SlideShare une entreprise Scribd logo

Protecting Against Vulnerabilities in SharePoint Add-ons

Imperva
Imperva

Microsoft SharePoint is a widely adopted data-sharing and collaboration platform which is often extended using third-party software. When the data in SharePoint is sensitive and regulated, the security of the platform - as well as the software extensions - must be a top concern for organizations. This white paper will discuss the threats introduced when using third-party SharePoint plug-ins and Web Parts, evaluate the effectiveness of traditional security solutions in respect to these threats, and provide recommendations for hardening SharePoint systems.

Technologie
1  sur  10
Télécharger pour lire hors ligne
WHITE PAPER Microsoft SharePoint is a widely adopted data-sharing and collaboration platform that is often extended using third-party software. When the data in SharePoint is sensitive and regulated, the security of the platform—as well as the software extensions—must be a top concern for organizations. Seventy percent of organizations are facilitating cross-functional collaboration and increasing productivity by using Microsoft SharePoint as an intranet, extranet, and to host public websites1 . This means business-critical data, including regulated or sensitive information, is stored in most SharePoint environments. In parallel, companies are leveraging third-party add-ons within the SharePoint platform to get their deployment off the ground, encourage adoption, and increase employee interaction. This paper will discuss the threats introduced when using third-party SharePoint plug-ins and Web Parts, evaluate the effectiveness of traditional security solutions in respect to these threats, and provide recommendations for hardening SharePoint systems. What Organizations Store in SharePoint In an Industry Watch report survey conducted by independent research firm Association for Information and Image Management (AIIM), results concluded that SharePoint is highly integrated into companies, especially when compared to most other enterprise IT systems. The report stated that “…over half of respondents are deploying a single SharePoint system across the full enterprise”, indicating that SharePoint is becoming an enterprise-wide, “highly integrated”system2 , and not just a tool used in pockets of the organization. DID YOU KNOW? Business-critical data, including regulated or sensitive information, is stored in most SharePoint environments. 1. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 2. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. Protecting Against Vulnerabilities in SharePoint Add-ons
2 The principal reasons organizations implement SharePoint are internal collaboration, content management, project management, records management, corporate intranet, and as a replacement for file shares3 . These uses are core to running a business and imply that groups and individuals store a multitude of files with sensitive or regulated data in SharePoint. For example, consider whether the information below is stored in your company’s SharePoint deployment: • Regulated data. Personally identifiable information (PII), credit card information, personal health information (PHI), and financial records. Organizations operating in highly regulated industries, such as the Healthcare, Financial Services, and Federal sectors, commonly leverage SharePoint as a file repository and extranet portal. HIPAA, FINRA, PCI DSS, ITAR and SOX regulations are some of the primary motivators for organizations to ensure that data of this nature is not breached. • Sensitive data. Intellectual property, deal data, competitive information, business plans, and legal information. The data that an organization considers to be the most sensitive is not always evident, especially if IT teams, rather than data owners, are determining how information is to be classified. As an example, take an international retailer with store operations plans and strategies stored in SharePoint. While one business unit might assume this data is the most critical to the organization’s success, management and the Board of Directors may consider the data pertaining to its international expansion strategy to be top of mind. SharePoint Starts Small Companies typically implement SharePoint in a progressive manner, starting with an intranet for file sharing and content management, and eventually expanding to externally- facing deployments. Extranets are often used as a portal for customers, partners, employees, or alumni and commonly for a Board of Directors site. The later versions of SharePoint, such as SharePoint 2013, offer new functionality for simple and low-cost website creation, leading a number of Fortune 500 companies to create corporate websites, microsites, and e-commerce sites with SharePoint. As more applications are created in SharePoint, and new data is made available to those accessing SharePoint, the risk of exposure increases. The introduction of third-party widgets exacerbates the situation. According to AIIM, more than half of organizations implementing SharePoint use or are: “…planning to use third-party add-on products in order to enhance functionality. Only a third thinks they will stick with the vanilla product.”4 In addition to individual components, many organizations outsource SharePoint application development entirely. With almost thirty percent of all applications being produced by third parties5 , organizations need to evaluate the security of SharePoint applications given the amount of regulated and sensitive information dispersed across the platform. WHAT INFORMATION IS STORED IN YOUR SHAREPOINT DEPLOYMENT? Regulated Data • Personally identifiable information (PII) • Credit card information • Personal health information (PHI) • Financial records Sensitive Data • Intellectual property • Deal data • Competitive information • Business plans • Legal information More than half of organizations implementing SharePoint use or are: “…planning to use third- party add-on products in order to enhance functionality. Only a third thinks they will stick with the vanilla product.” –AIIM 2012 3. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 4. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 5. Veracode State of Software Security Report, Volume 4
3 Why Organizations Use SharePoint Plug-ins and Web Parts “Many would argue that the sheer volume of third-party add-ons highlights that SharePoint is nothing more than a Swiss army knife: a platform that requires users to plug-in“industry- strength”tools from external suppliers in order to achieve the performance, functionality and robustness required.”6 Microsoft SharePoint without plug-ins or Web Parts can be compared to an iPhone without apps7 . While consumers use apps for convenience, ease-of-use, collaboration, and productivity, it’s for these same reasons that IT teams will look to third-party SharePoint widgets to directly modify the content, appearance, and behavior of SharePoint site pages8 . Some of the most popular categories9 of SharePoint plug-ins and Web Parts include: • Forms. These widgets enhance the feature set of SharePoint forms, allowing admins to customize and create forms more quickly. • Document Management. As one of the most common use cases for SharePoint, organizations leverage this category of add-ons for better distribution of documents throughout teams or groups; increased organization of documents; template customization; enhanced SharePoint search capabilities; and more. • Productivity. Productivity plugins make tasks easier for employees, enabling them to be completed more quickly. Additionally, there is business justification for IT teams to put third-party tools in place; this can also be referred to as a“no-code”strategy for SharePoint. First, there is significant cost and time associated with custom coding projects within the platform. Stakeholders and end-users are interested in getting SharePoint deployments off the ground and seeing employee adoption. Third-party tools enable exactly that, e.g., the ability to deliver in-depth workflows within a matter of days versus weeks. While administrators can experience quick wins with external products, incorporating third-party code alongside regulated and confidential data presents a serious and wide reaching security risk to SharePoint intranets, extranets, websites, and also their end-users.10 PLUG-IN AND WEB PART DEFINED Plug-in (a.k.a. extension): A software component that adds additional functionality to the larger SharePoint system Example: SharePoint Outlook Integration Web Part (a.k.a. web widget): A stand-alone application that is embedded into SharePoint, and which pulls in useful information from other websites Example: Twitter feed 6. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 7. Francis Brown.“SharePoint Security: Advanced SharePoint Security Tips and Tools.”Stach & Liu, LLC. 8. “Creating Web Parts for SharePoint.”Microsoft. 9. “Top 50 SharePoint Plug-Ins and Web Parts for 2013.”Portal Front. 10. “The‘No Code’SharePoint Strategy.”PointBeyond Ltd.
4 Risks Associated with SharePoint Plug-ins and Web Parts Practically every SharePoint web application includes components that were not developed by in-house application programmers. Even if an application were to be completely homegrown, the web server and operating system were almost certainly coded elsewhere. According to Veracode, about seventy percent of internally developed code originates outside of the development team11 . In many cases, developers aren’t aware of all application components they are using, not to mention their versions. From a business standpoint, SharePoint administrators and security teams should always assume that third-party code—coming from partners, vendors, mergers, and acquisitions—contains significant vulnerabilities. Moreover, organizations have no control over fixing weaknesses in code they do not own. Not only are organizations blind to vulnerabilities when implementing third-party Web Parts and plug-ins, but they will not be protected until that third-party addresses those vulnerabilities. These security gaps transform add-ons from useful SharePoint tools into vehicles for delivering malware and technical attacks. If a vulnerable component is exploited, such attacks can facilitate serious data loss or server takeover. Applications using components with known vulnerabilities have the ability to undermine application defenses and introduce a range of possible attacks and business impacts. The Latest Addition to the OWASP Top 10 Concerns around third-party applications are of such concern that the Open Web Application Security Project (OWASP), an industry group focused on web application security best practices, added this threat to its most recent Top 10 report. The Top 10 report represents the most critical web application security risks as identified by a broad consensus of application security experts around the world. This addition is the main difference between the previous OWASP Top 10 and the 2013 Top 10. This new OWASP Top 10 threat not only reinforces the popularity of third-party components in application development, but also underscores the risks introduced by these components. Because thousands of SharePoint instances may include the same vulnerable code, attackers are highly motivated to locate and exploit vulnerabilities in these application components. It’s likely that this is why many of today’s high profile breaches are caused by vulnerable third-party components. SHAREPOINT SECURITY TIP SharePoint administrators and security teams should always assume that third- party code—coming from partners, vendors, mergers, and acquisitions— contains significant vulnerabilities. SHAREPOINT SECURITY RISK Applications using components with known vulnerabilities have the ability to undermine application defenses and introduce a range of possible attacks and business impacts. 11. Veracode State of Software Security Report, Volume 4
5 Hacking and the Rise of CMS Hacking Cyber attacks are motivated by a number of reasons—whether they are performed by profit-driven industrialized hacker groups; by hacktivists looking to target organizations based on ideology or personal agendas; or by government entities seeking economic or political gain. Depending on the motivation, hackers might focus on exploiting one particular organization, as demonstrated in the December 2012 attack on Yahoo! in which a hacker exploited a third-party astrology web application and successfully gained full access into the company’s Microsoft SQL database. Other motivations might inspire“mass hacking” in which malicious groups or individuals identify vulnerabilities in content management systems (CMS) and where the same principals apply. SharePoint, one of the leading CMS systems, is built using mainly Visual C#, Visual Basic, the Microsoft .NET Framework, ASP.NET, HTML/CSS, Document Object Model, and Silverlight, it integrates with Active Directory, and is designed for use with Microsoft SQL Server and Internet Explorer12 . As a result, the system contains its share of potential security challenges. Microsoft has reported nearly 300 vulnerabilities in SharePoint Server and related products since its release in 2001, which have rendered the underlying software subject to attacks such as cross-site scripting (XSS), SQL injection (SQLi), directory (or path) traversal, and remote file inclusion (RFI)13 . While classic website hacking consists of a single site attack in which cybercriminals identify the target, find a vulnerability, and set out to exploit it, CMS hacking, where one CMS vulnerability has the ability to compromise thousands of organizations, is on the rise. “Microsoft addressed a zero-day flaw and nine other vulnerabilities in SharePoint that could allow remote code execution… In addition, the server has two cross-site scripting vulnerabilities that can be used by an attacker to carry out attacks and run malicious scripts while masquerading as the logged-in user.”14 – Robert Westervelt on critical security updates in Microsoft SharePoint, September 2013 Intricacies of a Third-Party Code Exploit This section explores how an exploit takes place via SQL injection (SQLi), a very common data extraction technique with the objective to retrieve sensitive data, steal site admin credentials, or infect an end-user with malware. Even after a decade of web application development and awareness around web application security, this attack method is still very relevant and continues to play a major role in application hacking. This is demonstrated by the fact that SQLi has become highly automated and can be performed by unsophisticated hackers with the assistance of hacking tools like SQLmap and Havij. On-demand Webinar CMS Hacking 101 Content Management Systems (CMS), like SharePoint, expose organizations to a new set of vulnerabilities. This presentation shows how malicious hackers exploit vulnerabilities found in CMS to systematically identify and attack unsuspecting organizations and provides recommendations for attack protection. View Webinar 12. Gustavo Garcia.“SharePoint: In Defense of Cross-Site Scripting.” 13. Gustavo Garcia.“SharePoint: In Defense of Cross-Site Scripting.” 14. Robert Westervelt.“Patch Tuesday: Microsoft Fixes Critical Outlook Error, Critical SharePoint Flaws.”CRN.
6 Anatomy of a SQL Injection Attack Hackers begin by taking advantage of non-validated input vulnerabilities in which unchecked user input is transformed into database queries. Cyber criminals use a variety of approaches to identify application weaknesses. First, they may search public vulnerability databases, which contain thousands of web application and CMS-related vulnerabilities. Another option is to perform Google searches for weak or exposed applications. Additionally, hackers are known to leverage vulnerability scanners from vendors in the same way that organizations do to enhance their security posture. The next step is to inject SQL commands through the web application which are then executed by a backend database. Because programmers often connect SQL commands with user-provided parameters, hackers have the ability to embed SQL commands inside these parameters. As a result, the attacker has the ability to execute SQL commands on the backend database server via the web application. While there are multiple approaches to carrying out this category of attack, the targets are particular database tables that contain valuable information. No matter which methods or motivations are behind the exploitation of add-ons and CMS systems, hackers are after regulated or sensitive data. On one hand, using third-party add-ons leave the enterprise with full responsibility for securing the application, and on the other hand, very limited capacity to actually control the code. Because third-party add‑on code cannot be fixed in-house, it is important that IT and Information Security teams have the appropriate technology in place to shield the application from attacks, given the potential vulnerabilities. Protecting Your SharePoint System Complementing Traditional Defenses with Dedicated Protection IT and Security teams continue to spend the vast majority of their cyber security budget on traditional defenses, with the assumption that next-generation firewalls (NGFW) or intrusion prevention systems (IPS) will mitigate attacks against third-party plug-ins or Web Parts. While these defenses are an important and key part of security strategy, they are ill-equipped to stop attacks of this nature. Even if they were 100% effective, additional layers would be needed to ensure that critical business data is protected. These solutions are designed to protect networks and users, and although next- generation firewalls are“application aware,”meaning that they can prevent users from visiting phishing sites or tunneling applications in HTTP, they are not designed to protect web applications from external attacks. Hackers looking to steal sensitive data, such as intellectual property, deal data or PII, know exactly where to find it: in SharePoint’s unique application, file, and database elements. The reality is that cyber-attacks have become increasingly sophisticated, leveraging new hacking methods, with the explicit purpose of circumventing conventional barriers. Trend Report Lessons Learned From theYahoo! Hack In 2012, a hacker claimed to have breached Yahoo!’s security systems and acquired full access to certain Yahoo! databases, leading to full access on the server for that domain. Imperva found that the hacker was able to determine the allegedly vulnerable Yahoo! application and the exact attack method, SQL injection. This attack underscores the security problem posed by hosting third-party code— as is often done with cloud- based services. Download Report
7 Technical Recommendations As an enterprise builds out its security model, it is common that vulnerable components outside the purview of the organization are not taken into account. It’s important that IT and security teams always assume that third-party code present in SharePoint applications contain significant vulnerabilities. Protect SharePoint Instances Leveraging Third-party Code Against Web Attacks To protect CMS systems, it’s vital that organizations incorporate security into the software development life cycle; perform penetration tests and vulnerability assessments on applications; and deploy SharePoint applications behind a web application firewall (WAF) in order to detect and block attacks. When third-party code is present, protecting applications with a web application firewall is essential. Without the ability to fix the code, a WAF is the only relevant protection option. As Gartner states in“Security No-Brainer #9,”it’s fundamental that application vulnerability scanners interface with application firewalls. Analyst Neil McDonald states that once an application security testing tool identifies a vulnerability, the natural next step is to fix the problem. However, this presents challenges if the development team is backlogged, or IT teams don’t have access to the source code15 . Furthermore, PCI DSS requirement 6.6 provides two options for protecting web applications16 . This first option is to conduct a vulnerability assessment and incorporate these assessments into the software development life cycle. The other option is to deploy a web application firewall in front of the web application. Harden the SharePoint System When an add-on is promoted from development to production, the system configuration must be hardened to disable any irrelevant parts that may help the attacker. In the hardening process, detailed error messages should be disabled; excessive file and directory permissions should be restricted; leftover source code should be deleted; and so on. Three-layers of SharePoint Security While this paper focuses on the security implications of third-party web applications, parts and plug-ins, the SharePoint system can be compromised on many levels. In addition to web-based attacks, both malicious insiders, as well as users that have been compromised by malware, pose significant risk. Moreover, Microsoft SharePoint does not have sufficient built-in security capabilities to protect your organization from the wide range of internal and external SharePoint threats. Imperva SecureSphere™ for SharePoint offers a unique three-layer approach for protecting all of SharePoint’s web, file, and database resources. White Paper What Next Generation Firewalls Miss Web application attacks threaten nearly every organization with an online presence. While some security vendors contend that their next generation firewalls can stop Web attacks, these products lack essential Web security features, leaving customers exposed to attack. Download White Paper 15. Neil MacDonald.“Security No-Brainer #9: Application Vulnerability Scanners Should Communicate with Application Firewalls.”Gartner, Inc. 16. “Information Supplement: Application Reviews and Web Application Firewalls Clarified.”PCI Security Standards Council.
8 Layer #1: Deploy a Web Application Firewall Tailored to SharePoint Traditional technologies leave holes in application defenses—defenses that are only addressed by dedicated web application firewalls. SecureSphere for SharePoint uses market leading web application firewall technology to protect SharePoint web applications with vulnerable components. Through defenses such as patented Dynamic Profiling technology, SQL injection and XSS correlation engines, and detection of Microsoft SharePoint HTTP protocol violations, SecureSphere identifies zero-day attempts to exploit vulnerable components. In addition, once a new vulnerability is published, the Imperva Application Defense Center (ADC) quickly develops a signature or a set of policies to virtually patch the vulnerability. Through automatic security updates, all SecureSphere appliances receive the latest security content, and are protected against newly published vulnerabilities. Many organizations do not know what third-party components are used in their web applications, nor do they track vulnerability announcements for these components. As a result, applications built with vulnerable components are often exposed to attack for long periods of time. The SecureSphere Web Application Firewall solution has multiple layers of defense to protect applications with third-party components. Layer #2: Safeguard Files, Folders, and Lists with User Rights Management and Activity Monitoring SharePoint administrators often face challenges managing user permissions; maintaining a comprehensive audit trail of file access activity; and producing reports for compliance and forensic purposes. SecureSphere for SharePoint offers a user rights management framework which aggregates and consolidates user rights across SharePoint sites, providing visibility into effective SharePoint permissions. This allows organizations to efficiently conduct rights reviews, eliminate excess rights, and identify dormant users--all of which help ensure that access is based on business need-to-know. Additionally, Imperva’s SharePoint solution provides continuous monitoring and a detailed audit trail of all data access activity, showing the“Who, What, When, Where, and How”of each data access. This enables security, compliance, and SharePoint administrative staff to understand exactly who accessed, moved, changed, or deleted data. Furthermore, SecureSphere offers a flexible security policy framework, which allows businesses to respond immediately when data access activity deviates from corporate policy. Natively, SharePoint offers rudimentary reporting capabilities that are insufficient for compliance reporting and investigating security incidents. SecureSphere for SharePoint features interactive, on-screen audit analytics to quickly visualize file data access activity and user rights. Security and compliance teams can use these analytics to identify trends, patterns, and problems with file activity, and user rights. SecureSphere’s analytics and reporting help measure risk and document compliance with regulations such as SOX, PCI, and data privacy laws. eBook SharePoint Security Playbook The increasing use of Microsoft SharePoint to store sensitive business data and extend access and collaboration to partners, customers, and suppliers has outpaced native SharePoint security capabilities. By implementing the five lines of defense outlined in this eBook, organizations will be able to overcome operational challenges and protect SharePoint deployments against both internal and external threats. Download eBook
9 Layer #3: Protect SharePoint’s Microsoft SQL Database from Tampering The Microsoft SQL database is at the core of the SharePoint platform—storing all files, lists, and application data. Internal security requirements and compliance mandates call for privileged-user monitoring and preventing unauthorized database access. This also applies to the database component of the SharePoint platform. SecureSphere for SharePoint monitors all database access and ensures unauthorized access is prevented. Conclusion Microsoft SharePoint is one of the most widely deployed and used content management and collaboration platforms in the world. For the vast majority of organizations, that means that SharePoint holds and provides application-level access to business-critical data. As businesses seek a rapid return on their SharePoint investments, it’s common for them to turn to third-party SharePoint add-ons to expand the power and utility of SharePoint. From a security and compliance perspective, adding these extensions to an already complex business system means that additional, tailored measures need to be put in place to safeguard business data and applications. These include web application firewall technology, rights management capabilities, and activity monitoring for all data access. SecureSphere for SharePoint addresses all of these requirements in a single, integrated package.
www.imperva.com © Copyright 2013, Imperva. All rights reserved. Imperva and SecureSphere are registered trademarks of Imperva. All other brand or product names are trademarks or registered trademarks of their respective holders. WP-VulSPAddOns-0913.1 Data Center Security Solutions Imperva, pioneering the third pillar of enterprise security, fills the gaps in traditional security by directly protecting the high-value applications and data assets in physical and virtual data centers. Over 2600 customers in more than 75 countries rely on our SecureSphere® platform to safeguard their business. DATABASE SECURITY PRODUCTS Database Activity Monitoring Full auditing and visibility into database data usage Database Firewall Activity monitoring and real-time protection for critical databases Discovery and Assessment Server Vulnerability assessment, configuration management, and data classification for databases User Rights Management for Databases Review and manage user access rights to sensitive databases ADC Insights Pre-packaged reports and rules for SAP, Oracle EBS, and PeopleSoft compliance and security FILE SECURITY PRODUCTS File Activity Monitoring Full auditing and visibility into file data usage File Firewall Activity monitoring and protection for critical file data SecureSphere for SharePoint Visibility and analysis of SharePoint access rights and data usage, and protection against Web‑based threats Directory Services Monitoring Audit, alert, and report on changes made in Microsoft Active Directory User Rights Management for Files Review and manage user access rights to sensitive files WEB APPLICATION SECURITY PRODUCTS Web Application Firewall Accurate, automated protection against online threats ThreatRadar Reputation Services Leverage reputation data to stop malicious users and automated attacks ThreatRadar Fraud Prevention Stop fraud malware and account takeover quickly and easily Share this White Paper with Your Network

Recommandé

Protecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-onsProtecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-onsImperva
 
Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksImperva
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusImperva
 
Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised InsiderImperva
 
The Anatomy of Comment Spam
The Anatomy of Comment SpamThe Anatomy of Comment Spam
The Anatomy of Comment SpamImperva
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesImperva
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceImperva
 

Recommandé

Protecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-onsProtecting Against Vulnerabilities in SharePoint Add-ons
Protecting Against Vulnerabilities in SharePoint Add-onsImperva
 
Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksImperva
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusImperva
 
Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised InsiderImperva
 
The Anatomy of Comment Spam
The Anatomy of Comment SpamThe Anatomy of Comment Spam
The Anatomy of Comment SpamImperva
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesImperva
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceImperva
 
Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Imperva
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Imperva
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
More databases. More hackers.
More databases. More hackers.More databases. More hackers.
More databases. More hackers.Imperva
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014Imperva
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Imperva
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksImperva
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud AttacksImperva
 
Automation of Web Application Attacks
Automation of Web Application AttacksAutomation of Web Application Attacks
Automation of Web Application AttacksImperva
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughImperva
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedWeb Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedImperva
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudImperva
 
More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.Imperva
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageImperva
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsImperva
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 
Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
API Security Survey
API Security SurveyAPI Security Survey
API Security SurveyImperva
 

Contenu connexe

En vedette

Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Imperva
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Imperva
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security RisksImperva
 
More databases. More hackers.
More databases. More hackers.More databases. More hackers.
More databases. More hackers.Imperva
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014Imperva
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Imperva
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksImperva
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud AttacksImperva
 
Automation of Web Application Attacks
Automation of Web Application AttacksAutomation of Web Application Attacks
Automation of Web Application AttacksImperva
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughImperva
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackImperva
 
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedWeb Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedImperva
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudImperva
 
More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.Imperva
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageImperva
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarImperva
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationImperva
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsImperva
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Imperva
 

En vedette (20)

Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
 
More databases. More hackers.
More databases. More hackers.More databases. More hackers.
More databases. More hackers.
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud Attacks
 
Automation of Web Application Attacks
Automation of Web Application AttacksAutomation of Web Application Attacks
Automation of Web Application Attacks
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
 
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedWeb Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public Cloud
 
More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall Webinar
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 

Plus de Imperva

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
API Security Survey
API Security SurveyAPI Security Survey
API Security SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Imperva
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesImperva
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchImperva
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged VendorsImperva
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet SophisticationImperva
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made EasyImperva
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceImperva
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyImperva
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR PlanImperva
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataImperva
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityImperva
 

Plus de Imperva (19)

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
API Security Survey
API Security SurveyAPI Security Survey
API Security Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over Lunch
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet Sophistication
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made Easy
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense Report
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat Intelligence
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR Plan
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your Data
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data Security
 

Dernier

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Dernier (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Protecting Against Vulnerabilities in SharePoint Add-ons

  • 1. WHITE PAPER Microsoft SharePoint is a widely adopted data-sharing and collaboration platform that is often extended using third-party software. When the data in SharePoint is sensitive and regulated, the security of the platform—as well as the software extensions—must be a top concern for organizations. Seventy percent of organizations are facilitating cross-functional collaboration and increasing productivity by using Microsoft SharePoint as an intranet, extranet, and to host public websites1 . This means business-critical data, including regulated or sensitive information, is stored in most SharePoint environments. In parallel, companies are leveraging third-party add-ons within the SharePoint platform to get their deployment off the ground, encourage adoption, and increase employee interaction. This paper will discuss the threats introduced when using third-party SharePoint plug-ins and Web Parts, evaluate the effectiveness of traditional security solutions in respect to these threats, and provide recommendations for hardening SharePoint systems. What Organizations Store in SharePoint In an Industry Watch report survey conducted by independent research firm Association for Information and Image Management (AIIM), results concluded that SharePoint is highly integrated into companies, especially when compared to most other enterprise IT systems. The report stated that “…over half of respondents are deploying a single SharePoint system across the full enterprise”, indicating that SharePoint is becoming an enterprise-wide, “highly integrated”system2 , and not just a tool used in pockets of the organization. DID YOU KNOW? Business-critical data, including regulated or sensitive information, is stored in most SharePoint environments. 1. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 2. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. Protecting Against Vulnerabilities in SharePoint Add-ons
  • 2. 2 The principal reasons organizations implement SharePoint are internal collaboration, content management, project management, records management, corporate intranet, and as a replacement for file shares3 . These uses are core to running a business and imply that groups and individuals store a multitude of files with sensitive or regulated data in SharePoint. For example, consider whether the information below is stored in your company’s SharePoint deployment: • Regulated data. Personally identifiable information (PII), credit card information, personal health information (PHI), and financial records. Organizations operating in highly regulated industries, such as the Healthcare, Financial Services, and Federal sectors, commonly leverage SharePoint as a file repository and extranet portal. HIPAA, FINRA, PCI DSS, ITAR and SOX regulations are some of the primary motivators for organizations to ensure that data of this nature is not breached. • Sensitive data. Intellectual property, deal data, competitive information, business plans, and legal information. The data that an organization considers to be the most sensitive is not always evident, especially if IT teams, rather than data owners, are determining how information is to be classified. As an example, take an international retailer with store operations plans and strategies stored in SharePoint. While one business unit might assume this data is the most critical to the organization’s success, management and the Board of Directors may consider the data pertaining to its international expansion strategy to be top of mind. SharePoint Starts Small Companies typically implement SharePoint in a progressive manner, starting with an intranet for file sharing and content management, and eventually expanding to externally- facing deployments. Extranets are often used as a portal for customers, partners, employees, or alumni and commonly for a Board of Directors site. The later versions of SharePoint, such as SharePoint 2013, offer new functionality for simple and low-cost website creation, leading a number of Fortune 500 companies to create corporate websites, microsites, and e-commerce sites with SharePoint. As more applications are created in SharePoint, and new data is made available to those accessing SharePoint, the risk of exposure increases. The introduction of third-party widgets exacerbates the situation. According to AIIM, more than half of organizations implementing SharePoint use or are: “…planning to use third-party add-on products in order to enhance functionality. Only a third thinks they will stick with the vanilla product.”4 In addition to individual components, many organizations outsource SharePoint application development entirely. With almost thirty percent of all applications being produced by third parties5 , organizations need to evaluate the security of SharePoint applications given the amount of regulated and sensitive information dispersed across the platform. WHAT INFORMATION IS STORED IN YOUR SHAREPOINT DEPLOYMENT? Regulated Data • Personally identifiable information (PII) • Credit card information • Personal health information (PHI) • Financial records Sensitive Data • Intellectual property • Deal data • Competitive information • Business plans • Legal information More than half of organizations implementing SharePoint use or are: “…planning to use third- party add-on products in order to enhance functionality. Only a third thinks they will stick with the vanilla product.” –AIIM 2012 3. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 4. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 5. Veracode State of Software Security Report, Volume 4
  • 3. 3 Why Organizations Use SharePoint Plug-ins and Web Parts “Many would argue that the sheer volume of third-party add-ons highlights that SharePoint is nothing more than a Swiss army knife: a platform that requires users to plug-in“industry- strength”tools from external suppliers in order to achieve the performance, functionality and robustness required.”6 Microsoft SharePoint without plug-ins or Web Parts can be compared to an iPhone without apps7 . While consumers use apps for convenience, ease-of-use, collaboration, and productivity, it’s for these same reasons that IT teams will look to third-party SharePoint widgets to directly modify the content, appearance, and behavior of SharePoint site pages8 . Some of the most popular categories9 of SharePoint plug-ins and Web Parts include: • Forms. These widgets enhance the feature set of SharePoint forms, allowing admins to customize and create forms more quickly. • Document Management. As one of the most common use cases for SharePoint, organizations leverage this category of add-ons for better distribution of documents throughout teams or groups; increased organization of documents; template customization; enhanced SharePoint search capabilities; and more. • Productivity. Productivity plugins make tasks easier for employees, enabling them to be completed more quickly. Additionally, there is business justification for IT teams to put third-party tools in place; this can also be referred to as a“no-code”strategy for SharePoint. First, there is significant cost and time associated with custom coding projects within the platform. Stakeholders and end-users are interested in getting SharePoint deployments off the ground and seeing employee adoption. Third-party tools enable exactly that, e.g., the ability to deliver in-depth workflows within a matter of days versus weeks. While administrators can experience quick wins with external products, incorporating third-party code alongside regulated and confidential data presents a serious and wide reaching security risk to SharePoint intranets, extranets, websites, and also their end-users.10 PLUG-IN AND WEB PART DEFINED Plug-in (a.k.a. extension): A software component that adds additional functionality to the larger SharePoint system Example: SharePoint Outlook Integration Web Part (a.k.a. web widget): A stand-alone application that is embedded into SharePoint, and which pulls in useful information from other websites Example: Twitter feed 6. David Jones.“The SharePoint Puzzle—adding the missing pieces.”AIIM. 7. Francis Brown.“SharePoint Security: Advanced SharePoint Security Tips and Tools.”Stach & Liu, LLC. 8. “Creating Web Parts for SharePoint.”Microsoft. 9. “Top 50 SharePoint Plug-Ins and Web Parts for 2013.”Portal Front. 10. “The‘No Code’SharePoint Strategy.”PointBeyond Ltd.
  • 4. 4 Risks Associated with SharePoint Plug-ins and Web Parts Practically every SharePoint web application includes components that were not developed by in-house application programmers. Even if an application were to be completely homegrown, the web server and operating system were almost certainly coded elsewhere. According to Veracode, about seventy percent of internally developed code originates outside of the development team11 . In many cases, developers aren’t aware of all application components they are using, not to mention their versions. From a business standpoint, SharePoint administrators and security teams should always assume that third-party code—coming from partners, vendors, mergers, and acquisitions—contains significant vulnerabilities. Moreover, organizations have no control over fixing weaknesses in code they do not own. Not only are organizations blind to vulnerabilities when implementing third-party Web Parts and plug-ins, but they will not be protected until that third-party addresses those vulnerabilities. These security gaps transform add-ons from useful SharePoint tools into vehicles for delivering malware and technical attacks. If a vulnerable component is exploited, such attacks can facilitate serious data loss or server takeover. Applications using components with known vulnerabilities have the ability to undermine application defenses and introduce a range of possible attacks and business impacts. The Latest Addition to the OWASP Top 10 Concerns around third-party applications are of such concern that the Open Web Application Security Project (OWASP), an industry group focused on web application security best practices, added this threat to its most recent Top 10 report. The Top 10 report represents the most critical web application security risks as identified by a broad consensus of application security experts around the world. This addition is the main difference between the previous OWASP Top 10 and the 2013 Top 10. This new OWASP Top 10 threat not only reinforces the popularity of third-party components in application development, but also underscores the risks introduced by these components. Because thousands of SharePoint instances may include the same vulnerable code, attackers are highly motivated to locate and exploit vulnerabilities in these application components. It’s likely that this is why many of today’s high profile breaches are caused by vulnerable third-party components. SHAREPOINT SECURITY TIP SharePoint administrators and security teams should always assume that third- party code—coming from partners, vendors, mergers, and acquisitions— contains significant vulnerabilities. SHAREPOINT SECURITY RISK Applications using components with known vulnerabilities have the ability to undermine application defenses and introduce a range of possible attacks and business impacts. 11. Veracode State of Software Security Report, Volume 4
  • 5. 5 Hacking and the Rise of CMS Hacking Cyber attacks are motivated by a number of reasons—whether they are performed by profit-driven industrialized hacker groups; by hacktivists looking to target organizations based on ideology or personal agendas; or by government entities seeking economic or political gain. Depending on the motivation, hackers might focus on exploiting one particular organization, as demonstrated in the December 2012 attack on Yahoo! in which a hacker exploited a third-party astrology web application and successfully gained full access into the company’s Microsoft SQL database. Other motivations might inspire“mass hacking” in which malicious groups or individuals identify vulnerabilities in content management systems (CMS) and where the same principals apply. SharePoint, one of the leading CMS systems, is built using mainly Visual C#, Visual Basic, the Microsoft .NET Framework, ASP.NET, HTML/CSS, Document Object Model, and Silverlight, it integrates with Active Directory, and is designed for use with Microsoft SQL Server and Internet Explorer12 . As a result, the system contains its share of potential security challenges. Microsoft has reported nearly 300 vulnerabilities in SharePoint Server and related products since its release in 2001, which have rendered the underlying software subject to attacks such as cross-site scripting (XSS), SQL injection (SQLi), directory (or path) traversal, and remote file inclusion (RFI)13 . While classic website hacking consists of a single site attack in which cybercriminals identify the target, find a vulnerability, and set out to exploit it, CMS hacking, where one CMS vulnerability has the ability to compromise thousands of organizations, is on the rise. “Microsoft addressed a zero-day flaw and nine other vulnerabilities in SharePoint that could allow remote code execution… In addition, the server has two cross-site scripting vulnerabilities that can be used by an attacker to carry out attacks and run malicious scripts while masquerading as the logged-in user.”14 – Robert Westervelt on critical security updates in Microsoft SharePoint, September 2013 Intricacies of a Third-Party Code Exploit This section explores how an exploit takes place via SQL injection (SQLi), a very common data extraction technique with the objective to retrieve sensitive data, steal site admin credentials, or infect an end-user with malware. Even after a decade of web application development and awareness around web application security, this attack method is still very relevant and continues to play a major role in application hacking. This is demonstrated by the fact that SQLi has become highly automated and can be performed by unsophisticated hackers with the assistance of hacking tools like SQLmap and Havij. On-demand Webinar CMS Hacking 101 Content Management Systems (CMS), like SharePoint, expose organizations to a new set of vulnerabilities. This presentation shows how malicious hackers exploit vulnerabilities found in CMS to systematically identify and attack unsuspecting organizations and provides recommendations for attack protection. View Webinar 12. Gustavo Garcia.“SharePoint: In Defense of Cross-Site Scripting.” 13. Gustavo Garcia.“SharePoint: In Defense of Cross-Site Scripting.” 14. Robert Westervelt.“Patch Tuesday: Microsoft Fixes Critical Outlook Error, Critical SharePoint Flaws.”CRN.
  • 6. 6 Anatomy of a SQL Injection Attack Hackers begin by taking advantage of non-validated input vulnerabilities in which unchecked user input is transformed into database queries. Cyber criminals use a variety of approaches to identify application weaknesses. First, they may search public vulnerability databases, which contain thousands of web application and CMS-related vulnerabilities. Another option is to perform Google searches for weak or exposed applications. Additionally, hackers are known to leverage vulnerability scanners from vendors in the same way that organizations do to enhance their security posture. The next step is to inject SQL commands through the web application which are then executed by a backend database. Because programmers often connect SQL commands with user-provided parameters, hackers have the ability to embed SQL commands inside these parameters. As a result, the attacker has the ability to execute SQL commands on the backend database server via the web application. While there are multiple approaches to carrying out this category of attack, the targets are particular database tables that contain valuable information. No matter which methods or motivations are behind the exploitation of add-ons and CMS systems, hackers are after regulated or sensitive data. On one hand, using third-party add-ons leave the enterprise with full responsibility for securing the application, and on the other hand, very limited capacity to actually control the code. Because third-party add‑on code cannot be fixed in-house, it is important that IT and Information Security teams have the appropriate technology in place to shield the application from attacks, given the potential vulnerabilities. Protecting Your SharePoint System Complementing Traditional Defenses with Dedicated Protection IT and Security teams continue to spend the vast majority of their cyber security budget on traditional defenses, with the assumption that next-generation firewalls (NGFW) or intrusion prevention systems (IPS) will mitigate attacks against third-party plug-ins or Web Parts. While these defenses are an important and key part of security strategy, they are ill-equipped to stop attacks of this nature. Even if they were 100% effective, additional layers would be needed to ensure that critical business data is protected. These solutions are designed to protect networks and users, and although next- generation firewalls are“application aware,”meaning that they can prevent users from visiting phishing sites or tunneling applications in HTTP, they are not designed to protect web applications from external attacks. Hackers looking to steal sensitive data, such as intellectual property, deal data or PII, know exactly where to find it: in SharePoint’s unique application, file, and database elements. The reality is that cyber-attacks have become increasingly sophisticated, leveraging new hacking methods, with the explicit purpose of circumventing conventional barriers. Trend Report Lessons Learned From theYahoo! Hack In 2012, a hacker claimed to have breached Yahoo!’s security systems and acquired full access to certain Yahoo! databases, leading to full access on the server for that domain. Imperva found that the hacker was able to determine the allegedly vulnerable Yahoo! application and the exact attack method, SQL injection. This attack underscores the security problem posed by hosting third-party code— as is often done with cloud- based services. Download Report
  • 7. 7 Technical Recommendations As an enterprise builds out its security model, it is common that vulnerable components outside the purview of the organization are not taken into account. It’s important that IT and security teams always assume that third-party code present in SharePoint applications contain significant vulnerabilities. Protect SharePoint Instances Leveraging Third-party Code Against Web Attacks To protect CMS systems, it’s vital that organizations incorporate security into the software development life cycle; perform penetration tests and vulnerability assessments on applications; and deploy SharePoint applications behind a web application firewall (WAF) in order to detect and block attacks. When third-party code is present, protecting applications with a web application firewall is essential. Without the ability to fix the code, a WAF is the only relevant protection option. As Gartner states in“Security No-Brainer #9,”it’s fundamental that application vulnerability scanners interface with application firewalls. Analyst Neil McDonald states that once an application security testing tool identifies a vulnerability, the natural next step is to fix the problem. However, this presents challenges if the development team is backlogged, or IT teams don’t have access to the source code15 . Furthermore, PCI DSS requirement 6.6 provides two options for protecting web applications16 . This first option is to conduct a vulnerability assessment and incorporate these assessments into the software development life cycle. The other option is to deploy a web application firewall in front of the web application. Harden the SharePoint System When an add-on is promoted from development to production, the system configuration must be hardened to disable any irrelevant parts that may help the attacker. In the hardening process, detailed error messages should be disabled; excessive file and directory permissions should be restricted; leftover source code should be deleted; and so on. Three-layers of SharePoint Security While this paper focuses on the security implications of third-party web applications, parts and plug-ins, the SharePoint system can be compromised on many levels. In addition to web-based attacks, both malicious insiders, as well as users that have been compromised by malware, pose significant risk. Moreover, Microsoft SharePoint does not have sufficient built-in security capabilities to protect your organization from the wide range of internal and external SharePoint threats. Imperva SecureSphere™ for SharePoint offers a unique three-layer approach for protecting all of SharePoint’s web, file, and database resources. White Paper What Next Generation Firewalls Miss Web application attacks threaten nearly every organization with an online presence. While some security vendors contend that their next generation firewalls can stop Web attacks, these products lack essential Web security features, leaving customers exposed to attack. Download White Paper 15. Neil MacDonald.“Security No-Brainer #9: Application Vulnerability Scanners Should Communicate with Application Firewalls.”Gartner, Inc. 16. “Information Supplement: Application Reviews and Web Application Firewalls Clarified.”PCI Security Standards Council.
  • 8. 8 Layer #1: Deploy a Web Application Firewall Tailored to SharePoint Traditional technologies leave holes in application defenses—defenses that are only addressed by dedicated web application firewalls. SecureSphere for SharePoint uses market leading web application firewall technology to protect SharePoint web applications with vulnerable components. Through defenses such as patented Dynamic Profiling technology, SQL injection and XSS correlation engines, and detection of Microsoft SharePoint HTTP protocol violations, SecureSphere identifies zero-day attempts to exploit vulnerable components. In addition, once a new vulnerability is published, the Imperva Application Defense Center (ADC) quickly develops a signature or a set of policies to virtually patch the vulnerability. Through automatic security updates, all SecureSphere appliances receive the latest security content, and are protected against newly published vulnerabilities. Many organizations do not know what third-party components are used in their web applications, nor do they track vulnerability announcements for these components. As a result, applications built with vulnerable components are often exposed to attack for long periods of time. The SecureSphere Web Application Firewall solution has multiple layers of defense to protect applications with third-party components. Layer #2: Safeguard Files, Folders, and Lists with User Rights Management and Activity Monitoring SharePoint administrators often face challenges managing user permissions; maintaining a comprehensive audit trail of file access activity; and producing reports for compliance and forensic purposes. SecureSphere for SharePoint offers a user rights management framework which aggregates and consolidates user rights across SharePoint sites, providing visibility into effective SharePoint permissions. This allows organizations to efficiently conduct rights reviews, eliminate excess rights, and identify dormant users--all of which help ensure that access is based on business need-to-know. Additionally, Imperva’s SharePoint solution provides continuous monitoring and a detailed audit trail of all data access activity, showing the“Who, What, When, Where, and How”of each data access. This enables security, compliance, and SharePoint administrative staff to understand exactly who accessed, moved, changed, or deleted data. Furthermore, SecureSphere offers a flexible security policy framework, which allows businesses to respond immediately when data access activity deviates from corporate policy. Natively, SharePoint offers rudimentary reporting capabilities that are insufficient for compliance reporting and investigating security incidents. SecureSphere for SharePoint features interactive, on-screen audit analytics to quickly visualize file data access activity and user rights. Security and compliance teams can use these analytics to identify trends, patterns, and problems with file activity, and user rights. SecureSphere’s analytics and reporting help measure risk and document compliance with regulations such as SOX, PCI, and data privacy laws. eBook SharePoint Security Playbook The increasing use of Microsoft SharePoint to store sensitive business data and extend access and collaboration to partners, customers, and suppliers has outpaced native SharePoint security capabilities. By implementing the five lines of defense outlined in this eBook, organizations will be able to overcome operational challenges and protect SharePoint deployments against both internal and external threats. Download eBook
  • 9. 9 Layer #3: Protect SharePoint’s Microsoft SQL Database from Tampering The Microsoft SQL database is at the core of the SharePoint platform—storing all files, lists, and application data. Internal security requirements and compliance mandates call for privileged-user monitoring and preventing unauthorized database access. This also applies to the database component of the SharePoint platform. SecureSphere for SharePoint monitors all database access and ensures unauthorized access is prevented. Conclusion Microsoft SharePoint is one of the most widely deployed and used content management and collaboration platforms in the world. For the vast majority of organizations, that means that SharePoint holds and provides application-level access to business-critical data. As businesses seek a rapid return on their SharePoint investments, it’s common for them to turn to third-party SharePoint add-ons to expand the power and utility of SharePoint. From a security and compliance perspective, adding these extensions to an already complex business system means that additional, tailored measures need to be put in place to safeguard business data and applications. These include web application firewall technology, rights management capabilities, and activity monitoring for all data access. SecureSphere for SharePoint addresses all of these requirements in a single, integrated package.
  • 10. www.imperva.com © Copyright 2013, Imperva. All rights reserved. Imperva and SecureSphere are registered trademarks of Imperva. All other brand or product names are trademarks or registered trademarks of their respective holders. WP-VulSPAddOns-0913.1 Data Center Security Solutions Imperva, pioneering the third pillar of enterprise security, fills the gaps in traditional security by directly protecting the high-value applications and data assets in physical and virtual data centers. Over 2600 customers in more than 75 countries rely on our SecureSphere® platform to safeguard their business. DATABASE SECURITY PRODUCTS Database Activity Monitoring Full auditing and visibility into database data usage Database Firewall Activity monitoring and real-time protection for critical databases Discovery and Assessment Server Vulnerability assessment, configuration management, and data classification for databases User Rights Management for Databases Review and manage user access rights to sensitive databases ADC Insights Pre-packaged reports and rules for SAP, Oracle EBS, and PeopleSoft compliance and security FILE SECURITY PRODUCTS File Activity Monitoring Full auditing and visibility into file data usage File Firewall Activity monitoring and protection for critical file data SecureSphere for SharePoint Visibility and analysis of SharePoint access rights and data usage, and protection against Web‑based threats Directory Services Monitoring Audit, alert, and report on changes made in Microsoft Active Directory User Rights Management for Files Review and manage user access rights to sensitive files WEB APPLICATION SECURITY PRODUCTS Web Application Firewall Accurate, automated protection against online threats ThreatRadar Reputation Services Leverage reputation data to stop malicious users and automated attacks ThreatRadar Fraud Prevention Stop fraud malware and account takeover quickly and easily Share this White Paper with Your Network