Security Information & Event Management

Security information and event management (SIEM) technology supports threat detection and security incident response through the real-time collection and historical analysis of security events from a wide variety of event and contextual data sources. It also supports compliance reporting and incident investigation through analysis of historical data from these sources. The core capabilities of SIEM technology are a broad scope of event collection and the ability to correlate and analyze events across disparate sources.


• Fully integrated Next-Gen SIEM, Log Management, File Integrity Monitoring (FIM), Network & Host Activity Monitoring, and Security Analytics
• Data-driven, machine analytics approach to detect advanced threats.
• Risk-based-priority algorithm applies risk and threat factors to automatically qualify alarms, to enable customers to focus on the highest-risk concerns
• SmartResponse script-based countermeasures, which are triggered by an alarm or manually
• Compliance reporting packages for PCI, HIPAA, SOX, GLBA, NERC, FISMA, DoDI) with continuous, real-time security monitoring

Use Cases Addressed

• Suspicious User Behavior: automatically detect compromised credentials
• Malware Detection: malware can be detected by LogRhythm through behavioral analysis.
• Data Breach Prevention: identify hackers trying to steal valuable data
• Compliance Violations: an unauthorized user accesses secured data

Data Loss Prevention

Stop Data Loss and Theft, Demonstrate Compliance, and Safeguard Brand, Reputation, and Intellectual Property

From a damaged reputation to regulatory fines and penalties, a data breach can have devastating consequences. Our DLP for Web and Email enables you to discover and protect sensitive data in the Cloud or on-premise. Secure personal data, intellectual property and meet compliance requirements quickly, with custom or out-of-the-box policies by using unique DLP capabilities to stop data theft.

From a damaged reputation to regulatory fines and penalties, a data breach can have devastating consequences. Our DLP for Web and Email helps you avoid data breaches by enabling you to discover and protect sensitive data in the cloud or on-premise. Use custom or out-of-the-box policies and our unique DLP capabilities to secure your intellectual property and customers’ personal data — and meet compliance requirements quickly.



  • Manage your risk of insider threats by stopping data loss as well as proactively identifying high-risk users.
  • Quickly deploy easy-to-use security controls to meet compliance and regulatory requirements from auditors and executives.
  • Adopt cloud services like Microsoft® Office 365™ and Box without fear of data theft.
  • Identify sensitive data within images, such as scanned data and screen shots.

Unify your security solutions, coordinate defense policies, share intelligence across your security staff and enjoy centralized management of data security.


  • Adopt cloud services like Microsoft Office 365 and Box without fear of data theft.
  • Quickly deploy easy-to-use security controls for compliance and regulatory requirements for auditors and executives.
  • Identify sensitive data within images such as scanned data and screen shots.
  • Manage the Insider Threat by stopping data loss as well as proactively identifying high-risk users.
  • Unify your security solutions, coordinate defense policies, share intelligence along multiple points and enjoy centralized management of your data security.

Protect Your Critical Web Applications and Data

Your web applications are under siege. Cyber-criminals attack around the clock, steal data, disrupt access, and compromise website credentials to commit further fraud. Next generation firewalls, Intrusion Prevention Systems and other traditional network security controls don’t stop the latest industrialized, multi-vector attacks, leaving your organization exposed to costly and damaging breaches and downtime. Web Application Security solutions from Imperva enable you to prevent breaches and downtime by protecting your data where it’s accessed – your web applications – securing them against web attacks, DDoS, site scraping, and fraud.

Our Web Application Firewall (WAF) analyzes all user access to your business-critical web applications and protects your applications and data from cyber attacks. WAF dynamically learns your applications’ “normal” behavior and correlates this with the threat intelligence crowd-sourced from around the world and updated in real time to deliver superior protection.
The industry leading WAF identifies and acts upon dangers maliciously woven into innocent-looking website traffic; traffic that slips right through traditional defenses. This includes blocking technical attacks such as SQL injection, cross-site scripting and remote file inclusion that exploit vulnerabilities in web applications; business logic attacks such as site scraping and comment spam; botnets and DDoS attacks; and preventing account takeover attempts in real-time, before fraudulent transactions can be performed.


Key Features


Our WAF Solution uses patented Dynamic Application Profiling to learn all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs to detect attacks with exceptional accuracy and block only bad parties, while eliminating impact to legitimate customers. SecureSphere WAF mitigates both technical attacks such as DDoS and SQL injection, as well as non-technical attacks such as comment spamming and site scraping.


Our WAF distinguishes attacks from unusual, but legitimate, behavior by correlating web requests across security layers and over time. SecureSphere Correlated Attack Validation capability examines multiple attributes such as HTTP protocol conformance, profile violations, signatures, special characters, and user reputation, to accurately alert on or block attacks with the lowest rate of false positives in the industry.


Our WAF can be deployed as a physical or virtual appliance on-premises, and as a virtual image on Amazon Web Services or Microsoft Azure or completely cloud-based service that require zero software & hardware. Physical appliance deployments are particularly flexible in that they allow SecureSphere WAF to run transparently, requiring virtually no changes to the customer’s network. And granular policy controls enable superior accuracy and unequaled control to match each organization’s specific protection requirements.


To protect against today’s well resourced cyber-criminals, it is vital to have an advanced warning system that is aware of and protects against constantly evolving web-based attacks. The WAF solution is updated with real-time threat intelligence crowd-sourced from around the world and curated by our Vendor's Application Defense Center. This provides better protection, improves WAF accuracy, and makes the security team more efficient by proactively filtering traffic from known bad sources so the security team can focus on what is really important. The following intelligence feeds are available:

  • Reputation Services: Filters traffic based upon latest, real-time reputation of source
  • Community Defense: Adds unique threat intelligence crowd-sourced from Imperva users
  • Bot Protection: Detects botnet clients and application DDoS attacks
  • Account Takeover Protection: Protects website user accounts from attack and takeover
  • Fraud Prevention: Simplifies deployment of best-in-class partner fraud prevention solutions
  • Emergency Feed: Delivers latest signatures right away to mitigate against zero-day vulnerabilities instead of delivering them through periodic updates


Our WAF can perform “virtual patching” for your web applications via vulnerability scanner integration. Instead of leaving a web application exposed to attack for weeks or months while code is modified after discovering a vulnerability, virtual patching actively protects web applications from attacks to reduce the window of exposure, and decreases the costs of emergency fix cycles until you are able to patch them.


Our WAF rich graphical reporting capabilities enable customers to easily understand security status and meet regulatory compliance. Our WAF provides both pre-defined and fully-customizable reports. This enables you to quickly assess your security status and streamline demonstration of compliance with PCI, SOX, HIPAA and FISMA and other compliance standards.


Our WAF can easily integrates with most of the leading Security Information and Event Management (SIEM) systems such as Splunk, ArcSight, RSA enVision and others. Our WAF exports events as syslog messages in Common Event Format (CEF) and JSON format. Our WAF events in any SIEM are intuitively indexed and are easily searchable for quick incident response.

Web Filtering For Protection

The Internet has become an indispensable business tool, yet browsing the Web has never been more dangerous.

Attackers now utilise the Web as the primary means for delivering viruses and spyware. Users who visit sites that have been compromised can unwittingly download malware that can harm your business.

Our Web filtering solution is a fast and flexible cloud based Web security solution that protects your business from Web borne threats, such as viruses, malware, spyware and phishing sites.

Anti-malware layers block threats safely away from your network while URL filtering policies and Web traffic quota limits reduce Web misuse and help you protect company bandwidth.

Web Filtering Features:

  • Comprehensive defences against attack.
  • URL filtering and web policy engine.
  • Multi-layered protection.
  • Comprehensive reporting.
  • Roaming and remote worker support.

Benefits of Our Web Filtering Solution

Predictable costs and simplified management.

Enables administrators to create and enforce a Web Acceptable Use policy with rules based on content types and website categories.

Helps protect corporate bandwidth and productivity by blocking or restricting downloads of certain file types and placing time and volume limits on Internet consumption.

Page 1 of 3 Joomla 3.3 Templates