Actu
Imperva Announces General Availability of Imperva CounterBreach
April 2016 by Coline Magne
Imperva announced the general availability of Imperva CounterBreach. The solution applies advanced behavioral analysis and deception technology to identify and help contain insider threats.
By isolating insider threat incidents from the sea of data access anomalies that occur every day, CounterBreach enables IT organizations to prioritize and focus on the incidents that ultimately lead to large-scale data breaches.
In a related announcement, the Imperva March Hacker Intelligence Initiative Report, published today by the Imperva Defense Center, provides an in-depth analysis of insider threat incidents detected by CounterBreach in live production environments.
To identify malicious, compromised and careless insiders, organizations need to have visibility into who is accessing enterprise data, understand if that access is legitimate and respond immediately if it is not. CounterBreach combines machine learning-based behavioral analysis and deception technology to make such identifications. Behavioral analysis baselines typical user actions and data access, and identifies risky actions that are outside of the norm. Deception technology identifies anomalies indicative of compromised end-points and user credentials.
This multi-layered approach enables security teams to detect critical anomalies in the access and use of enterprise data with a high degree of accuracy, significantly reducing false positives. This saves time, enabling IT to focus only on the most critical incidents.
Tested in live production environments, CounterBreach flagged insider threat incidents in 100 percent of these deployments. Examples included a database administrator abusing his rights as a privileged user to retrieve an unusually high number of financial records from a PeopleSoft application, and a careless user who was unintentionally backing up sensitive enterprise data to a personal cloud storage service. CounterBreach quickly pinpointed the insider threat, enabling each IT organization to take immediate action and stop the threat in its tracks.
CounterBreach integrates with Imperva SecureSphere database and file security solutions and Imperva Skyfence cloud access security broker to pinpoint critical anomalies that indicate misuse of enterprise data across databases, file servers and cloud apps.
