Integrating Imperva SecureSphere with IBM Data Risk Manager
Configure IBM Data Risk Manager to connect and interact with Imperva SecureSphere for importing vulnerability information into IBM Data Risk Manager.
IBM Data Risk Manager uses Fullstack to consume the vulnerabilities from Imperva SecureSphere.
Ensure that the IBM Data Risk Manager Server image or build is available in the necessary format based on the environment where you are running the installation.
- Importing Imperva SecureSphere vulnerability assessment
into IBM Data Risk Manager.
- Assessment
- Integrating Imperva SecureSphere with IBM Data Risk Manager.
- Importing vulnerability assessment tests.
- Importing vulnerabilities into IBM Data Risk Manager.
- Importing vulnerabilities as CSV file into IBM Data Risk Manager.
- Importing Imperva SecureSphere classification scan
results into IBM Data Risk Manager.
- Imperva SecureSphere discovery and classification.
- Importing Imperva SecureSphere classifier results into IBM Data Risk Manager through native catalog.
Assessment
The Secure Sphere Assessment Server enables you to import scans from third-party vendors such as IBM AppScan, HP Web Inspect, NTObjectives, ImmuniWeb, acunetix, and White Hat for listing vulnerabilities in the Secure Sphere vulnerability workbench. Secure Sphere integrates Common Vulnerabilities Scoring System (CVSS) that is maintained by National Institute of Standards and Technology. The scoring system scores each vulnerability on a scale of 0 to 10 based on the effect that the vulnerability has, and the effort that is required to use it.
Integrating Imperva SecureSphere with IBM Data Risk Manager
For the integration steps, see Integrating Imperva SecureSphere with IBM Data Risk Manager.
Importing Imperva SecureSphere vulnerability assessments (VA) tests
For the steps on how to import VA tests, see Importing Imperva SecureSphere vulnerability assessment tests.
Importing Imperva SecureSphere vulnerabilities into IBM Data Risk Manager
For the steps on how to import vulnerabilities, see Importing vulnerability scans.
Importing Imperva SecureSphere vulnerabilities as CSV file into IBM Data Risk Manager
You can import vulnerabilities as CSV file into IBM Data Risk Manager. For the steps on how to import the CSV file, see Importing vulnerability scans.
Secure Sphere Discovery and Classification
Secure Sphere Discovery and Classification provides a complete set of tools to help you discover web services. You then use this classification information to create security policies to monitor them and alert you about the suspicious activities.
The Discovery and Classification window provides a wide selection of options that enable you to navigate between the available features to configure scans and display discovered server.
You can trigger the classification scan in Imperva SecureSphere and the results can be exported to a CSV file. These contents can be customized by using the IBM Data Risk Manager native catalog classifier template and can be imported into IBM Data Risk Manager.
Importing Imperva SecureSphere classifier results into IBM Data Risk Manager
For the steps on how to import classifier results CSV file (Catalog data) into IBM Data Risk Manager, see Importing classifier results CSV file (catalog data) into IBM Data Risk Manager.