Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  USE CASES FOR DATABASE

    Posted 08-15-2021 08:02
    Hi Guys 
    Can anyone please send me the USE CASES for DATABASE monitoring as we are in the process of Implementing the DAM solution. 
    Thanks in Advance.
    Aleem
    #DatabaseActivityMonitoring

    ------------------------------
    Aleemuddin Mohammed
    Oracle Database Administrator
    ------------------------------


  • 2.  RE: USE CASES FOR DATABASE

    Posted 08-16-2021 09:37
    The quickest way to get up an running is to use the use cases built in to DRA.  These are predefined and will auto-tune based on the observed usage data.  See the documentation at 
    https://docs.imperva.com/bundle/v4.0-data-risk-analytics-user-guide/page/63485.htm
    for a list.

    You can check with your auditing/compliance team because they may have compliance based requirements (for example, SOX may require the auditing of any changes to particular tables).

    You can also review the policy criteria for things that you may want to monitor.  Examples include:  SQL Exceptions, user and privilege management, questionable operations, Non DBA priv ops, etc.

    Jim

    ------------------------------
    Jim Burtoft (Prm)
    SE
    State College PA
    ------------------------------



  • 3.  RE: USE CASES FOR DATABASE

    Posted 08-19-2021 03:41
    Hello Sir,

    I also asked similar question around policy creation, as i am new to DAM product not much familiar. We have these use case (mentioned below) we want to build policies around it. I am not able to find out-of-the-box policies in DAM. looking for some help to map the available policies in DAM we are using securesphere v14.5.

    a) Perform automated data discovery and classification;
    b) Detect query errors or an increase in query error rates;
    c) Detect new query statements;
    d) Determine source program used to query the database;
    e) Detect specific records being access (e.g. accessing honey token);
    f) Detect query statements that evade detection;
    g) Limit the amount of data returned from each database query;
    h) Analyse and block (in real-time) all malicious database transaction;
    i) Detect anomalies in database activity;
    j) Protect all unauthorised SQL interactions, user or schema access;
    k) Enforcement of database security policy compliance; and
    l) Block SQL injection attacks or malicious SQL requests.


    ------------------------------
    [Karl] [barg]
    ------------------------------



  • 4.  RE: USE CASES FOR DATABASE

    Posted 08-19-2021 03:50
    Thanks Sukhmeet for ur inputs.

    ------------------------------
    Aleemuddin Mohammed
    Oracle Database Administrator
    ------------------------------