Hello all,
I am new to Imperva DAM solution however, i have good experience in other cyber security domains. for out client we have purchased Imperva DAM solution to secure couple of SQL database servers. my challenge is that i am new to database security and don't know much on creation of security and audit policies. we have identified few use cases around which we want to build our policies.
If anyone from community can help me answer few question around deployment which can ensure security of databases that will be great.
1) Since we do not have UAT and prod SQL servers ready, is it possible to move with creation of policy without ingestion of data?
2) Is data classification required before we can even configure the policies?
3) From below use cases, are there out-of-the-box policies that can be used? if yes can anyone help me map those policies?
a) Perform automated data discovery and classification;
b) Detect query errors or an increase in query error rates;
c) Detect new query statements;
d) Determine source program used to query the database;
e) Detect specific records being access (e.g. accessing honey token);
f) Detect query statements that evade detection;
g) Limit the amount of data returned from each database query;
h) Analyze and block (in real-time) all malicious database transaction;
i) Detect anomalies in database activity;
j) Enforcement of database security policy compliance
Thanks in advance!
#DatabaseActivityMonitoring------------------------------
[Karl] [barg]
------------------------------