Comments on: Imperva SecureSphere Review

By: Good News from ArcSight and Imperva | Dragos Lungu Dot Com

Good News from ArcSight and Imperva | Dragos Lungu Dot Com — Tue, 11 Mar 2008 22:14:22 +0000

[…] sweet news : I love Imperva’s SecureSphere Web Application and Database Firewall and it’s great to know that Information Security […]

By: links for 2007-10-23 « Where Is All This Leading To?

links for 2007-10-23 « Where Is All This Leading To? — Tue, 23 Oct 2007 00:23:37 +0000

[…] Imperva SecureSphere Review (tags: ids inline imperva security reviews) […]

By: Ory Segal

Ory Segal — Mon, 22 Oct 2007 17:01:22 +0000

Regarding #2, I guess most products that claim they do Positive Security have to add some signatures from time to time, mainly as a safety net, as well as for satisfying customers who want to feel they are getting their bang for the buck (for their maintenance fees

By: Dragos Lungu

Dragos Lungu — Mon, 22 Oct 2007 14:06:24 +0000

1) Yes Ory you are right , HTTP it’s not a presentation layer.I thought of SQL as “data layer” in a 3 tier application design. Don’t ask why I mixed it all up

2) The positive security model is used in the process of profiling the application; From what I’ve seen, Imperva can detect an attack on multiple layers,including web server layer where signatures are essential in weeding out the obvious attacks like CodeRed & such.

Thanks for your comments !

By: Ory Segal

Ory Segal — Mon, 22 Oct 2007 13:44:44 +0000

Nice Post.

Here are a few comments:

1) I don’t think you can call HTTP “presentation layer”. This term is reserved (see OSI layer model). In addition, you can’t refer to SQL as the data layer (for the same reasons)

2) “Positive Security Model”, together with “Signatures” in the same post, sounds like an oxymoron to me. Positive security means that you define what is allowd. Negative security means that you define what is blocked (aka Signatures).

Other than that, Imperva is cool.