Imperva Now Tracks SQL Connection Pooling

Imperva clears another compliance visibility cloud caused by pooled database connections

Dark Reading Staff, Dark Reading

October 22, 2007

2 Min Read
Dark Reading logo in a gray background | Dark Reading

FOSTER CITY, Calif. -- ImpervaR, the leader in application data security and compliance, today announced that its SecureSphere Database Monitoring/Security Gateway now provides an additional method to track application user activity initiated on pooled database connections.

SecureSphere extracts user identities from within SQL connections to provide the industry's most flexible options for maintaining visibility into user actions across typical database access methods, including direct connections, pooled web-application connections, and pooled SQL application connections.

Regulatory Mandates Require Positive ID

Knowing the identity of end users accessing and changing data is critical for compliance with regulations, industry standards, and internal best practices. For example, the PCI Data Security Standard requires assigning a unique ID to each person before allowing them to access system components or cardholder data. It also mandates the tracking and monitoring of all access to network resources and cardholder data. Both cases require that the person, not a machine or application, accessing the database be identified.

However, associating users with each database access event and action is difficult, since very few business applications open a single, dedicated connection to the database for every user. Instead, most applications use "connection pooling" to make more efficient use of the database, which in turn "conceals" the identity of individual users. SecureSphere enables organizations to link users and their actions even when they use connection pooling, without requiring any changes to the applications.

"PCI and other regulatory mandates do not exempt applications that use pooled connections from having to monitor and audit users and their actions," said Amichai Shulman, CTO of Imperva. "Since most organizations use a variety of database access methods to accommodate web and traditional SQL applications, our vision is to enable transparent user tracking in any deployment scenario."

Imperva Inc.

Read more about:

2007

About the Author

Dark Reading Staff

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

See more from Dark Reading Staff
Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe

You May Also Like

More Insights
Webinars
More Webinars
Events
More Events

Editor's Choice

Pegasus Spyware concept with binary code background
Endpoint Security
WhatsApp: NSO Group Operates Pegasus Spyware for CustomersWhatsApp: NSO Group Operates Pegasus Spyware for Customers
byJai Vijayan, Contributing Writer
Nov 18, 2024
4 Min Read
Laptop with Palo Alto networks logo
Cyberattacks & Data Breaches
Palo Alto Networks Patches Critical Zero-Day Firewall BugPalo Alto Networks Patches Critical Zero-Day Firewall Bug
byBecky Bracken, Senior Editor, Dark Reading
Nov 18, 2024
3 Min Read
ChatGPT, typed out on a screen
Сloud Security
ChatGPT Exposes Its Instructions, Knowledge & OS FilesChatGPT Exposes Its Instructions, Knowledge & OS Files
byNate Nelson, Contributing Writer
Nov 15, 2024
4 Min Read
Reports
More Reports
Webinars
More Webinars
White Papers
More Whitepapers
Events
More Events