Imperva Cyber Community

Expand all | Collapse all

Integration with Imperva SecureSphere api question

  • 1.  Integration with Imperva SecureSphere api question

    Posted 06-01-2020 04:03
    dears,

    My client have  Imperva SecureSphere and wants a script to Initiate an action to restrict user activity on DB using it's api documentation. I can see in the documentation calls like creating a new policy and applying it to service but the request body is not documented so I can't alter it's fields properly.

    My question is which calls should I use and how can I alter the request body if this action applicable through the api.

    Regards,
    #DatabaseActivityMonitoring

    ------------------------------
    abdo yousri
    ------------------------------


  • 2.  RE: Integration with Imperva SecureSphere api question

    Imperva Employee
    Posted 06-01-2020 14:18
    I'm not clear on your question.  

    Do you want to add an identified user to a list of "limited users" through our API when they meet some external criteria?  

    Or do you want Imperva to identify the user action (touching a certain table, taking more than 100,000 rows of data, etc.) and then put a restriction in place?  (block the IP, terminate the session, etc.) and create this through the API?

    Or do you want to call an outside API through a script as a followed action when the user does some activity?

    Jim

    ------------------------------
    Jim Burtoft
    Imperva
    PA
    ------------------------------



  • 3.  RE: Integration with Imperva SecureSphere api question

    Posted 06-01-2020 23:08
    Thanks Jim for your answer.

    We want to do the first choice. We have another solution (SOAR platform) and we want to give the admin the capability to block users on SecureSphere from our SOAR platform. My understanding now is that we should create a list of limited users on SecureSphere then just add users to it  through the api. Please correct me if I am wrong.

    Thanks and Regards,

    ------------------------------
    abdo yousri
    ------------------------------



  • 4.  RE: Integration with Imperva SecureSphere api question

    Imperva Employee
    Posted 06-02-2020 13:34
    Check out the API_lookup_dataset.txt in the example files zip at 
    https://github.com/imperva/imperva-web-api-composer/blob/master/src/assets/CURL_API_Samples_SecureSphere.zip

    That will give you some examples of the API calls to add to a lookup set.  You can then use the lookup set in your policy, like this:

    Also, if you are pulling the information from an external repository like LDAP, you can look at our Data Enrichment policies to avoid the API completely.

    Jim


    ------------------------------
    Jim Burtoft
    Imperva
    PA
    ------------------------------