All integrations
DatabaseCompliance

Imperva Scuba integration

Upload the Scuba assessment export (.scb) against the Scuba DB source. Each assessment test becomes a finding on the scanned database server, and passed checks are handled via the result field.

Scan types imported

  • Database configuration weaknesses & patch levels
  • CIS benchmark compliance checks

File import

SCB (Scuba export)

The template walks the assessments in the export, per database server address.

What Centraleyezer expects in the file

  • Per test: test name, description, remediation, severity (Critical → Info), details and result (pass/fail — passed checks are excluded automatically).
  • Database assets are matched by server address and port.

How imported findings are risk-scored

Every Imperva Scuba finding is normalised into Centraleyezer’s risk model on import: the scanner’s native severity scale maps to a configurable DREAD vector (Damage, Reproducibility, Exploitability, Affected users, Discoverability), which combines with asset criticality, network exposure, exploitability intelligence and the platform’s other risk factors to produce one comparable risk score across every scanner you run. CVE, CVSS and CWE metadata are preserved on the finding for reference and reporting, and duplicate findings from repeated imports are automatically correlated instead of creating noise.

See the Imperva Scuba integration live

Book a demo and we’ll connect your Imperva Scuba data and walk through risk-based prioritisation on your own findings.

Imperva Scuba Integration — Setup & Imported Scan Types