Thwart Insider Threats with Machine Learning [Infographic]

Potentially the most lethal kind of threat to an organization’s security, insider threats can pose risks as significant as—if not more than—external attacks. Because insiders are granted trusted access to sensitive data, these threats often fly under the security radar. By examining how users...

Top 5 GDPR Myths: Get the Facts

The General Data Protection Regulation GDPR has been garnering much attention since its formal adoption in April 2016. With the effective date of May 25, 2018 fast approaching, some popular myths have emerged surrounding the regulation. In this blog post, we’ll examine and debunk a few of the mos...

What’s Next for Ransomware: Data Corruption, Exfiltration and Disruption

Ransomware’s popularity continues to skyrocket, due to its successful business model and the significant profit paid by its victims. Unlike other malware business models – where attackers steal data and then sell it on the darknet; hackers who utilize ransomware as their attack vector receive...

Dynamic Application Profiling: What It Is and Why You Want Your WAF to Have It

Because web applications are unique, they have distinct structures and dynamics, and – unfortunately – different vulnerabilities. A web application security device, therefore, must understand the structure and usage of the protected applications. Depending on the complexity of the protected...

Database Activity Monitoring: A Do’s and Don’ts Checklist for DBAs

In a previous post, we looked at the limitations of native audit, the free tool often used by database administrators DBAs for logging database activity. While it has its appeal—it’s already part of the database server and does not require additional cost for third-party appliances or...

Native Auditing Tools – Performance, Cost, and Compliance Issues

As we covered in a previous post, data-centric security measures need to be implemented to meet compliance requirements and protect against complex, ever-evolving attacks. There are two primary approaches to implementing these measures: Native auditing, which uses a database server's built-in too...

Why Care About Data-Centric Security?

It’s no surprise that data breaches are evolving and becoming increasingly more complex. According to the Verizon 2017 Data Breach Investigation Report, data breaches are “complex affairs often involving some combination of human factors, hardware devices, exploited configurations or malicious...

3 Steps to Protecting Sensitive Data

Cyber criminals, compromised insiders, malicious users, hacktivists. It seems like everyone is getting in on the threat game. In fact, despite efforts to prevent them, last year the U.S. experienced a 40% increase in data breaches according to a report by the Identity Theft Resource Center and...

Get a Single View of WAF Events with the Imperva AppSecurity View App for Splunk Enterprise

Enterprises are adopting a hybrid infrastructure model to take advantage of rapid deployment of cloud-based services and higher computing power. A compilation of analyst predictions by SecureWorks, shows that the cloud continues to gain momentum as organizations embrace and benefit from new ways ...

Shortening Your DCAP Short List: Five Critical Things to Consider for a Data-Centric Audit and Protection Solution

Exponential data growth. You’ve heard it many times before, but it’s still the most accurate way to describe the enormous and growing amount of data that businesses generate and collect today. It’s this growth that is driving today’s enterprises to revisit their strategies for data security and...

The Successful CISO: Tips for Paving the Way to Job Security

Seasoned CISOs know that failure to plan past a two-year window is dangerous—to both their company and their job security. But it’s all too common for many security strategies to look only two years out. Imperva CISO Shahar Ben-Hador has been with Imperva for eight-and-a-half years—the last...

Why You Need a Database Audit Trail

Your ability to answer very detailed questions about what’s going on in your organization’s databases can make or break a compliance audit or security investigation. Aside from the obvious need for this information in the event of a breach, it’s also important because government, financial, and...

Hot on the Credential Theft Trail: Tracking a Hacker from a Dropbox Phishing Campaign

We the Imperva Defense Center research team frequently investigate cases of credential theft to gain a deeper understanding of methods and tools used by cyber criminals—in particular, to learn how accounts are taken over once credentials are compromised through phishing campaigns. We recently cho...

Understanding the Capacity Management Challenges of Database Monitoring Solutions

Database monitoring requires hardware resources such as storage space and processing power that can withstand the volume of database usage in your organization. A higher usage volume will require more resources. So how can you optimize the resources used by your database monitoring solution? Do y...

We asked 170 cyber security pros about ransomware. Here’s what they had to say.

The first week of January, my daughter called to say she couldn’t get into her college website to make changes to her spring schedule. Assuming servers were probably struggling to keep up with increased traffic, I told her to keep trying. However, it soon became apparent what the issue was. An...

Get Going on Your GDPR Plan [Infographic]

General Data Protection Regulation GDPR enforcement begins May 2018. Are you ready? While enforcement may seem a way off, you don’t want to get derailed by last-minute planning efforts. Organizations should revisit their security and compliance strategies today to ensure they’re prepared to meet...

GDPR Series, Part 4: The Penalties for Non-Compliance

In the first three parts of this series, we covered the GDPR basics: who is subject to the GDPR requirements, what rules require data protection technology, and how you can start preparing your organization for the regulation. In this final installment, we will cover what happens when you are not...