Call a Specialist Today! 800-886-5369

Imperva ADC Insights
Accelerate SAP, Oracle EBS, and PeopleSoft Compliance and Security Efforts

 

Overview:

ADC Insights are specialized solutions developed by the Imperva Application Defense Center (ADC) to address specific customer problems. ADC Insights save time and increase operational effectiveness by delivering pre-defined audit rules, vulnerability assessments, table structure awareness, and graphical reports for enterprise applications and compliance mandates. Using ADC Insights, SecureSphere customers can enhance the security and visibility of their SAP, Oracle E-Business Suite and PeopleSoft applications.

Powered by the research of the Imperva Application Defense Center (ADC), Imperva ADC Insights offer unparalleled knowledge of enterprise applications and regulatory mandates that cover them. ADC Insights combine database assessments, configuration settings, policies, and packaged reports for each application.

Database Security

Key Capabilities :

  • Pre-packaged, continuously updated awareness of key enterprise applications including sensitive data locations, vulnerabilities and compliance risks
  • Out-of-the-box security and audit policies enforce core compliance requirements
  • Vast library of pre-defined reports for key regulations and security best practices

Features:


Pre-Package Knowledge of Enterprise Applications Data Structures

ADC Insights pre-packaged database structure understanding enables SecureSphere to instantly know where data is stored, which data is sensitive, and what constitutes normal usage. ADC Insights are continuously and automatically updated with new auditing knowledge from the Imperva ADC.

Targeted Assessments, Policies for Compliance and Security Risks

ADC Insights include automated assessments for applications, databases, and operating systems for potential compliance deficiencies and security risks. Out-of-the-box rules and policies specific to the targeted business risks enforce access control policies (for example, separation of duties for SOX within Oracle EBS).

Out-of-the-Box Reporting

The ADC Insights for SOX, PCI, HIPAA and enterprise applications together provide more than 250 detailed and graphical reports that clearly identify risks and measure IT compliance against regulatory policy.

Spend Less Time Preventing Data Abuse

ADC Insights saves you time by automating user behavior profiling. Dynamic Profiling, a part of ADC Insights, allows for ease of policy configuration, detection of behavioral changes, and flexible custom policy definition for automated and accurate data security.

Broad Support for Leading Enterprise Applications

ADC Insights packages for SAP, Oracle E-Business Suite, and PeopleSoft provide in-depth knowledge of market-leading applications. In addition, an innovative Dynamic Profiling capability enables SecureSphere products to automate security and policy configuration for all other packaged and custom business applications.

Oracle E-Business Suite (EBS) Insights:

Security and Compliance Solutions for Oracle EBS

Solving the Most Challenging Oracle EBS Requirements
Oracle applications process an organization’s most critical information: financial data, cardholder data, and sensitive and private data. Strained resources cause most IT departments to operate with inadequate audit and security coverage, even for their most critical business applications such as Oracle E-Business Suite (EBS) applications. Despite being extensively tested by developers and users, these applications are susceptible to many vulnerabilities and exploits. In addition, much of the data managed by EBS applications falls within the scope of regulatory and industry mandates like Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS). The result is that mission critical EBS applications and associated databases must be audited and protected.

Oracle EBS Insights provide customers with dedicated Oracle EBS content to keep their Oracle EBS security and compliance up-to-date.

  • Audit Rules and Custom Security Rules – Best practice guidelines
  • Assessments – Complete picture of the Oracle EBS configuration
  • Table groups – In depth knowledge of EBS data structure
  • Reports – Oracle EBS-specific audit, alert, and security reports and templates

SecureSphere Advantage

SecureSphere solutions protect Oracle EBS as well as any Web applications and databases from external attack, privilege abuse, data theft, and data leakage. The SecureSphere family of security appliances incorporates patent pending technologies that speed deployment, reduce operational costs, and enhance security.

  • Dynamic Profiling automatically creates database usage profiles and granular security policies that can be enforced to help prevent abuse/misuse of data.
  • Universal User Tracking empowers organizations to audit user access to data by tracking database transactions back to individual Web users.
  • Transparent Inspection analyzes application logic and data usage with zero changes to applications, databases, and other network infrastructure.
  • Correlated Attack Validation correlates multiple sources of information over time and across layers to accurately identify malicious activity.
  • Unified, Centralized Management enables businesses to configure, update, and monitor both Web and database deployments through a single, browser-based user interface.

Most importantly, with SecureSphere organizations can rest assured that their Oracle EBS applications and databases are secure and compliant.

Oracle EBS Insights

Imperva’s Oracle EBS Insights allow organizations to access a body of knowledge and tools to accelerate every step of a complete security and compliance solution. With Oracle EBS Insights, organizations can tap into the precise pieces of expertise they need. Oracle EBS Insights include detailed assessments, rules, policies, alerts and report templates instantly providing organizations with a detailed map of the Oracle EBS application. Assessments show all the areas of risk and sensitive data in the application and allow an organization to gain an in-depth understanding about the current risk posture of their Oracle EBS implementation. With rules and policies for sensitive areas of EBS, organizations can put the necessary access monitoring and restrictions in place and alert administrators when these rules and policies are not followed. With the appropriate reports and templates, administrators can get measurements on ongoing policy enforcement and security in the application.

Oracle EBS Audit Rules and Custom Security Rules

Audit and Custom Security Rules set the audit and protection parameters in the environment, including rules to capture access to financial tables and activity in the control (Foundation) tables. These include best practice guidelines that should be followed to ensure that the Oracle EBS system is accessed only in an authorized and secure fashion.

Oracle EBS Assessment Policies

Assessment Policies and individual tests evaluate the Oracle EBS implementation to show areas of potential risk and security holes. Assessments allow administrators to examine the overall posture of their EBS application.

Oracle EBS Table Groups

Table groups allow administrators to isolate the sensitive areas in Oracle EBS by area of interest. Oracle EBS Insights identify which tables contain various categories of sensitive information in Oracle EBS databases, including financial information, credit card information and foundation tables that affect overall system integrity.

Oracle EBS Audit and Alert Reports and Templates

Alerts, reports and report templates allow administrators to find out about the activities occurring in their environment on a timely basis and to react appropriately. EBS-specific reports focus on the activity occurring in the sensitive financial and control objects and any suspicious activity alerts for these objects. Templates allow for the easy customization of reports to serve technical, executive and auditor level audiences as appropriate.

SAP Insights:

Security and Compliance Solutions for SAP

Solving the Most Challenging SAP Requirements
SAP applications process an organization’s most critical information: financial data, cardholder data, and sensitive and private data. Strained resources cause most IT departments to operate with inadequate audit and security coverage, even for their most critical business applications such as SAP applications. Despite being extensively tested by developers and users, these applications are susceptible to many vulnerabilities and exploits. In addition, much of the data managed by SAP applications falls within the scope of regulatory and industry mandates like Sarbanes- Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS). The result is that mission critical SAP applications and associated databases must be audited and protected.

SAP Insights provide customers with dedicated SAP content to keep their SAP security and compliance up-to-date.

  • Audit Rules and Custom Security Rules – Best practice guidelines
  • Assessments – Complete picture of the SAP configuration
  • Table groups – In depth knowledge of SAP data structure
  • Reports – SAP-specific audit, alert, and security reports and templates

SecureSphere Advantage

SecureSphere solutions protect Oracle EBS as well as any Web applications and databases from external attack, privilege abuse, data theft, and data leakage. The SecureSphere family of security appliances incorporates patent pending technologies that speed deployment, reduce operational costs, and enhance security.

  • Dynamic Profiling automatically creates database usage profiles and granular security policies that can be enforced to help prevent abuse/misuse of data.
  • Universal User Tracking empowers organizations to audit user access to data by tracking database transactions back to individual Web users.
  • Transparent Inspection analyzes application logic and data usage with zero changes to applications, databases, and other network infrastructure.
  • Correlated Attack Validation correlates multiple sources of information over time and across layers to accurately identify malicious activity.
  • Unified, Centralized Management enables businesses to configure, update, and monitor both Web and database deployments through a single, browser-based user interface.

Most importantly, with SecureSphere organizations can rest assured that their Oracle EBS applications and databases are secure and compliant.

SAP Insights

Imperva’s SAP Insights allow organizations to access a body of knowledge and tools to accelerate every step of a complete security and compliance solution. With SAP Insights, organizations can tap into the precise pieces of expertise they need. SAP Insights include detailed assessments, rules, policies, alerts and report templates instantly providing organizations with a detailed map of the SAP application. Assessments show all the areas of risk and sensitive data in the application and allow an organization to gain an in-depth understanding about the current risk posture of their SAP implementation. With rules and policies for sensitive areas of SAP, organizations can put the necessary access monitoring and restrictions in place and alert administrators when these rules and policies are not followed. With the appropriate reports and templates, administrators can get measurements on ongoing policy enforcement and security in the application.

SAP Audit Rules and Custom Security Rules

Audit and Custom Security Rules set the audit and protection parameters in the environment, including rules to capture access to financial tables. These include best practice guidelines that should be followed to ensure that the SAP system is accessed only in an authorized and secure fashion.

SAP Table Groups

Table groups allow administrators to isolate the sensitive areas in SAP by area of interest. SAP Insights identify which tables contain various categories of sensitive information in SAP databases, including financial information, credit card information, accounting information, SAP metadata, and SAP tables that affect overall system integrity.

SAP Assessment Policies

Assessment Policies and individual tests evaluate the SAP implementation to show areas of potential risk and security holes. Assessments allow administrators to examine the overall posture of their SAP application.

SAP Audit and Alert Reports and Templates

Alerts, reports and report templates allow administrators to find out about the activities occurring in their environment on a timely basis and to react appropriately. SAP-specific reports focus on the activity occurring in the sensitive financial SAP objects and any suspicious activity alerts for these objects. Templates allow for the easy customization of reports to serve technical, executive and auditor level audiences as appropriate.

Peoplesoft Insights:

Security and Compliance Solutions for PeopleSoft

Solving the Most Challenging PeopleSoft Requirements
PeopleSoft applications process an organization’s most critical information: financial data, cardholder data, sensitive data, and private data. Strained resources cause most IT departments to operate with inadequate audit and security coverage, even for their most critical business applications such as PeopleSoft applications. Despite being extensively tested by developers and users, these applications are susceptible to many vulnerabilities and exploits. In addition, much of the data managed by PeopleSoft applications fall within the scope of regulatory and industry mandates like Sarbanes- Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI DSS). The result is that mission critical PeopleSoft applications and associated databases must be audited and protected.

PeopleSoft Insights provide customers with dedicated PeopleSoft content to keep their PeopleSoft security and compliance up-to-date.

  • Audit Rules and Custom Security Rules – Best practice guidelines
  • Assessments – Complete picture of the PeopleSoft configuration
  • Table groups – In depth knowledge of PeopleSoft data structure
  • Reports – PeopleSoft-specific audit, alerts, security reports and templates

SecureSphere Advantage

SecureSphere solutions protect PeopleSoft and other Web applications and databases from external attack, privilege abuse, data theft, and data leakage. The SecureSphere family of security appliances incorporates patent pending technologies that speed deployment, reduce operational costs, and enhance security.

  • Dynamic Profiling automatically creates database usage profiles and granular security policies that can be enforced to help prevent abuse/misuse of data.
  • Universal User Tracking empowers organizations to audit user access to data by tracking database transactions back to individual Web users.
  • Transparent Inspection analyzes application logic and data usage with zero changes to applications, databases, and other network infrastructure.
  • Correlated Attack Validation correlates multiple sources of information over time and across layers to accurately identify malicious activity.
  • Unified, Centralized Management enables businesses to configure, update, and monitor both Web and database deployments through a single, browser-based user interface.

Most importantly, with SecureSphere organizations can rest assured that their PeopleSoft applications and databases are secure and compliant.

PeopleSoft Insights

Imperva’s PeopleSoft Insights allow organizations to access a body of knowledge and tools to accelerate every step of a complete security and compliance solution. With PeopleSoft Insights, organizations can tap into the precise pieces of expertise they need. PeopleSoft Insights include detailed assessments, rules, policies, alerts and report templates instantly providing organizations with a detailed map of the PeopleSoft application. Assessments show all the areas of risk and sensitive data in the application and allow an organization to gain an in-depth understanding about the current risk posture of their PeopleSoft implementation. With rules and policies for sensitive areas of PeopleSoft, organizations can put the necessary access monitoring and restrictions in place and alert administrators when these rules and policies are not followed. With the appropriate reports and templates, administrators can get measurements on ongoing policy enforcement and security in the application.

PeopleSoft Audit Rules and Custom Security Rules

Audit and Custom Security Rules set the audit and protection parameters in the environment, including rules to capture access to financial tables. These include best practice guidelines that should be followed to ensure that the PeopleSoft system is accessed only in an authorized and secure fashion.

PeopleSoft Table Groups

Table groups allow administrators to isolate the sensitive areas in PeopleSoft by area of interest. PeopleSoft Insights identify which tables contain various categories of sensitive information in PeopleSoft databases, including financial information, credit card information, accounting information, PeopleTools objects, and PeopleSoft tables that affect overall system integrity.

PeopleSoft Assessment Policies

Assessment Policies and individual tests evaluate the PeopleSoft implementation to show areas of potential risk and security holes. Assessments allow administrators to examine the overall posture of their PeopleSoft application.

PeopleSoft Audit and Alert Reports and Templates

Alerts reports and report templates allow administrators to find out about the activities occurring in their environment on a timely basis and to react appropriately. PeopleSoftspecific reports focus on the activity occurring in the sensitive financial PeopleSoft objects and any suspicious activity alerts for these objects. Templates allow for the easy customization of reports to serve technical, executive and auditor level audiences as appropriate.