logo

CALLGOOSE

Imperva Database Security

Integration of Imperva Database Security with Callgoose SQIBS


Overview

This document provides a detailed guide to integrating Imperva Database Security with Callgoose SQIBS for real-time Incident Management, Incident Auto Remediation, Event-Driven Automation, and other Automation purposes. The integration enables automatic creation, updating, and resolution of incidents in Callgoose SQIBS based on alerts triggered in Imperva Database Security. The guide includes steps for setting up alerts in Imperva Database Security, configuring webhook notifications, creating API filters in Callgoose SQIBS, and troubleshooting.


Prerequisites


  • Imperva Database Security Account: Access to Imperva Database Security for creating alerts and managing notifications.
  • Callgoose SQIBS Account: With valid privileges to set up API filters and receive notifications.
  • Webhook/API Endpoint: Available in Callgoose SQIBS to receive alerts from Imperva Database Security.


1. Obtain API Token and Endpoint Details


To integrate with Callgoose SQIBS, you first need to obtain an API token and find the API endpoint details.


  1. Generate an API Token:
  • Follow the guide on How to Create API Token in Callgoose SQIBS: https://docs.callgoose.com/sqibs/api_token.
  1. Find the API Endpoint:
  • Refer to the Callgoose SQIBS API Endpoint Documentation: https://docs.callgoose.com/sqibs/api_end_point to get the endpoint details where the JSON payloads from Imperva Database Security will be sent.


2. Debugging and Troubleshooting


Enable debugging in the API tokens used with Imperva Database Security notifications for troubleshooting purposes.


  • Enable Debugging:
  • You can update the debug value when adding or updating an API token.
  • When API tracking is enabled, logs are stored in the API log section for your review. The debugging option will automatically disable after 48 hours.
  • When API tracking is turned off, no logs are saved in the API log.


  • Using API Log for Troubleshooting:
  • The API log provides detailed information on all API calls made to Callgoose SQIBS.
  • You can check the JSON values in each API log entry for troubleshooting purposes.
  • Use the information in the API log to create or refine API filters to ensure incidents are created correctly based on the API payloads received.
  • Callgoose SQIBS creates incidents according to your API filter configuration, giving you full control over how alerts from different services trigger incidents and alerts for your support team or automation processes.


3. Configuring Imperva Database Security to Send JSON Payloads


An Imperva Database Security webhook is a feature within Imperva's database security solution that sends automated notifications (via a webhook) to a designated URL whenever a significant event occurs within a monitored database, such as a suspicious query, unauthorized access, or a potential security breach. This integration allows real-time alerts and immediate response actions within your security infrastructure.


Key Features of Imperva Database Security Webhooks:

  • Function: Acts as a communication channel, delivering information about database activity to external systems in near real-time.
  • Triggering Events: Monitors unusual login attempts, access to sensitive data, SQL injection attempts, and anomalous query patterns.
  • Customizable Alerts: Configurable to trigger based on specific security needs.
  • Integration with SIEMs: Can be integrated with Security Information and Event Management (SIEM) tools to centralize security monitoring and analysis.


How It Works:

  1. Event Occurs: Imperva detects a predefined event within the monitored database.
  2. Webhook Triggered: Imperva sends a notification containing event details (e.g., user, time, query, data accessed) to the specified URL.
  3. Action Taken: Callgoose SQIBS processes the webhook payload and triggers automated remediation workflows or alerts security teams.


Benefits of Using Imperva Database Security Webhooks with Callgoose SQIBS:

  • Real-Time Threat Detection: Receive immediate alerts on potential security threats.
  • Automated Response: Trigger automated security workflows based on detected events.
  • Improved Visibility: Gain deeper insights into database activity with detailed event logs.
  • Centralized Security Management: Integrate with other security tools for streamlined incident response.


3.1 Setting Up Alerts in Imperva Database Security


  1. Log in to the Imperva Database Security Console:
  • Access the Imperva Database Security platform using your account credentials.
  1. Navigate to the Alerts Section:
  • In the Imperva Database Security console, go to Alerts > Create Alert.
  1. Create a New Alert:
  • Click on Add Alert to create a new alert.
  • Specify Alert Conditions: Define the conditions that will trigger the alert, such as specific security events, policy violations, or audit findings.
  1. Configure the Notification Method:
  • Choose Webhook as the notification method to send data to a webhook.
  • Webhook URL: Enter the webhook URL provided by Callgoose SQIBS.


4. Configuring Callgoose SQIBS


To correctly map incidents from Imperva Database Security alerts, create API filters based on the JSON payloads received.



5. Testing and Validation


  • Triggering Alerts:
  • Simulate a security alert in Imperva Database Security.
  • Verify that an incident is created in Callgoose SQIBS with the correct details.
  • Resolving Alerts:
  • Investigate and resolve the alert in Imperva Database Security.
  • Ensure that the corresponding incident in Callgoose SQIBS is updated or resolved accordingly.


6. Security Considerations


  • API Security: Ensure that the Callgoose SQIBS API endpoint is correctly configured and that API tokens are securely stored.
  • Imperva Database Security Permissions: Verify that webhook permissions allow sending security event data to Callgoose SQIBS.
  • Data Encryption: Ensure encrypted data transmission between Imperva Database Security and Callgoose SQIBS.


7. Conclusion


This guide provides a comprehensive overview of how to integrate Imperva Database Security with Callgoose SQIBS for effective database security management. By following these steps, organizations can ensure security alerts from Imperva Database Security trigger automated responses in Callgoose SQIBS, reducing manual intervention and improving security incident response times.

For further customization or advanced use cases, refer to:



CALLGOOSE
SQIBS

Advanced Automation platform with effective On-Call schedule, real-time Incident Management and Incident Response capabilities that keep your organization more resilient, reliable, and always on

Callgoose SQIBS can Integrate with any applications or tools you use. It can be monitoring, ticketing, ITSM, log management, error tracking, ChatOps, collaboration tools or any applications

Callgoose providing the Plans with Unique features and advanced features for every business needs at the most affordable price.



Unique Features

  • 30+ languages supported
  • IVR for Phone call notifications
  • Dedicated caller id
  • Advanced API & Email filter
  • Tag based maintenance mode
Book a Demo

Signup for a freemium plan today &
Experience the results.

No credit card required