Imperva brings Discovery and Assessment Services to EMEA New service aims to help enterprises greatly mitigate the risk of a serious data breach London, 9th February 2010 - Imperva, the Data Security leader, today announced the availability of Imperva’s Discovery and Assessment Services (DAS) in EMEA. Finding and cataloguing all potentially sensitive data inside an organisation’s IT environment so that data can be protected is a major problem that can lead to data breaches. According to a 2009 Verizon Data Breach Investigation Report, in 39 per cent of breaches the compromised system was unknown to the organisation and/or the organisation didn’t realise what data they contained. Nick Frost, from The Security Forum comments, “Information classification is an important activity to establish in organisations, but any practical approach will set boundaries on the types of information to be classified.

The idea of classifying all information is challenging, as copies of the same information exist in a wide range of formats e-mails, software patches, spreadsheets and on-line bank statements, and the traditional paper copies, so classifying and labelling the information is usually just too expensive and complex to do. Information classification helps to ensure that security controls are only applied to information that requires such protection. This can help reduce the demand on resources and staff and ultimately reduce the cost of protecting information as well as enforce access control policies in order to determine if an individual should gain access to a piece of information. Henk Jan Spanjaard, Imperva’s VP of EMEA, explained, “Imperva’s Discovery and Assessment Services (DAS) helps companies to overcome the challenge of data classification in order to achieve rock-solid data security. The service has four main features to achieve data security which are mapping databases on the network, identifying where sensitive data lives, providing a comprehensive vulnerability assessment and producing a report based on a data risk analysis” Ariel Avitan, Research Analyst from Frost & Sullivan comments, "The security market has good solutions in regards to protecting data but has a major need for solutions that can discover data elements in large organizations. Solutions like DAS close the gap and offer a full overview of the data within the organization, making it easier to protect the organization from painful data breaches" The DAS offering consists of four essential features: •       Mapping databases on the network: Applications and databases are scattered throughout the network. Accurately mapping where databases are located is the first step in assessing governance and compliance risk. Imperva’s rigorous scanning process will map all databases on the network and surface ‘rogue’ databases. •       Identifying where sensitive data lives: Locating sensitive data, such as credit card and social security numbers, as well as other personally identifiable information, can be a daunting task for IT organisations. Imperva’s automated classification process will highlight well-known and custom sensitive data types, and track their location down to the database object, row and column. •       Vulnerability assessment: Comprehensive assessment of platform, software, and configuration vulnerabilities helps assess the risk to databases that host sensitive data. The assessment results in a set of detailed reports documenting vulnerabilities that may put databases at risk. The reports further provide specific recommendations for mitigating or eliminating these vulnerabilities. •       Data risk analysis: The combined analysis of identified vulnerabilities and sensitive data enables educated decision making. In the final phase of the engagement, Imperva’s team will provide a complete report of the risk associated with each data asset based on data sensitivity and the level of platform and database exposure. Risk-centric prioritisation is the guideline for managing risk reduction efforts. About Imperva  Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. More than 4,500 of the world’s leading enterprises, government organisations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognised for its overall ease of management and deployment. For more information, visit www.imperva.com.