Upload
imperva
View
2.603
Download
6
Embed Size (px)
DESCRIPTION
Why do databases have the highest rate of breaches among all business assets? The answer is simple: they house the sensitive business data that malicious insiders and hackers want most. The risk of a database breach can be mitigated by implementing internal controls and following industry best practices - but you must first understand the shifting threat landscape. This presentation will (1) present the top 10 threats to your database in 2013 (2) define a layered defense strategy for preventing database breaches using industry best practices (3) demonstrate a successful defense against data theft with a customer case study.
Citation preview
Top 10 Database Threats 2013
Raphael ReichSenior Director, Product Marketing
© 2013 Imperva, Inc. All rights reserved.
Overview
Background
Top 10 database threats
Neutralizing the threats
2 © 2013 Imperva, Inc. All rights reserved.
Raphael ReichSr. Director, Product Marketing | Imperva
Expertise
+ 20+ years in product marketing, product management, and software engineering
Professional Experience
+ Cisco, Check Point, Network General
Academics
+ Bachelor’s degree in Computer Science from UC Santa Cruz
+ MBA from UCLA
© 2013 Imperva, Inc. All rights reserved.
Background
4 © 2013 Imperva, Inc. All rights reserved.
Background
5
Ninety six percent (96%) of records breached are
from databases.2012 Verizon Data Breach Report
Less than 5% of Security spend is on data center
security.Worldwide Security Products 2011-2014 Forecast (IDC -February 2011)
5%
95%
© 2013 Imperva, Inc. All rights reserved.
What’s changed?
6 © 2013 Imperva, Inc. All rights reserved.
Top 10 Threats
7 © 2013 Imperva, Inc. All rights reserved.
(1) Excessive and Unused Privileges
8
Jim works in Sales
Used to work in Accounts Payable
Uses his access for personal enrichment
© 2013 Imperva, Inc. All rights reserved.
(1) Excessive and Unused Privileges
9 © 2013 Imperva, Inc. All rights reserved.
(2) Privilege Abuse
10 © 2013 Imperva, Inc. All rights reserved.
(2) Privilege Abuse
11 © 2013 Imperva, Inc. All rights reserved.
(3) SQL Injection
12
Admin
' OR 1 = 1 --
“…one SQL injection attack
can bring in big bucks. It's a
no-brainer that you should
make this problem top
priority.”Dark Reading, Feb 28, 2013
The Best Way To Spend Your Security Budget
© 2013 Imperva, Inc. All rights reserved.
(3) SQL Injection
13 © 2013 Imperva, Inc. All rights reserved.
(4) Malware
14
69% of breaches incorporated malware
Source: Verizon Data Breach Report, 2012
© 2013 Imperva, Inc. All rights reserved.
(4) Malware
15 © 2013 Imperva, Inc. All rights reserved.
(5) Weak Audit Trail
16 © 2013 Imperva, Inc. All rights reserved.
(5) Weak Audit Trail
17 © 2013 Imperva, Inc. All rights reserved.
(6) Storage Media Exposure
18
“…the attacker had successfully
located and begun copying 23
database backup files…”Information Week, November 26, 2012
How South Carolina Failed
To Spot Hack Attack
© 2013 Imperva, Inc. All rights reserved.
(6) Storage Media Exposure
19 © 2013 Imperva, Inc. All rights reserved.
(7) Database Vulnerability Exploitation
20 © 2013 Imperva, Inc. All rights reserved.
(7) Database Vulnerability Exploitation
21 © 2013 Imperva, Inc. All rights reserved.
(8) Unmanaged Sensitive Data
22 © 2013 Imperva, Inc. All rights reserved.
(8) Unmanaged Sensitive Data
23 © 2013 Imperva, Inc. All rights reserved.
(9) Denial of Service
24 © 2013 Imperva, Inc. All rights reserved.
(9) Denial of Service
25 © 2013 Imperva, Inc. All rights reserved.
(10) Limited Security Expertise & Education
26 © 2013 Imperva, Inc. All rights reserved.
(10) Limited Security Expertise & Education
27 © 2013 Imperva, Inc. All rights reserved.
Neutralizing Threats
28 © 2013 Imperva, Inc. All rights reserved.
Layered Approach to Database Security
Discovery and Assessment
User Rights Management
Monitoring and Blocking
Auditing
Data Protection
Non-Technical Security
29 © 2013 Imperva, Inc. All rights reserved.
Discovery & Assessment
30 © 2013 Imperva, Inc. All rights reserved.
User Rights Management
31 © 2013 Imperva, Inc. All rights reserved.
Monitoring and Blocking
32 © 2013 Imperva, Inc. All rights reserved.
Auditing
33 © 2013 Imperva, Inc. All rights reserved.
Data Protection
34 © 2013 Imperva, Inc. All rights reserved.
Non-Technical Security
35 © 2013 Imperva, Inc. All rights reserved.
Customer Use Case: Sensitive Data Auditing
36 © 2013 Imperva, Inc. All rights reserved.
Sensitive Data Auditing Use Case
37
!
SIEM
Database
User
Audit Reports
Audit Logs
A multinational oil & gas
company needed to:
Streamline database auditing for PCI
and SOX
Reduce time and log collection errors
Send activity alerts to Security
Information Event Manager (SIEM)
SecureSphere DAM:
Capture audit details and generate
reports
Generate SIEM alerts
© 2013 Imperva, Inc. All rights reserved.
Auditing Sensitive Data – Key Capabilities
38
Activity Auditing
Collect and record database activity details
Satisfy compliance requirements
Conduct forensic analysis
DatabasesUsers
SecureSphere
DAM
Audit DetailsAudit Policies
Privileged User Monitoring
Monitor privileged or “power” users
Enforce Separation of Duties
See all activity incl. local access
Block if neededDatabase Agent Appliance
Privileged UserAudit Policies
© 2013 Imperva, Inc. All rights reserved.
Auditing Sensitive Data – Key Capabilities
39
Reporting
Enterprise class reporting framework
Analyze threats
Accelerate compliance
PCI, HIPAA, SOX…
Custom
Alerting
Alert in real time on suspicious behavior
Quickly identify attacks
Prevent data theft
SYSLOG
Dashboard
SIEM
© 2013 Imperva, Inc. All rights reserved.
Auditing Sensitive Data – Key Capabilities
40
SecureSphere DAS
Rogue
SSN
Credit Cards
PII
Discovery & Classification
Discover DBs and classify sensitive information
Discover active DB services
Identify rogue DBs
Determine what needs to be monitored
© 2013 Imperva, Inc. All rights reserved.
Post-Webinar Discussions
Answers to Attendee Questions
Webinar Recording Link
Join Group
Join Imperva LinkedIn Group,Imperva Data Security Direct, for…
Webinar Materials
© 2013 Imperva, Inc. All rights reserved.
www.imperva.com
- -
© 2013 Imperva, Inc. All rights reserved.