Company News »

Imperva Announces Skyfence Cloud Governance for Superior Visibility and Accuracy in Assessing Cloud Application Risk

Business Wire
Share on StockTwits
Published on

Imperva Inc. (NYSE:IMPV) , committed to protecting business-critical data and applications on-premises and in the cloud, today announced a new version of its Skyfence Cloud Gateway that provides IT staff superior visibility over contextual risk factors specific to their cloud application users and implementations. Imperva Skyfence goes beyond generic risk factors to identify specific conditions that pose a threat to the organization including former employees with active accounts, users who may have excessive access rights, external users with access, and unsecure cloud app configurations based on industry best practices and regulatory requirements. Using the product’s Integrated Remediation Workflow tools, users can then easily remediate their risks to provide safe and productive use of the cloud.

CLICK TO TWEET: .@SkyfenceNet governance provides superior visibility of #cloudapp security risks

According to Gartner, Inc., “While enterprises have focused on the adoption of SaaS applications, they have often ignored the security governance principles that would normally be applied on-premises.” Gartner recommends that “Chief information security officers (CISOs) and their security managers should leverage the visibility functions of cloud access security brokers (CASBs) to discover unauthorized SaaS applications that are in use in your enterprise to decide whether they should be permitted to continue running.1

Current cloud discovery tools often underestimate the actual risk associated with cloud app usage since they are limited to vendor information contained in log files and generic research on app providers’ operational and security practices. They often do not highlight, for example, that former employees still have access to cloud apps and company data. Further, they do not specify whether the app security settings and the app provider meet best practices recommendations by the Cloud Security Alliance, or benchmark actual configurations against regulatory initiatives such as HIPAA and PCI DSS. In fact, while a given cloud app may generically appear to have the same risk level from one company to another, depending on its actual implementation, the actual risk could be much higher.

Accurate Cloud App Risk Assessment

Skyfence Cloud Gateway version 4.0 combines traditional cloud app discovery data with contextual risk factors, by reviewing and providing deep intelligence on user accounts including those that are dormant, orphaned or external to the organization. Additionally, dozens of security configuration settings – from password timeout and password complexity policies to which types of authentication are allowed – can be reviewed centrally within the Skyfence interface.

The following assessment and enforcement capabilities enable Skyfence Cloud Gateway to deliver a true 360-degree view of cloud app risk governance:

  • User Entitlements Review: Accurately identifies administrators, unauthorized users and excessive user permissions on an app by app basis; dormant accounts that have not been used for a specified period of time; orphaned accounts that represent ex-employees still able to access company data, and external users representing partners or contractors- all of which can increase risk associated with data stored in the cloud.
  • Application Security Configuration Review: Minimizes risk associated with misconfigurations by reviewing the actual configuration and security settings, comparing them to a set of industry best practices and regulatory requirements such as those from the Cloud Security Alliance, PCI DSS and HIPAA, and provides specific remediation suggestions to improve security posture.
  • Integrated Remediation Workflow: Provides a built-in workflow that creates remediation tasks directly from the Skyfence Cloud Gateway dashboard and integrates with third-party ticketing systems.
  • Mobile Integration: Automatically pushes out profile agents to managed devices via third party mobile device management (MDM) products to simplify enrollment of new devices so that mobile devices – whether BYOD or corporate owned – conform to company policy.
  • Policy Management: Creates and enforces granular risk monitoring and remediation policies on a per service or individual app basis. For example, within Amazon Web Services (AWS), Skyfence Cloud Gateway can support unique policies tailored to the AWS Elastic Compute Cloud (EC2) platform, Virtual Private Cloud (VPC) service, Relational Database Service (AWS RDS), Cloud Trail, and other platforms and services.

“As enterprises employ more cloud applications for business critical functions, they need governance capabilities that are on par with those used for their on-premises applications,” said Ofer Hendler, General Manager of the Skyfence product line at Imperva. “Skyfence Cloud Gateway provides the level of visibility into activity, accounts, permissions and configuration settings that organizations need to manage and remediate cloud app risks, but are not available from first-generation log analysis and scorecard-based security tools.”


The new version of the Skyfence Cloud Gateway is available immediately from Imperva and its business partners worldwide. Skyfence customers with current maintenance and support agreements can obtain the new functionality at no additional cost by contacting your Skyfence account representative or sending email to


To request a free product trial visit:

Imperva Skyfence Cloud Discovery Free tool:

About Imperva

Imperva(R) (NYSE:IMPV) , is a leading provider of cyber security solutions that protect business-critical data and applications. The company’s SecureSphereTM, IncapsulaTM and SkyfenceTM product lines enable organizations to discover assets and vulnerabilities, protect information wherever it lives – on-premises and in the cloud – and comply with regulations. The Imperva Application Defense Center, a research team comprised of some of the world’s leading experts in data and application security, continually enhances Imperva products with up-to-the minute threat intelligence, and publish reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California. Learn more:, our blog, on Twitter.

Forward Looking Statements

This press release contains forward-looking statements. These forward-looking statements are subject to material risks and uncertainties that may cause actual results to differ substantially from expectations. Investors should consider important risk factors, which include: the risk that our products are not adopted at levels that we anticipate; the risk that competitors may be perceived by customers to be better positioned to help handle security threats and compliance; and other risks detailed under the caption “Risk Factors” in the company’s Form 10-Q filed with the Securities and Exchange Commission, or the SEC, on November 7, 2014 and the company’s other SEC filings. You can obtain copies of the company’s SEC filings on the SEC’s website at

(c) 2015 Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula and Skyfence are trademarks of Imperva, Inc. and its subsidiaries.

1 Gartner, Inc. “Mind the SaaS Security Gaps”, Craig Lawson and Sid Deshpande, 3 October 2014

Share on StockTwits