Imperva, Inc. (NYSE: IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today announced the availability of Imperva ThreatRadar IP Reputation for Imperva Skyfence, a new threat intelligence offering that helps Imperva customers detect threats to enterprise data in SaaS applications from known bad actors. Imperva Skyfence cloud access security broker (CASB) integrates with Imperva CounterBreach, Imperva Incapsula and now ThreatRadar IP Reputation Services to provide a comprehensive solution that helps prevent data breaches and ensure the safe and productive use of cloud apps.
According to Gartner Inc.1, “Cloud access security brokers (CASBs) provide information security professionals with a critical control point for the secure and compliant use of cloud services across multiple cloud providers. Many software as a service (SaaS) apps have limited visibility and control options. However, SaaS adoption is becoming pervasive in enterprises, which exacerbates the frustration of security teams looking for visibility and control. CASBs address a critical CISO requirement to set policy, monitor behaviour and manage risk across the entire set of enterprise cloud services being consumed.”
Skyfence is the only CASB solution to leverage a threat intelligence database to help detect threats and prevent attacks against cloud apps. The integration of two world-class products, ThreatRadar, a threat intelligence and IP reputation service, and Skyfence, a CASB, means that access attempts originating from malicious IP addresses, anonymous proxies and The Onion Router (Tor) can be identified in real time. The threat intelligence, combined with other contextual factors such as endpoint device, geo-location or data type, provides comprehensive threat detection and prevention for cloud apps. The new offering helps prevent credential hijacking and user account abuse and secures access to data stored in cloud apps.
Attackers often use Tor sites and anonymous proxies to mask their real IP addresses, creating the potential for a significant portion of traffic from these sources to be malicious. Hackers may attempt to steal organisational data and can evade forensic investigations by breaking into cloud accounts while masking their identity. Furthermore, for enterprise cloud apps such as Microsoft Office 365 and Dropbox that deliver data and services based on user identity, the motive to deliberately use Tor and anonymous browsing frameworks – specifically to hide the user’s true identity – is suspect and should be treated with caution by IT security staff. Organisations can leverage threat intelligence and detection solutions to identify traffic originating from these sources to prevent inappropriate access to data stored in the cloud.
“Imperva Skyfence is the only CASB to offer integration with services to help prevent account takeover and abuse of SaaS accounts,” said Meg Bear, senior vice president and general manager of Cloud Services at Imperva. “With our existing product and research footprint, Imperva is unique in its ability to analyse activity and identify malicious IP sources in real time, which can be used to provide highly accurate threat detection and data protection for cloud accounts.”
This integration is part of the Imperva strategy to further innovate in the CASB arena and comes on the heels of other product integrations over the past year including:
- Integration with Imperva Incapsula to protect customer CASB instances from DDoS and BOT attacks and reduce SaaS application latency for users.
- Integration with Imperva CounterBreach to protect enterprise data from insiders and provide a centralised approach to breach prevention that spans from the data centre to the cloud.