Search Imperva Community for
Hello Imperva Community –We are looking forward to our Ask Me Anything (AMA) session on Thursday, October 29th, 2020 from 10:00 – 11:00 AM CT featuring @Abhishek Gupta, Sr. Technical Account Manager, @Jaired Anderson, Principal Consultant, and @Peter Klimek, Director of Technology within the Office of the CTO. Our experts will be answering any and all of your AppSec questions - including insights on working behind the scenes at Imperva, including discussing how Imperva finds and manages new threats, sharing best practices and tips to securing workloads, and what's coming on the horizon (that we can share). Event Instructions:
However, from the portal itself. You can definitely do what it comes with the attack analytics and it does give you information. They have beautiful insights, which is much helpful in fine tuning advanced configuration which is much intelligence. How do you match your, your configuration that is where the answers come for insights.
Second thing you can take an attack index and create a PDF outcome. Now we understand and I want to be more open, there is a need for scheduling certain reports. There are a weekly reports for account that comes from the system. They have very good insights, but they are weekly and not on demand. The UI reporting that we are talking about is coming in Q1.
You can use the API to get data there is incaps CLI AND SOME GitHub tools available. These are very helpful to get data outside the portal. This is very helpful when you want to report ad hoc see original talking ad hoc. You can do it anytime you want. So just use an API and use the AP automation.
Also, you can create your own reporting using using API. So if you have any tool that takes API and get ingest the data to report, it's it's there for you. So the option with API are limitless.
As soon as we can get the data outside the system, the better because that just opens up a world of opportunity. Sending the data to S3 through the SIEM integration. We love that because effectively. It just makes everything very open and you can use any other query engine that you want to be able to query it. One thing that we are seeing a much more commonly use people dumping the data into S3 and then using tools like AWS Athena, to be able to actually go and query the data directly. This means you don't actually have to send it to a SIEM. But at the same time, I will also say there's pretty much no reason not to have a SIEM at this point, considering you can go and stand up an instance of elastic search for free.Very inexpensively, or even just pay some for something like elastic cloud or there is plenty of other services that have very low cost entry types of services and frankly the value that we see from having it integrating all of the other solutions. It's worth the time to be able to do it.
or Contact Us
Copyright @ 2019 Imperva. All rights reserved