SQL Connection User Tracking is an extension to Imperva’s SecureSphere Database Security Gateway and functionality for web-based applications, and provides a method to track application user activity, which is initiated on a pooled database connection.
Shlomo Kramer, Imperva chief executive officer, said the new solution is aimed at organisations using packaged applications, so that firms running enterprise resource planning (ERP) systems from vendors such as Oracle and SAP could more easily identify their users.
"Applications pool connections through users before they query the database and so there are multiple users but only one connection from the application to the database,” Kramer said.
"This means that when you see something through the database, you can usually only see the application that made the change and not the user behind the application that made the change,” he added.
The SecureSphere solution is a box that plugs into the network. The box is “transparent,” having no impact on the data centre and needing no tweaks or modifications to existing applications.
The new solution will provide administrators with security and compliance in one tool, as well as improving the quality of reports and helping organisations comply with various industry regulations, Kramer said.
Identifying the end user to the database is now a requirement of section eight of the Payment Card Industry regulations. Around 40 percent of Imperva’s customers are from the financial sector, Kramer added.
