Top 10 Database Threats

Top 10 Database Threats 2013

Raphael ReichSenior Director, Product Marketing

© 2013 Imperva, Inc. All rights reserved.

Overview

Background

Top 10 database threats

Neutralizing the threats

2 © 2013 Imperva, Inc. All rights reserved.

Raphael ReichSr. Director, Product Marketing | Imperva

Expertise

+ 20+ years in product marketing, product management, and software engineering

Professional Experience

+ Cisco, Check Point, Network General

Academics

+ Bachelor’s degree in Computer Science from UC Santa Cruz

+ MBA from UCLA


Background


Background

5

Ninety six percent (96%) of records breached are

from databases.2012 Verizon Data Breach Report

Less than 5% of Security spend is on data center

security.Worldwide Security Products 2011-2014 Forecast (IDC -February 2011)

5%

95%


What’s changed?


Top 10 Threats


(1) Excessive and Unused Privileges

8

Jim works in Sales

Used to work in Accounts Payable

Uses his access for personal enrichment


(1) Excessive and Unused Privileges


(2) Privilege Abuse


(2) Privilege Abuse


(3) SQL Injection

12

Admin

' OR 1 = 1 --

“…one SQL injection attack

can bring in big bucks. It's a

no-brainer that you should

make this problem top

priority.”Dark Reading, Feb 28, 2013

The Best Way To Spend Your Security Budget


(3) SQL Injection


(4) Malware

14

69% of breaches incorporated malware

Source: Verizon Data Breach Report, 2012


(4) Malware


(5) Weak Audit Trail


(5) Weak Audit Trail


(6) Storage Media Exposure

18

“…the attacker had successfully

located and begun copying 23

database backup files…”Information Week, November 26, 2012

How South Carolina Failed

To Spot Hack Attack


(6) Storage Media Exposure


(7) Database Vulnerability Exploitation


(7) Database Vulnerability Exploitation


(8) Unmanaged Sensitive Data


(8) Unmanaged Sensitive Data


(9) Denial of Service


(9) Denial of Service


(10) Limited Security Expertise & Education


(10) Limited Security Expertise & Education


Neutralizing Threats


Layered Approach to Database Security

Discovery and Assessment

User Rights Management

Monitoring and Blocking

Auditing

Data Protection

Non-Technical Security


Discovery & Assessment


User Rights Management


Monitoring and Blocking


Auditing


Data Protection


Non-Technical Security


Customer Use Case: Sensitive Data Auditing


Sensitive Data Auditing Use Case

37

!

SIEM

Database

User

Audit Reports

Audit Logs

A multinational oil & gas

company needed to:

Streamline database auditing for PCI

and SOX

Reduce time and log collection errors

Send activity alerts to Security

Information Event Manager (SIEM)

SecureSphere DAM:

Capture audit details and generate

reports

Generate SIEM alerts


Auditing Sensitive Data – Key Capabilities

38

Activity Auditing

Collect and record database activity details

Satisfy compliance requirements

Conduct forensic analysis

DatabasesUsers

SecureSphere

DAM

Audit DetailsAudit Policies

Privileged User Monitoring

Monitor privileged or “power” users

Enforce Separation of Duties

See all activity incl. local access

Block if neededDatabase Agent Appliance

Privileged UserAudit Policies



39

Reporting

Enterprise class reporting framework

Analyze threats

Accelerate compliance

PCI, HIPAA, SOX…

Custom

Alerting

Alert in real time on suspicious behavior

Quickly identify attacks

Prevent data theft

Email

SYSLOG

Dashboard

SIEM



40

SecureSphere DAS

Rogue

SSN

Credit Cards

PII

Discovery & Classification

Discover DBs and classify sensitive information

Discover active DB services

Identify rogue DBs

Determine what needs to be monitored


Post-Webinar Discussions

Answers to Attendee Questions

Webinar Recording Link

Join Group

Join Imperva LinkedIn Group,Imperva Data Security Direct, for…

Webinar Materials


http://www.linkedin.com/groups/Imperva-Data-Security-Direct-3849609

www.imperva.com

- -


Technology

Top 10 Database Threats