Imperva Cyber Community

 View Only

Baseline ( Audit policies )

  • 1.  Baseline ( Audit policies )

    Posted 12 days ago
    Dear All,

    I need your feedback on the below let's say baseline audit policies can we start with them.

    and if you have use cases and recommended audit policies.

    • DDL Command with the event:
    • Command group (Data Object Management – general object management)
    • Database user name (Exclude)


    • DML Command with the event:
    • Database user name (Exclude)
    • Operation (Delete, Insert, Update)


    • Modification sensitive data:
    • Operation (Delete, Insert, Update)
    • Table group (Classified object) or we can use:


    • Access sensitive data:
    • Operation (Select)
    • Table group (Classified object)


    • Privilege operation:
    • Command group (Users and Privilege management) "at least one"
    • Operation (privilege operations)


    • Creation of new Database:
    • Privileged operation "at least one" (create database, create schema)


    • Login Logout: without event


    Mohammad Alriaty
    System Engineer
    Cloud Distribution