Imperva adds risk assessment tool to its database protection

Imperva is adding risk assessment to its SecureSphere database-security platforms in an effort to make it simpler to protect the most sensitive corporate data.

The new SecureSphere Discovery and Assessment Server finds all database servers in the network, classifies data according to its sensitivity as defined by the customer and points out vulnerabilities on the servers involved.

This automated process saves time over doing it manually so customers can take quicker action to better protect that data found to be at risk. The assessment results detail the vulnerabilities found, such as unpatched systems or default passwords that have been left unchanged. Imperva competes against Guardian and Lumigent Technologies among other vendors.

The new server can sort data it gathers by server or by type of data to facilitate audit reporting. For example, it could locate all credit card data regardless of where it is stored and include that information as part of a Sarbanes-Oxley report, the company says.

The software includes a graphical user interface called Risk Explorer that color codes servers by severity of risk. Clicking on server icons allows users to drill down to find details about them. A workbench tool lets users correct vulnerabilities by changing default passwords, for example.

Pricing for Discovery and Assessment Server starts at $12,500 for the device and a license to assess 25 databases. It is expected to be available by mid-year.

Imperva is also repackaging its existing line of products as SecureSphere Data Security Suite, which consists of the formerly separate SecureSphere products Web Application Firewall, Database Firewall, Database Activity Monitoring, MX Management Server and the new Discovery and Assessment Server. Previously, the components were sold separately.

The suite is expected to be available by mid-year and pricing starts at $50,000.