCI 2 PCI 6

SOX

SOX 302 SOX 404

SOX COSO Control Activities Requirements

- System software controls – Controls over the effective acquisition, implementation and maintenance of system software, database management, security software


- Assess Vulnerabilities scanning and virtual patching

1. Create DB Assessment Scan from

template Assessment Policy

- Use ADC out-of-the-box policy

- Or, create a custom policy

2. Apply Scan to specific service/application

Assessment Policies

Assessment Policy: CIS – Security Configuration Benchmark for Oracle


– Review User Rights and Set Controls

HIPAA

Technical Safeguards

- Access Control. A covered entity must implement technical policies and procedures that allow only authorized persons to access electronic protected health information (e-PHI).

MAS

MAS 5.1.2 MAS 5.1.7 (c, d, j)

PCI

PCI 7

SOX

SOX 302 SOX 404

SOX COSO Control Activities Requirements

- Access security controls – Controls that prevent inappropriate and unauthorized use of the system across all layers of systems, operating system, database and application.


URM - Find Excessive Permissions

Data Accessible by G&A


URM - Review Effective Permissions


– Audit, Monitor and Secure User Activity

HIPAA


- Audit Controls. A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI.

PCI

PCI 3, 7, 10, 12

MAS

MAS 5.1.2 MAS 5.1.7 (b, e, f, j)

SOX

SOX 302, 404, 409

SOX COSO Control Activities, Information and Communication Requirements

- Application controls to prevent or detect unauthorized transactions, support the completeness, accuracy, authorization and existence of processing transactions.

- Identification and timely reporting of security violations.


SOX – Identify and Block Unauthorized Transactions


– Measure and Report

HIPAA


- Audit Controls. A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI.

MAS

2.0.1, 2.0.5, 5.1.2, 5.1.7 (b, c, d, e, f, g, i)

PCI

2, 6, 7, 10, 12

SOX

SOX 302, 404, 409

SOX COSO Monitoring Requirements

- Centralized monitoring of security.

- IT internal audit reviews on a periodic basis to verify that controls are operating effectively.


– Report Privileged Operations

1. Create custom DB Audit report

2. Select source policies and

define scope of report

3. Select data columns

4. Schedule Report

PDF Report


Protección de Bases de Datos - DBF

83

Soporte a: Oracle, Oracle Exadata, Microsoft SQL Server, IBM DB2 (on Linux, UNIX, Windows, z/OS and DB2/400), IBM IMS on z/OS, IBM Informix, IBM Netezza, SAP Sybase, Teradata, Oracle MySQL, PostgreSQL, y Progress OpenEdge


Imperva Camouflage

Data Masking Ing. Pablo López, Regional Sales Manager SOLA

March 2016


Overview

Data Masking 1

Confidential 85

Who has access to

your data and why? Confidential 86


Data Driven Organization and Processes

• Do you need “real” data to support the activity?

• Is the risk and security cost associated with

the sensitive data acceptable?

• What are your alternatives?

Hundreds of databases

ⅹMillions of sensitive fields

ⅹHundreds of users

ⅹCompliance requirements

ⅹData breech potential

Excessive risk

Confidential 87

Things to consider

© 2015 Imperva, Inc. All rights reserved. Confidential 88

"Data masking should be mandatory for enterprises

using copies of sensitive production data for

application development, analytics or training."


Data Masking Eliminates Risk

1. Realistic fictional data maintains operational and statistically accuracy

2. Sensitive data is permanently removed

3. Security and compliance overhead are reduced

Confidential 89

BEFORE AFTER

Name SSN Salary

Smith 123-21-9812 77,000

Patel 992-43-3421 83,500

Name SSN Salary

Young 531-51-5279 79,250

Lopez 397-70-0493 81,250


Separate Use Cases: Non-production and Production Data

Confidential 90

Dynamic Masking

• Alters original data in transit

• Role/user based masking rules

• Protects production data in use

• Requires fine-grained tuning

• Does not protect data at rest

• Impacts system performance

• Temporary

• Risk of corruption

Static Masking

• Does not alter original data

• Masks data for non-production systems

• Realistic representation of source data

• Maintains referential integrity

• Repeatable process to ensure operational

and statistical accuracy

• Protects data at rest, in transit and in use

• No impact on production system

• Permanent, non-reversible process

• Zero risk of source data corruption


Manage and Report

• Analysis and compliance reporting – Before & After – generated with each run*

– Impacted Object

– Historical Project Run

– Project Configuration Report

• Export to BI tools or Excel

• Reuse search configurations,

filters and projects files

• Configurable multi-threaded

database refresh

• Tiered security settings

Confidential 91


File Security Ing. Pablo López

Regional Sales Manager SOLA

March 2016


File Data

Confidential 93


File Data is Pervasive and Growing

• Distributed broadly across organizations, access not centrally managed

– Unstructured data accounts for 80% of an organization’s information

– Growing at 10x the rate of structured data

Confidential 94

“The unstructured data held by enterprises

continues to grow at an explosive rate.

Security controls for unstructured data have

failed to keep pace, and the result is serious

enterprise risk exposure.”


File Data is Subject to Regulations

• What challenges do

organizations face?

95

Maintaining an audit trail

Assuring least-privilege access

Reporting for compliance purposes

Enforcing separation of duties

“As the controls around structured data stores have

improved, auditors are now increasingly concerned

with the difficulty of identifying and reporting on

unstructured data stores.”


Secure Sphere File Activity Monitoring

Confidential 96

Comprehensive rights

management

Monitor and audit activity

Dynamic Access Controls

Automate rights reviews

Visibility into data ownership, user access rights

and excessive rights

File access control policies

Alert or block on unwanted activity

Monitor file activity in real-time

Detailed auditing of file operations

Secu

reS

ph

ere

File A

cti

vit

y M

on

ito

r

Reporting and analytics

Interactive audit analytics to identify trends and

patterns in file activity

Document compliance with regulations


Management Server (MX)

Sys Admin

Imperva

Agent

Network

Monitoring

FAM Deployment Options

Confidential 97

Inline or Non-inline, Physical or Virtual, Network or Agent

Users

NAS File Servers


CounterBreach Ing. Pablo López


March 2016

People are the

WEAK LINK Confidential 99

Carrie

Malicious Careless Compromised

Carrie


THE SOLUTION

Confidential 101

Carrie

© 2015 Imperva, Inc. All rights reserved. Confidential 102

How do I respond

QUICKLY if not?

Exactly

WHO Is accessing my data?

?

Truly Detecting and Containing Breaches Requires Addressing All

OK? Is the access

Carrie


BLOCK / QUARANTINE

BLOCK / QUARANTINE

Breach Detection Solution

Confidential 103

LEARN AND DETECT MONITOR MONITOR

Carrie

Confidential 104

Drew

CounterBreach

User Interface

Behavior machine

learning

Visibility

Contain

and

Investigate

Deception

Imperva

SecureSphere

LEARN AND DETECT BLOCK / QUARANTINE

MONITOR

Imperva

SecureSphere

Databases and Files

Carrie

CounterBreach

User Interface Machine

Learning

Visibility

Contain

and

Investigate

LEARN AND DETECT BLOCK / QUARANTINE

MONITOR

Imperva

Skyfence

Imperva

Skyfence

Skyfence performs its own anomaly detection and forwards incidents to CounterBreach

If customers only want anomaly detection for SaaS apps, do not position CounterBreach

SaaS Apps

Drew

Confidential 107

John, DBA

DBA Team

Day 1 Day 3 Day 5 Day 7

John accesses 10

patient records.

John accesses 40

patient records.

John accesses 15

patient records.

John accesses

3,000 patient

records.

DBA team

members access

20 patient records.

DBA team

members access

15 patient records.

DBA team

members access

35 patient records.

DBA team

members access

25 patient records.

Patient Records

Drew


Behavior: Develop a Baseline of User Data Access

Confidential 108

PCI Database

Who is connecting to the

database?

How do they connect to

the database?

Do their peers access

data in the same way? When do they usually

work?

What data are they

accessing? How much data do they

query?

Carrie


CounterBreach

• Profiles users that interact with data

• It learns user data access, and creates a baseline

based on many attributes – Uses machine learning

• Alerts when users significantly change behavior

• Use case: security – data breach prevention

Confidential 109

Drew


Imperva Skyfence

Ing. Pablo López


March 2016


Market Overview

111

Customer-facing Applications

Moving to IaaS or PaaS providers Employee-facing Applications

are SaaS and Cloud Apps

Traditional Data Center


About Imperva Skyfence

• What does Imperva Skyfence do? – Enable organizations safe and productive use of corporate

SaaS applications

• Why is it relevant? – The cloud app trend has created a visibility and control blind

spot for IT that cannot be addressed by traditional security

• Imperva – Protecting data and apps – Only leader in Gartner Magic Quadrant for Web Application

Firewalls (WAF) for two consecutive years

– Top-ranked in Forrester Wave Report for DDoS Service

Providers, Q3 2015

– 4000+ customers in 75+ countries

112


Current Solutions Are Insufficient for Securing Cloud Apps & Data

113

Corporate Employees, Mobile

Workers and Hackers

Cloud Applications

No visibility into who is using what apps

No way to assess and prioritize cloud app risks

Unable to monitor and analyze all activity

No endpoint control capabilities for cloud apps

Cloud apps are a prime target for hackers and malicious insiders – data exfiltration


Visibility and Control for Cloud Applications - Skyfence CASB

114

Corporate Employees,

Mobile Workers and

Hackers

Detect anomalies & prevent account takeover attacks

Discover “Shadow IT” apps & assess risk

Identify admins and inactive, external, & orphaned users

Cloud Audit & Protection (Proxy-based) Cloud Discovery & Governance (API-based)

Enforce risk-based MFA

Basic view of cloud activity logs

Control sensitive data with DLP policies

Prevent data proliferation to unmanaged devices

Centrally assess data and security configuration settings

SIEM enablement

Real-time, comprehensive activity monitoring

Cloud Applications

(5000+ apps)


Customer Use Cases for Skyfence Cloud Security Gateway

115

Secure Office 365 Users

• BYOD access control

• Monitoring activity: Exchange, Skype, OneDrive, SharePoint and Yammer

• Prevent account takeovers

• Data leak prevention

Control Collaboration & File Sharing

• Prevent data leaks

• Comply with regulations

• Control how sensitive data is shared

Manage AWS Console Users

• Monitor AWS admins

• Block/control high-risk actions


Secure Salesforce Accounts

• Monitor and alert on anomalous activity


• Identify dormant accounts and access by ex-employees

• Benchmark configurations

@Imperva Protecting What Matters Most

Technology

Transcript of @Imperva Protecting What Matters Most