Imperva, Inc., (@Imperva) the cybersecurity leader whose mission is to help organizations protect their data and all paths to it, introduces the Imperva Snapshot™ service, a free, fast and easy-to-use cloud data security posture assessment for Amazon Relational Database Service (Amazon RDS) managed databases. New patent-pending technology identifies infrastructure and database misconfigurations and performs vulnerability assessments and data classification through a data-aware technique, which does not rely solely on the available cloud vendor Application Programming Interfaces (APIs). Security, compliance, risk, and privacy teams need visibility into the security and risk posture of their managed cloud databases to identify, assess and address their overall data security posture and degree of exposure to data breaches.
As more infrastructure and database installations are rapidly moved to the cloud and hosted environments, the onus of securing and monitoring that asset falls to the security team, not with the large providers and hosts as many assume. A shared responsibility model requires customers to be responsible for the security of their data. Many teams struggle with regular patch management while others lack the expertise to ensure a database is properly configured and in compliance. The Imperva Snapshot™ service can be deployed by a security team member of any experience level — including the most junior — in a manner of seconds, to analyze the sensitivity and security posture of the data and take action accordingly.
Privacy regulations and consumer expectations around the secure storage of their data continue to evolve. An Imperva Snapshot™ assessment lets teams quickly assess the status of their databases and the data stored, to identify non-compliance with privacy regulations as well as compliance requirements for cloud data stores. The Imperva Snapshot™ service also flags for sensitive data that may require additional action in response to a Data Subject Access Request (DSAR), where an individual asks a business about what personal information of theirs has been collected, stored, and used.
“Managed databases are one of the most popular cloud services, and quite often, those databases hold the most sensitive data of an organization,” says Elad Erez, Chief Innovation Officer, Imperva. “When not maintained properly, misconfigurations, bad practices, and vulnerable unpatched databases may put the data at risk. There are many posture assessments tools available, but most offer no context about the data, rely solely on the cloud vendor API, or are difficult to configure,” continued Erez. “This is why we created this cloud-native data-aware security posture service, delivered through a low-touch, zero configuration approach, which anyone can use in a manner of seconds, at no charge. This should help practitioners through their cloud migration journey, to get full visibility on which data they hold and its true data-aware security posture.”
The Imperva Snapshot™ service quickly assesses an organization’s Database-as-a-Service (DBaaS) for security risks and privacy compliance issues. The service enables teams to intermittently review their security and compliance status, providing visibility into sensitivity of the data, its classification, excessive privileges, configuration drifts, encryption issues and more.
The Imperva Snapshot™ service’s patent-pending technology uses a temporary restored copy of your database in an isolated sandbox environment, where all data stays within your own AWS account, enabling it to be production-safe service. In only a few minutes, you will have a tailored assessment report of your database instance in your email inbox.
The Imperva Snapshot™ service analyzes the data security posture of your Amazon RDS instances in these ways:
- Infrastructure posture assessment: Reviews AWS security configurations and cloud environment settings
- Database configuration assessment: Analyzes system tables, database roles, database user information, misconfigurations, and bad practices
- Vulnerability assessment: Identifies and catalogs database vulnerabilities according to publicly disclosed Common Vulnerability and Disclosures (CVEs)
- Data classification: Identifies sensitive content that may have a privacy impact
Imperva Data Security
Imperva® Cloud Data Security is a key component of Imperva® Data Security, which reduces the risk of a breach while enabling digital transformation. Imperva Data Security safeguards data on-premises by discovering sensitive data and monitoring all data activity delivered as software as a service (SaaS). It deploys in minutes, does not require installation, and provides actionable security insights.
Additional Information
- Interested in what is happening with data breaches? Read Imperva Research Labs’ Lessons Learned From Analyzing 100 Data Breaches report
- Learn how Imperva Database Security tools can provide visibility and protection for all data assets, whether on-premises or in the cloud
- Check out the Imperva Blog for the latest products and solutions news and threat intelligence from Imperva Research Labs
About Imperva
Imperva is the cybersecurity leader whose mission is to help organizations protect their data and all paths to it. Customers around the world trust Imperva to protect their applications, data and websites from cyber attacks. With an integrated approach combining edge, application security and data security, Imperva protects companies through all stages of their digital journey. Imperva Research Labs and our global intelligence community enable Imperva to stay ahead of the threat landscape and seamlessly integrate the latest security, privacy and compliance expertise into our solutions.