[ news_security_news ]
Imperva Included In Yankee Group's Winners Category
SecurityProNews
Staff Writer
2004-09-16
 Insider Reports RSS Feed
Imperva today announced that Yankee Group included the company in the "Winners" category, along with three other Web application gateway vendors, in a report entitled "Application Gateways Secure Business Communications."
The report, by Eric Ogren, Senior Analyst, Security Solutions & Services at the Yankee Group, highlights Imperva's approach to protecting web and database applications as a key differentiator for its SecureSphere line of products.
"Imperva takes a holistic view of application security in protecting internal and external access to Web interfaces, application servers and database servers. Imperva examines all communications to the application environment, making decisions based on type of access and the risk of inadvertent disclosure of proprietary information," said Eric Ogren in the August 2004 report. "Imperva's solution excels at securing entire application environments."
"Earning a place on the winner's block with Yankee Group is confirmation of market traction for us," said Shlomo Kramer, CEO of Imperva Inc. "Our unique approach to automatically securing the entire application layer from the inside out has met with substantial demand from enterprises who want total application security with minimal ongoing management."
SecureSphere's Total Application Security is based on Dynamic Profiling, which creates a baseline of expected behavior to enable detection and blocking of attempted security breaches. Because application environments are highly dynamic, persistent learning technologies constantly update profiles to reflect recent changes without requiring manual tuning.
SecureSphere's Dynamic Web Firewall protects the application's external Web interface based upon the Web elements of the Dynamic Profile. These Web elements include legitimate URLs, HTTP methods, parameters, cookies, response codes and hidden fields, among others. Based upon this understanding of normal user interactions with the Web server, the Dynamic Web Firewall is able to prevent attacks targeting all of the most pervasive application vulnerabilities.
SecureSphere's Dynamic Database Firewall relies on the database elements of the Dynamic Profile to detect unusual database queries of any kind. Database elements include legitimate SQL queries, valid IP addresses per SQL query, valid user names per SQL query, and more. The database firewall prevents direct unauthorized queries from internal sources. SecureSphere's Correlated Attack Validation algorithms can correlate database firewall violations with Web firewall violations to deliver overall system accuracy that is not possible by Web or Database firewalls working independently.
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
