Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

@Imperva Protecting What Matters Most

2,298 views

Published on

There are two kinds of big companies in the United States. There are those who’ve been hacked… and those who don’t know they’ve been hacked.
FBI DIRECTOR JAMES COMEY
According to research, 90% of companies have been hacked at one time or another.
And according to the FBI, the malware that was used in the Sony hack would have gotten through 90% of security in use today.
Imperva Defends Business-Critical Data and Applications

Our main goal is to defend your business-critical data and applications from cyber attacks and to provide visibility into data access, adding the who/what/when to data security with a comprehensive approach to security and compliance.
Because of this focus, we’re the only company that can follow your data wherever it’s stored and however it’s accessed—even as technologies and threats evolve.

Published in: Technology
  • Be the first to comment

@Imperva Protecting What Matters Most

  1. 1. © 2015 Imperva, Inc. All rights reserved. Protecting What Matters Most Ing. Pablo Javier López RSM, SOLA March 2016
  2. 2. Cyber attacks are bad and getting
  3. 3. • Leaked films and scripts • Employee lawsuit • Media field day
  4. 4. Significant economic
  5. 5. • Stock price fell by 14% • Impacted profits by 46% • Total expected cost of the attack: $236M
  6. 6. © 2015 Imperva, Inc. All rights reserved. There are two kinds of big companies in the United States. There are those who’ve been hacked… and those who don’t know they’ve been hacked. FBI DIRECTOR JAMES COMEY October 2014 6
  7. 7. © 2015 Imperva, Inc. All rights reserved. of companies have been hacked at one time or another 7
  8. 8. © 2015 Imperva, Inc. All rights reserved.8 PERIMETER/NETWORK ENDPOINT APPLICATION Traditional security doesn’t work
  9. 9. © 2015 Imperva, Inc. All rights reserved. Applications and data moving to the cloud Malware leverages unsuspecting users Insiders bypass the perimeter and compromise your data PERIMETER/NETWORK Traditional security doesn’t work 9
  10. 10. © 2015 Imperva, Inc. All rights reserved.10 Applications and data moving to the cloud Malware leverages unsuspecting users Insiders bypass the perimeter and compromise your data PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.
  11. 11. © 2015 Imperva, Inc. All rights reserved. Applications and data moving to the cloud Malware leverages unsuspecting users Insiders bypass the perimeter and compromise your data PERIMETER/NETWORK Traditional security doesn’t work 11 © 2015 Imperva, Inc. All rights reserved.
  12. 12. © 2015 Imperva, Inc. All rights reserved. Applications and data moving to the cloud Malware leverages unsuspecting users Insiders bypass the perimeter and compromise your data PERIMETER/NETWORK Traditional security doesn’t work 12 © 2015 Imperva, Inc. All rights reserved.
  13. 13. © 2015 Imperva, Inc. All rights reserved. BYOD Duping users into opening up vulnerabilities Conspiring with users to steal data ENDPOINT PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.13
  14. 14. © 2015 Imperva, Inc. All rights reserved. BYOD Duping users into opening up vulnerabilities Conspiring with users to steal data ENDPOINT PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.14
  15. 15. © 2015 Imperva, Inc. All rights reserved. BYOD Duping users into opening up vulnerabilities Conspiring with users to steal data ENDPOINT PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.15
  16. 16. © 2015 Imperva, Inc. All rights reserved. BYOD Duping users into opening up vulnerabilities Conspiring with users to steal data ENDPOINT PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.16
  17. 17. © 2015 Imperva, Inc. All rights reserved. Hackers breach applications effectively APPLICATION ENDPOINT PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.17
  18. 18. © 2015 Imperva, Inc. All rights reserved. Hackers breach applications effectively APPLICATION ENDPOINT PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.18
  19. 19. © 2015 Imperva, Inc. All rights reserved. APPLICATION ENDPOINT PERIMETER/NETWORK Traditional security doesn’t work © 2015 Imperva, Inc. All rights reserved.19
  20. 20. Traditional security
  21. 21. © 2015 Imperva, Inc. All rights reserved. Protect what’s
  22. 22. © 2015 Imperva, Inc. All rights reserved. Protecting is exactly what Imperva does
  23. 23. © 2015 Imperva, Inc. All rights reserved. APPLICATION • Protects structured and unstructured data where it resides: databases and file servers • Protects where it’s accessed: Web applications • Guards against both outside threats and internal actors
  24. 24. © 2015 Imperva, Inc. All rights reserved. business-critical data and applications PROTECTING 24
  25. 25. © 2015 Imperva, Inc. All rights reserved.25
  26. 26. Imperva products Products that cover both Protect and Comply Partners User Rights Management for File Data Loss Prevention SecureSphere File Firewall File Activity Monitor SecureSphere Database Assessment Server SecureSphere Database Firewall SecureSphere for Big Data SecureSphere Database Activity Monitor User Rights Management Data Masking Vulnerability Assessment Incapsula Back Door Detection Incapsula Website Security SecureSphere WAF ThreatRadar Skyfence Cloud Discovery Skyfence Cloud Analytics Skyfence Cloud Protection Skyfence Cloud Governance Incapsula Infrastructure Protection Incapsula Website Protection Incapsula Name Server Protection SecureSphere WAF SecureSphere for SharePoint
  27. 27. © 2015 Imperva, Inc. All rights reserved. Security and compliance are our ONLY focus
  28. 28. © 2015 Imperva, Inc. All rights reserved. Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Greg Young, Nicole Papadopoulos, 15 June 2015. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. THE ONLY LEADER TWO CONSECUTIVE YEARS Gartner Magic Quadrant for Web Application Firewalls, 2015 29
  29. 29. © 2015 Imperva, Inc. All rights reserved. A Leader with Highest Ranking in ‘Current Offering’ Category Forrester Wave for DDoS Providers, 2015 The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.30
  30. 30. © 2015 Imperva, Inc. All rights reserved.31 Big Picture Competitive Environment – DCAP Gartner Market Guide for Data-Centric Audit and Protection, December 2015 Source: Gartner, Market Guide for Data-Centric Audit and Protection, 15 December 2015
  31. 31. © 2015 Imperva, Inc. All rights reserved. EASY TO MANAGEFAST TO DEPLOY GROWS SMARTER 33
  32. 32. © 2015 Imperva, Inc. All rights reserved. GROWS SMARTER FAST TO DEPLOY EASY TO MANAGE Total of ownership 34
  33. 33. © 2015 Imperva, Inc. All rights reserved. in security and compliance 35
  34. 34. © 2015 Imperva, Inc. All rights reserved.36
  35. 35. © 2015 Imperva, Inc. All rights reserved. We’re committed to now and in the future 37
  36. 36. © 2015 Imperva, Inc. All rights reserved. Product Overview Ing. Pablo Javier López RSM, SOLA March 2016
  37. 37. Imperva products Products that cover both Protect and Comply Partners User Rights Management for File Data Loss Prevention SecureSphere File Firewall File Activity Monitor SecureSphere Database Assessment Server SecureSphere Database Firewall SecureSphere for Big Data SecureSphere Database Activity Monitor User Rights Management Data Masking Vulnerability Assessment Incapsula Back Door Detection Incapsula Website Security SecureSphere WAF ThreatRadar Skyfence Cloud Discovery Skyfence Cloud Analytics Skyfence Cloud Protection Skyfence Cloud Governance Incapsula Infrastructure Protection Incapsula Website Protection Incapsula Name Server Protection SecureSphere WAF SecureSphere for SharePoint
  38. 38. © 2015 Imperva, Inc. All rights reserved. Web Application Firewall Ing. Pablo Javier López RSM, SOLA March 2016
  39. 39. © 2015 Imperva, Inc. All rights reserved. SecureSphere Web Application Firewall Overview 1 42
  40. 40. © 2015 Imperva, Inc. All rights reserved. Large Scale Data Breaches Continue to Occur 43 Adobe 36,000,000 Target 70,000,000 EBAY 145,000,000 Anthem 80,000,000 Home Depot 56,000,000 JPMC 76,000,000 US OPM 21,000,000 201520142013 Evernote 50,000,000 Primera 11,000,000 Ashley Madison 39,000,000 • Web applications are a key target in most cyber attacks • Technical attacks exploit vulnerabilities in web applications • Business logic attacks abuse web application functionality
  41. 41. © 2015 Imperva, Inc. All rights reserved. TR SecureSphere Web Application Firewall NG Firewall IPS/IDS 44 Web Servers web app attacks - Technical attacks - OWASP Top 10 (SQLi, XSS, RFI, etc.) - Business logic attacks - bad IPs, bad bots, ATO, DDoS attacks network access control user/app access control non web app attacks • Reputation Service • Bot Protection • Community Defense • Account Takeover Protection • Fraud Prevention Services ThreatRadar Subscription Services Web App Firewall SecureSphere legitimate traffic SecureSphere Management Server (MX)
  42. 42. © 2015 Imperva, Inc. All rights reserved. Defenses Required to Protect Web Applications 45 CorrelatedAttackValidation VirtualPatching DDoSProtection Dynamic Profiling Attack Signatures Protocol Validation Cookie Protection Fraud Connectors IP Geolocation IP Reputation Anti-Scraping Policies Bot Mitigation Policies Account Takeover Protection Technical Vulnerabilities Business Logic Attacks and more
  43. 43. © 2015 Imperva, Inc. All rights reserved. Next Generation Firewalls & IPS – Easy to Evade 46 CorrelatedAttackValidation VirtualPatching DDoSProtection Dynamic Profiling Attack Signatures Protocol Validation Cookie Protection Fraud Connectors IP Geolocation IP Reputation Anti-Scraping Policies Bot Mitigation Policies Account Takeover Protection Technical Vulnerabilities Business Logic Attacks False positives and negatives Easy to evade
  44. 44. © 2015 Imperva, Inc. All rights reserved. Imperva ThreatRadar Confidential47 • Global Threat Intelligence Service • Globally crowd-sourced • Curated by Imperva ADC • Adds “gods-eye” context of threat landscape to WAF
  45. 45. © 2015 Imperva, Inc. All rights reserved. SecureSphere WAF + ThreatRadar 48 SecureSphere WAF Correlation Engine ∂ TRBotProtection TRATOProtection ThreatRadar(TR) threat intelligence TRReputationService Removes Unwanted Traffic Cuts Infrastructure Cost Improves SOC Efficiency Improves Security Posture ∂ ProtocolValidation AttackSignatures ApplicationProfiling SecureSphere Core Engine
  46. 46. © 2015 Imperva, Inc. All rights reserved. By analyzing traffic, SecureSphere automatically learns… Directories URLs Parameters Expected user input So it can alert on or block abnormal requests Imperva SecureSphere: Dynamic Profiling™ Confidential49
  47. 47. © 2015 Imperva, Inc. All rights reserved. Patented Dynamic Profiling • Cuts deployment time from months to days • Eliminates ongoing administration burden Confidential50 0 100 200 300 400 500 600 700 01-jun 06-jun 11-jun 16-jun 21-jun 26-jun 636 243 32 33 76 55 40 25 21 11 13 28 24 18 41 7 4 5 7 4 8 11 15 2 3 4 1 Date ProfileChanges Dynamically learns app Dynamically learns changes Avoid 5-15 manual changes per week will save 5 – 30 man hours
  48. 48. © 2015 Imperva, Inc. All rights reserved. Virtual Patching Confidential51 Application scanned Results imported Mitigation policies Automatically created Application protected
  49. 49. © 2015 Imperva, Inc. All rights reserved. Virtual Patching Confidential52 Application scanned Results imported Mitigation policies Automatically created Application protected
  50. 50. © 2015 Imperva, Inc. All rights reserved. Graphical Security Reports Confidential53  Pre-defined compliance reports  Custom reports  Reports created on demand or emailed daily, weekly, or monthly  PDF and CSV (Excel) format  Integration with 3rd party reporting and SIEM tools
  51. 51. © 2015 Imperva, Inc. All rights reserved. Out-of-Band, In-line, and Virtual Options Confidential54 MX Management Gateway Virtual GatewayGateway ThreatRadar Users
  52. 52. © 2015 Imperva, Inc. All rights reserved. WAF Deployment Scenarios Confidential55 On-Premises WAF WAF Web Servers WAF for AWS & Azure WAF Web Servers Web Servers Cloud WAF
  53. 53. © 2015 Imperva, Inc. All rights reserved. Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Greg Young, Nicole Papadopoulos, 15 June 2015. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. THE ONLY LEADER TWO CONSECUTIVE YEARS Gartner Magic Quadrant for Web Application Firewalls
  54. 54. © 2015 Imperva, Inc. All rights reserved. Imperva Incapsula Ing. Pablo López, Regional Sales manager SOLA March 2016
  55. 55. © 2015 Imperva, Inc. All rights reserved. Incapsula Overview Confidential58 PerformanceSecurity Availability Solving Top Operational Problems Delivered from the Cloud
  56. 56. © 2015 Imperva, Inc. All rights reserved. Incapsula Application Delivery Cloud Confidential59
  57. 57. © 2015 Imperva, Inc. All rights reserved.60 Enrutando el trafico del Website a través de Incapsula, el trafico no genuino es eliminado y el trafico legitimo es acelerado Web Application Firewall (WAF)Denegación Distribuida de Servicio (DDOS)Denegación Distribuida de Servicio (DDOS)Balanceo de CargaBalanceo de CargaContent Delivery Network (CDN)
  58. 58. © 2015 Imperva, Inc. All rights reserved. WEB APP The Incapsula Security Model Confidential61 Access Control Blocks unwanted IPs, Regions, Countries Bot Mitigation Blocks automated attackers, bad bots, scrapers, spammers WAF Blocks Hacking attacks OWASP Top 10 attacks (SQLi, XSS, etc.) Custom Rule & Policy Engine Application specific attacks
  59. 59. © 2015 Imperva, Inc. All rights reserved. Website Protection Name Server Protection Infrastructure Protection Comprehensive DDoS Protection Confidential62 DNS WEB UDP, TCP SSH, FTP, Telnet SMTP SIP DDoS Protection Service Protected Assets
  60. 60. © 2015 Imperva, Inc. All rights reserved. Comprehensive DDoS Protection Confidential63 • 2 Tbps+ mitigation capacity • Unlimited protection (any frequency and attack size) • Proprietary technology (SW, HW, algorithms) • 24x7 SOC - experienced security experts DDoS Protection Service Protected Assets DNS Web Application Infrastructure DNS Servers Web Servers Networks, Servers HTTP/S DNS SSH, FTP, Telnet, SMTP, etc. Layer 3, 4 3, 4, 7 3, 4, 7
  61. 61. Who is Incapsula Market Leading Products Global 2Tbps Network of 27 Datacenters Over 96,000 Customers North America Top 10 Red Herring – 2011 Market Leading Solutions • Gartner MQ Leader for Web Application Firewalls 2014, 2015 • Forrester Wave Leader, DDoS Service Providers 2015 • Security Innovator of the Year Cloud Awards.com 2014 • Readers Choice: DDoS Protection Solution of the Year Search Security 2014 • Best DDoS Mitigation Service Top Ten Reviews 2013 – 2014 • Best Web Security & Performance Service Top Ten Reviews 2012 – 2014
  62. 62. © 2015 Imperva, Inc. All rights reserved.
  63. 63. © 2015 Imperva, Inc. All rights reserved. Trusted by Thousands of Customers Confidential66
  64. 64. © 2015 Imperva, Inc. All rights reserved. Protección Base de datos DAM/DBF Ing. Pablo Javier López RSM, SOLA March 2016
  65. 65. © 2015 Imperva, Inc. All rights reserved. Identify Your Use Cases 5 Key Steps Data Audit and Protection Lifecycle 4 Confidential68
  66. 66. © 2015 Imperva, Inc. All rights reserved. Map Requirements To An Data Audit and Protection Lifecycle Discover Assess Set Controls Audit & Secure Measure & Report Review, certify and investigate Sensitive data Vulnerabilities and security gaps Access rights and policies Monitor, alert and block
  67. 67. © 2015 Imperva, Inc. All rights reserved. – Discover Sensitive Data and Analyze Risks HIPAA  Discover Electronic Protected health Information (ePHI) - Identify and locate all “Individually identifiable health information” MAS  MAS 2.0.1  MAS 2.0.5 PCI  PCI 3  PCI 10 SOX  SOX 302  SOX 404 SOX COSO Risk Assessment Requirements - Management has to identify and analyze relevant risks to achieve objectives. - Formal risk assessments built throughout the systems development methodology.
  68. 68. © 2015 Imperva, Inc. All rights reserved. Discover Database Services 1. Run service discovery scan 2. Analyze results, accept/reject 3. Build out the Site Tree Site Tree Service Discovery Scan Service Discovery Scan
  69. 69. © 2015 Imperva, Inc. All rights reserved. Identify Sensitive Data CONFIDENTIAL 1. Create Data Classification Scan - Select data types - Create custom data types 2. Analyze results, accept/reject Predefined Data Types Custom Data Types Classified Database Data
  70. 70. © 2015 Imperva, Inc. All rights reserved. – Assess Vulnerabilities and Security Gaps HIPAA  Data Safeguards -A covered entity must maintain reasonable and appropriate administrative, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information in violation of the Privacy Rule MAS  MAS 2.0.1  MAS 2.0.5 PCI  PCI 2  PCI 6 SOX  SOX 302  SOX 404 SOX COSO Control Activities Requirements - System software controls – Controls over the effective acquisition, implementation and maintenance of system software, database management, security software
  71. 71. © 2015 Imperva, Inc. All rights reserved. - Assess Vulnerabilities scanning and virtual patching 1. Create DB Assessment Scan from template Assessment Policy - Use ADC out-of-the-box policy - Or, create a custom policy 2. Apply Scan to specific service/application Assessment Policies Assessment Policy: CIS – Security Configuration Benchmark for Oracle
  72. 72. © 2015 Imperva, Inc. All rights reserved. – Review User Rights and Set Controls HIPAA  Technical Safeguards - Access Control. A covered entity must implement technical policies and procedures that allow only authorized persons to access electronic protected health information (e-PHI). MAS  MAS 5.1.2  MAS 5.1.7 (c, d, j) PCI  PCI 7 SOX  SOX 302  SOX 404 SOX COSO Control Activities Requirements - Access security controls – Controls that prevent inappropriate and unauthorized use of the system across all layers of systems, operating system, database and application.
  73. 73. © 2015 Imperva, Inc. All rights reserved. URM - Find Excessive Permissions Data Accessible by G&A
  74. 74. © 2015 Imperva, Inc. All rights reserved. URM - Review Effective Permissions
  75. 75. © 2015 Imperva, Inc. All rights reserved. – Audit, Monitor and Secure User Activity HIPAA  Technical Safeguards - Audit Controls. A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e-PHI. PCI  PCI 3, 7, 10, 12 MAS  MAS 5.1.2  MAS 5.1.7 (b, e, f, j) SOX  SOX 302, 404, 409 SOX COSO Control Activities, Information and Communication Requirements - Application controls to prevent or detect unauthorized transactions, support the completeness, accuracy, authorization and existence of processing transactions. - Identification and timely reporting of security violations.
  76. 76. © 2015 Imperva, Inc. All rights reserved.
  77. 77. © 2015 Imperva, Inc. All rights reserved. SOX – Identify and Block Unauthorized Transactions
  78. 78. © 2015 Imperva, Inc. All rights reserved. – Measure and Report HIPAA  Technical Safeguards - Audit Controls. A covered entity must implement hardware, software, and/or procedural mechanisms to record and examine access and other activity in information systems that contain or use e- PHI. MAS  2.0.1, 2.0.5, 5.1.2, 5.1.7 (b, c, d, e, f, g, i) PCI  2, 6, 7, 10, 12 SOX  SOX 302, 404, 409 SOX COSO Monitoring Requirements - Centralized monitoring of security. - IT internal audit reviews on a periodic basis to verify that controls are operating effectively.
  79. 79. © 2015 Imperva, Inc. All rights reserved. – Report Privileged Operations 1. Create custom DB Audit report 2. Select source policies and define scope of report 3. Select data columns 4. Schedule Report PDF Report
  80. 80. © 2015 Imperva, Inc. All rights reserved. Protección de Bases de Datos - DBF 83 Soporte a: Oracle, Oracle Exadata, Microsoft SQL Server, IBM DB2 (on Linux, UNIX, Windows, z/OS and DB2/400), IBM IMS on z/OS, IBM Informix, IBM Netezza, SAP Sybase, Teradata, Oracle MySQL, PostgreSQL, y Progress OpenEdge
  81. 81. © 2015 Imperva, Inc. All rights reserved. Imperva Camouflage Data Masking Ing. Pablo López, Regional Sales Manager SOLA March 2016
  82. 82. © 2015 Imperva, Inc. All rights reserved. Overview Data Masking 1 Confidential85
  83. 83. Who has access to your data and why? Confidential86
  84. 84. © 2015 Imperva, Inc. All rights reserved. Data Driven Organization and Processes • Do you need “real” data to support the activity? • Is the risk and security cost associated with the sensitive data acceptable? • What are your alternatives? Hundreds of databases ⅹMillions of sensitive fields ⅹHundreds of users ⅹCompliance requirements ⅹData breech potential Excessive risk Confidential87 Things to consider
  85. 85. © 2015 Imperva, Inc. All rights reserved. Confidential88 "Data masking should be mandatory for enterprises using copies of sensitive production data for application development, analytics or training."
  86. 86. © 2015 Imperva, Inc. All rights reserved. Data Masking Eliminates Risk 1. Realistic fictional data maintains operational and statistically accuracy 2. Sensitive data is permanently removed 3. Security and compliance overhead are reduced Confidential89 BEFORE AFTER Name SSN Salary Smith 123-21-9812 77,000 Patel 992-43-3421 83,500 Name SSN Salary Young 531-51-5279 79,250 Lopez 397-70-0493 81,250
  87. 87. © 2015 Imperva, Inc. All rights reserved. Separate Use Cases: Non-production and Production Data Confidential90 Dynamic Masking • Alters original data in transit • Role/user based masking rules • Protects production data in use • Requires fine-grained tuning • Does not protect data at rest • Impacts system performance • Temporary • Risk of corruption Static Masking • Does not alter original data • Masks data for non-production systems • Realistic representation of source data • Maintains referential integrity • Repeatable process to ensure operational and statistical accuracy • Protects data at rest, in transit and in use • No impact on production system • Permanent, non-reversible process • Zero risk of source data corruption
  88. 88. © 2015 Imperva, Inc. All rights reserved. Manage and Report • Analysis and compliance reporting – Before & After – generated with each run* – Impacted Object – Historical Project Run – Project Configuration Report • Export to BI tools or Excel • Reuse search configurations, filters and projects files • Configurable multi-threaded database refresh • Tiered security settings Confidential91
  89. 89. © 2015 Imperva, Inc. All rights reserved. File Security Ing. Pablo López Regional Sales Manager SOLA March 2016
  90. 90. © 2015 Imperva, Inc. All rights reserved. File Data Confidential93
  91. 91. © 2015 Imperva, Inc. All rights reserved. File Data is Pervasive and Growing • Distributed broadly across organizations, access not centrally managed – Unstructured data accounts for 80% of an organization’s information – Growing at 10x the rate of structured data Confidential94 “The unstructured data held by enterprises continues to grow at an explosive rate. Security controls for unstructured data have failed to keep pace, and the result is serious enterprise risk exposure.”
  92. 92. © 2015 Imperva, Inc. All rights reserved. File Data is Subject to Regulations • What challenges do organizations face? 95 Maintaining an audit trail Assuring least-privilege access Reporting for compliance purposes Enforcing separation of duties “As the controls around structured data stores have improved, auditors are now increasingly concerned with the difficulty of identifying and reporting on unstructured data stores.”
  93. 93. © 2015 Imperva, Inc. All rights reserved. Secure Sphere File Activity Monitoring Confidential96 Comprehensive rights management Monitor and audit activity Dynamic Access Controls  Automate rights reviews  Visibility into data ownership, user access rights and excessive rights  File access control policies  Alert or block on unwanted activity  Monitor file activity in real-time  Detailed auditing of file operationsSecureSphereFileActivityMonitor Reporting and analytics  Interactive audit analytics to identify trends and patterns in file activity  Document compliance with regulations
  94. 94. © 2015 Imperva, Inc. All rights reserved. Management Server (MX) Sys Admin Imperva Agent Network Monitoring FAM Deployment Options Confidential 97 Inline or Non-inline, Physical or Virtual, Network or Agent Users NAS File Servers
  95. 95. © 2015 Imperva, Inc. All rights reserved. CounterBreach Ing. Pablo López Regional Sales Manager SOLA March 2016
  96. 96. People are the WEAK LINK Confidential99
  97. 97. MaliciousCarelessCompromised
  98. 98. © 2015 Imperva, Inc. All rights reserved. THE SOLUTION Confidential101
  99. 99. © 2015 Imperva, Inc. All rights reserved. Confidential102 How do I respond QUICKLY if not? Exactly WHO Is accessing my data? ? Truly Detecting and Containing Breaches Requires Addressing All OK? Is the access
  100. 100. © 2015 Imperva, Inc. All rights reserved. BLOCK / QUARANTINE BLOCK / QUARANTINE Breach Detection Solution Confidential103 LEARN AND DETECTMONITORMONITOR
  101. 101. Confidential104
  102. 102. CounterBreach User Interface Behavior machine learning Visibility Contain and Investigate Deception Imperva SecureSphere LEARN AND DETECT BLOCK / QUARANTINE MONITOR Imperva SecureSphere Databases and Files
  103. 103. CounterBreach User Interface Machine Learning Visibility Contain and Investigate LEARN AND DETECT BLOCK / QUARANTINE MONITOR Imperva Skyfence Imperva Skyfence Skyfence performs its own anomaly detection and forwards incidents to CounterBreach SaaS Apps
  104. 104. Confidential107 John, DBA DBA Team Day 1 Day 3 Day 5 Day 7 John accesses 10 patient records. John accesses 40 patient records. John accesses 15 patient records. John accesses 3,000 patient records. DBA team members access 20 patient records. DBA team members access 15 patient records. DBA team members access 35 patient records. DBA team members access 25 patient records. Patient Records
  105. 105. © 2015 Imperva, Inc. All rights reserved. Behavior: Develop a Baseline of User Data Access Confidential108 PCI Database Who is connecting to the database? How do they connect to the database? Do their peers access data in the same way? When do they usually work? What data are they accessing? How much data do they query?
  106. 106. © 2015 Imperva, Inc. All rights reserved. CounterBreach • Profiles users that interact with data • It learns user data access, and creates a baseline based on many attributes – Uses machine learning • Alerts when users significantly change behavior • Use case: security – data breach prevention Confidential109
  107. 107. © 2015 Imperva, Inc. All rights reserved. Imperva Skyfence Ing. Pablo López Regional Sales Manager SOLA March 2016
  108. 108. © 2015 Imperva, Inc. All rights reserved. Market Overview 111 Customer-facing Applications Moving to IaaS or PaaS providers Employee-facing Applications are SaaS and Cloud Apps Traditional Data Center
  109. 109. © 2015 Imperva, Inc. All rights reserved. About Imperva Skyfence • What does Imperva Skyfence do? – Enable organizations safe and productive use of corporate SaaS applications • Why is it relevant? – The cloud app trend has created a visibility and control blind spot for IT that cannot be addressed by traditional security • Imperva – Protecting data and apps – Only leader in Gartner Magic Quadrant for Web Application Firewalls (WAF) for two consecutive years – Top-ranked in Forrester Wave Report for DDoS Service Providers, Q3 2015 – 4000+ customers in 75+ countries 112
  110. 110. © 2015 Imperva, Inc. All rights reserved. Current Solutions Are Insufficient for Securing Cloud Apps & Data 113 Corporate Employees, Mobile Workers and Hackers Cloud Applications No visibility into who is using what apps No way to assess and prioritize cloud app risks Unable to monitor and analyze all activity No endpoint control capabilities for cloud apps Cloud apps are a prime target for hackers and malicious insiders – data exfiltration
  111. 111. © 2015 Imperva, Inc. All rights reserved. Visibility and Control for Cloud Applications - Skyfence CASB 114 Corporate Employees, Mobile Workers and Hackers Detect anomalies & prevent account takeover attacks Discover “Shadow IT” apps & assess risk Identify admins and inactive, external, & orphaned users CloudAudit & Protection (Proxy-based)Cloud Discovery & Governance (API-based) Enforce risk-based MFA Basic view of cloud activity logs Control sensitive data with DLP policies Prevent data proliferation to unmanaged devices Centrally assess data and security configuration settings SIEM enablement Real-time, comprehensive activity monitoring Cloud Applications (5000+ apps)
  112. 112. © 2015 Imperva, Inc. All rights reserved. Customer Use Cases for Skyfence Cloud Security Gateway 115 Secure Office 365 Users • BYOD access control • Monitoring activity: Exchange, Skype, OneDrive, SharePoint and Yammer • Prevent account takeovers • Data leak prevention Control Collaboration & File Sharing • Prevent data leaks • Comply with regulations • Control how sensitive data is shared Manage AWS Console Users • Monitor AWS admins • Block/control high-risk actions • Prevent account takeovers Secure Salesforce Accounts • Monitor and alert on anomalous activity • Prevent account takeovers • Identify dormant accounts and access by ex-employees • Benchmark configurations

×