TL;DR The Imperva Red Team discovered a vulnerability in TikTok, a popular social media platform with more than one billion users worldwide, that could allow attackers to monitor users’ activity on both mobile and desktop devices. This vulnerability, which has…
Category: Blog
With Imperva’s DRA and ServiceNow, you can avoid burning out your cyber security employees
In today’s world, CIOs and CISOs are facing a tough reality when it comes to the security staff shortage situation. With the deflating economy, nationalism, cybercrime, and nation-led adversaries, the demand for security personnel has increased, making it challenging for…
Imperva Continues to Innovate With New Features for Online Fraud Prevention
Last year, Imperva embarked on a mission to help organizations combat the growing threat of digital fraud. We introduced a new solution and a range of innovative features to help detect and prevent online fraud at its earliest stages. Imperva…
Imperva® and Fortanix Partner to Protect Confidential Customer Data
Imperva Data Security Fabric and Fortanix Data Security Manager combine to provide end-to-end data security. Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, and Fortanix, Inc. (@Fortanix), the Data Security company powered…
The Anatomy of a Scalping Bot: NSB Was Copped!
In recent years, scalping bots have become a growing concern for online retailers. In this two-part blog series, we will analyze the inner workings of the Nike Shoe Bot (NSB) scalping bot, one of the most dangerous scalping bots around.…
Imperva Unveils Latest API Security Enhancements
Imperva is continuing to evolve its API Security offering to help customers better protect their APIs, wherever they are, and to meet changing market requirements. Since launching API Security in March 2022, we continued investing in our API Security offering…
Imperva and Kong Partner to Bring API Security to the Gateway for Enhanced API Management
Imperva is delighted to announce a new partnership with Kong Inc, provider of the leading cloud-native API platform, to offer best-in-class API Security to users of the Kong platform. Through the new partnership, Kong Enterprise customers can protect their business…
Imperva is an Overall Leader in the 2023 KuppingerCole Leadership Compass Data Security Platforms Report
Imperva is a leader in every category – Market, Innovation, and Product Imperva, Inc., (@Imperva) the cybersecurity leader that protects critical applications, APIs, and data, anywhere at scale, is an Overall Leader in the 2023 KuppingerCole Leadership Compass for Data…
New Imperva Office & Customer Experience Centre Aims to Meet the Needs of Customers In Singapore & Across Asia Pacific and Japan
Since 2009, Imperva has proudly maintained offices in various countries across the Asia Pacific and Japan (APJ) region. As the company experiences momentum in this region, we continue to invest in expanding our presence to better support our valued customers,…
CVE-2023-26360 – Adobe ColdFusion Arbitrary Code Execution
On March 14, 2023, Adobe released a security advisory affecting Adobe ColdFusion versions 2021 and 2018. The vulnerability was categorized as improper access control, potentially resulting in arbitrary code execution. The exploitation of this issue does not require user interaction. No PoC…
Two-Week ATO Attack Mitigated by Imperva
Beginning on February 7, an Imperva-protected account was targeted by an ongoing account takeover (ATO) attack that lasted for two weeks. On average, attacks last a few hours or a couple days at most, so the length of this attack…
Imperva recognized as a Strong Performer in Forrester Wave: Data Security Platforms, Q1 2023
Imperva Data Security Fabric demonstrates robust security and risk management practices to reduce risks across hybrid multicloud environments The Forrester Wave™ evaluated the largest end-to-end providers of data security capabilities across a wide range of functionality to enable controls to…
Augmented Software Engineering in an AI Era
Artificial Intelligence (AI) has been making waves in many industries, and software engineering is no exception. AI has the potential to revolutionize the way software is developed, tested, and maintained, bringing a new level of automation and efficiency to the…
Deanonymizing OpenSea NFT Owners via Cross-Site Search Vulnerability
TLDR Recently, a cross-site search vulnerability was discovered affecting the popular NFT marketplace OpenSea. When successfully exploited, this issue allows for the deanonymization of OpenSea users by linking an IP address, a browser session, or an email in certain conditions…
Imperva Announces Joining the EDB GlobalConnect Technology Partner Program and Certification of Imperva’s DSF Agents to Support EDB Postgres Advanced Server and Community PostgreSQL Databases
It’s official, Imperva has joined the EnterpriseDB (EDB) GlobalConnect Technology Partner Program. While Imperva has supported and protected the EDB Postgres Advanced Server and community PostgreSQL databases, it is now an EDB Certified security solution. Imperva’s Data Security Fabric (DSF)…
Why Healthcare Cybercrime is the Perfect Storm
It’s Friday night. You, your husband, and your two children are settling in for a fun pizza and movie night together. Unexpectedly, your elderly neighbor, Anne, calls in a panic. Her husband Steve is having severe chest pains. While Anne…
Advanced Persistent Threat Groups Behind DDoS Attacks on Danish Hospitals
On Sunday 26 February the websites of several Danish hospitals were taken offline after being hit by Distributed Denial of Service (DDoS) attacks claimed by a group calling themselves ‘Anonymous Sudan’. According to reports on Twitter patient care was unaffected…
Imperva releases its Global DDoS Threat Landscape Report 2023
The 2023 Imperva Global DDoS Threat Landscape Report reviews DDoS attack activity throughout 2022, provides insights into the year’s most noteworthy DDoS events, and offers recommendations for the year ahead. While the report focuses mainly on research data from the…
Everything You Need To Know About The Latest Imperva Online Fraud Prevention Feature Release
It’s a new year and we have lots of fresh features for Imperva Online Fraud Prevention solution, which encompasses Advanced Bot Protection, Account Takeover Protection, and Client-Side Protection. We have been busy adding a host of new advanced fraud detection…
Hospitals Hit by DDoS Attacks as Killnet Group Targets the Healthcare Sector – What You Need to do Now
The increase in DDoS attacks on healthcare organizations in the US in the last 48 hours by the Pro-Russian hacktivist group Killnet has become a serious concern. These types of attacks are designed to overload a network or system with…
Why Attackers Target the Financial Services Industry
This is Part 1 of a new monthly series from Imperva Threat Research exploring attackers’ motivations to target specific industries. Stay tuned for next months’ exploration of the healthcare industry! Key Takeaways Financial services sites are the most targeted ,…
Why Attackers Target the Financial Services Industry
This is Part 1 of a new monthly series from Imperva Threat Research exploring attackers’ motivations to target specific industries. Stay tuned for next months’ exploration of the healthcare industry! Key Takeaways Financial services sites are the most targeted ,…
ManageEngine Vulnerability CVE-2022-47966
Recently, Zoho ManageEngine released a security advisory for CVE-2022-47966, which allows for pre-authentication remote code execution in at least 24 ManageEngine products, including ADSelfService Plus and ServiceDesk Plus. This vulnerability stems from the products’ use of an outdated Apache Santuario…
Is the FSI innovation rush leaving your data and application security controls behind?
Fuelled by rising consumer expectations for innovative services and easy real-time access to financial products and information, financial services industries (FSI) and fintech organizations are racing to out-innovate each other and capture market share. The sizeable growth of investments into…
Google Chrome “SymStealer” Vulnerability: How to Protect Your Files from Being Stolen
The Imperva Red Team recently disclosed a vulnerability, dubbed CVE-2022-40764, affecting over 2.5 billion users of Google Chrome and Chromium-based browsers. This vulnerability allowed for the theft of sensitive files, such as crypto wallets and cloud provider credentials. Introduction Chrome…
81% Increase in Large-Volume DDoS Attacks
Since 2021, distributed denial of service (DDoS) attacks have trended upwards, both in volume and frequency. Layer 7 DDoS attacks of at least 500,000 requests per second (RPS) increased 81% in the past year. In addition to greater frequency, attack…
Buyer Beware! Account Takeover Attacks Surging This Shopping Season
The prevalence of Account Takeover (ATO) attacks continues to rise, as the threat creeps its way to the top of the list of security concerns for organizations today. Last year, Imperva recorded a staggering 148% increase in Account Takeover attacks,…
The World Cup: Prime Time for Sports Fans and Cybercriminals
From November 20 to December 18, fans from all over the world are tuned into the World Cup tournament in Qatar. While this is a major event for sports fans, it’s also prime time for bad actors. Large sporting events…
Log4j: One Year Later
One year ago, the Log4j remote code execution vulnerability known as Log4Shell (CVE-2021-44228) was announced. The critical severity level vulnerability in a logging framework used across virtually all Java environments quickly set the internet on fire when it was released…
2023 Predictions: The Data Security Shake-up
The move to the cloud continues to create complexity around data security. In 2023, Imperva believes the increasingly diverse data landscape will drive a fundamental shift in the people, processes, and technology in cybersecurity. Imperva’s data security leaders explain how…
2023 Predictions: API Security the new Battle Ground in Cybersecurity
The adoption of application programming interfaces, more commonly known as APIs, has increased dramatically in recent years. In many ways, APIs are now the backbone of the Internet. The reason? APIs are an essential component of digital transformation, enabling applications,…
Ten Reasons a Website Needs a CDN
Today’s website visitors expect a fast and efficient user experience with no delays or site performance issues. However, high traffic volumes and global reaching websites mean website managers are faced with the challenge of added latency and slow page load…
How the Modern Data Landscape Made the Traditional Cybersecurity Approach Obsolete
From the news headlines, we know that data breaches are on the rise – both in frequency and scale. While this reality is unsettling, it’s not surprising. That is because the volume of data being collected and stored by organizations…
The Global DDoS Threat Landscape – November 2022
Every month in this space, we will post the Global DDoS Threat Landscape blog on behalf of the Imperva Threat Research team. As DDoS attacks continue to pose a significant risk to businesses, it is critical that we regularly communicate…
The 5 Core Principles of the Zero-Trust Cybersecurity Model
When even the US Government concludes that to ensure baseline security practices are in place and to realize the security benefits of cloud-based infrastructure while mitigating associated risks, they must migrate to a zero-trust model, every organization should be actively…
Zero Reasons not to Move to Zero Trust with RASP
What is Zero Trust? Zero Trust is a security methodology that enterprises are rapidly adopting to enhance data protection by reducing the sole reliance on traditional perimeter-based protections. Traditionally, cybersecurity strategies have relied on a hardened perimeter with security tools…
How can we Prevent an Internet of Compromised Things?
The shape of things to come An increasing array of physical household and business objects now come with a plethora of sensors, software, and processing abilities, connecting to like-minded devices and swapping data with additional systems via the internet or…
How DevOps can protect cloud applications from cyberattacks
Many organizations today are moving away from centralized on-prem operations and towards highly scalable cloud solutions such as Amazon’s AWS Lambda functionality. This provides cost-saving benefits and reduces the overall management of an enterprise tech stack. Cloud computing architecture also…
Misconfigurations of Cloud-Managed Infrastructures Continue to be a Major Challenge to Data Security
In case you missed the memo, cloud-hosted data is here to stay. Recent data shows spending on cloud services reached a total of $178 billion in 2021, a 37 percent increase over the $130 billion spent in 2020 and twice…
What are Dating Apps Doing to Protect Their Users?
A very public affair When asked about the pitfalls and problems behind using dating apps, users cite data security as one of the most worrying elements of online dating. Since the Ashley Madison breach in July 2015, online dating sites…
Misconfigurations of Cloud-Managed Infrastructures Continue to be a Major Challenge to Data Security
In case you missed the memo, cloud-hosted data is here to stay. Recent data shows spending on cloud services reached a total of $178 billion in 2021, a 37 percent increase over the $130 billion spent in 2020 and twice…
What are Dating Apps Doing to Protect Their Users?
A very public affair When asked about the pitfalls and problems behind using dating apps, users cite data security as one of the most worrying elements of online dating. Since the Ashley Madison breach in July 2015, online dating sites…
New Vulnerability in Popular Widget Shows Risks of Third-Party Code
The Americans with Disabilities Act (ADA) includes requirements on companies falling within its scope to ensure their websites are accessible to individuals with disabilities. These requirements have created a strong incentive for companies to use third-party solutions in the form…
Harsher penalties for data breaches in new Australian privacy bill
High-profile breaches mean high-profile action In the aftermath of another crop of high-profile data breaches, the Australian Government (also known as the Commonwealth Government) has introduced amendments to Australian privacy law which give the regulator new powers and the ability…
New Vulnerability Discovered by Imperva in a Popular Widget Demonstrates Risk of Third-Party Code
The Americans with Disabilities Act (ADA) includes requirements on companies falling within its scope to ensure their websites are accessible to individuals with disabilities. These requirements have created a strong incentive for companies to use third-party solutions in the form…
The Worrying Rise of Cybercrime as a Service (CaaS)
What is CaaS? Put simply, Cybercrime as a Service (CaaS) means black hat hackers for hire. Now, any ex-employee with a grudge, any disgruntled customer, any troubled ex-partner, or vindictive competitor, literally anyone with the right browser, can hire a…
The importance of combined user and data behavior analysis in anomaly detection
Muqeet Khan, Head of Sales Engineering Australia and New Zealand For decades security teams have understood the importance of tracking user behavior to identify potential cybersecurity threats. Behavior analysis systems first appeared in the early 2000s, and in 2015 Gartner…
Why Agentless DAM is a Better Option for Securing Cloud Data
In the context of on-premises database activity monitoring (DAM), security teams use agents to enable them to see all requests coming into the databases as well as all responses going out of the databases. In other words, the agent-based approach…
How to Teach Colleagues About the Dangers of Phishing
Every day worldwide, tens of thousands of employees fall prey to phishing scams. In the second quarter of 2022, the Anti-Phishing Working Group (APWG) saw 1,097,811 total phishing attacks, the worst quarter on record. The results can be devastating: from…
Imperva Stops Hordes of Bots from Hijacking Financial Accounts in Largest Recorded Account Takeover Attack
Consider for a moment that an army of bots is setting their sights on your website. They target your login page and hammer it with millions of requests in an ongoing attack that lasts days, raising your infrastructure and fraud…
What is Quantum Computing, and Why Should Security Professionals Care?
Quantum computing basics Quantum computing embraces the laws of quantum mechanics to solve those problems that are currently too challenging for even the most high-performance modern computers. Across the board, it is a fundamental shift in computing with the potential…
Why Cybersecurity Awareness Month is Every Month
Cybersecurity is a year-round issue Cybersecurity awareness is important year-round for the security of our businesses and customers. We’re proud to be a supporter of Cybersecurity Awareness Month. It has been invaluable in raising awareness of digital safety issues for…
How Imperva Mitigates Security Threats in Oracle Cloud Infrastructures
Most organizations today rely on an unprecedented number of computing resources to build, deploy and scale the workflows and applications they need to succeed. They are responsible for more data than ever before, on-premises and in the cloud, which presents…
What is Quantum Computing, and Why Should Security Professionals Care?
Quantum computing basics Quantum computing embraces the laws of quantum mechanics to solve those problems that are currently too challenging for even the most high-performance modern computers. Across the board, it is a fundamental shift in computing with the potential…
Why Cybersecurity Awareness Month is Every Month
Cybersecurity is a year-round issue Cybersecurity awareness is important year-round for the security of our businesses and customers. We’re proud to be a supporter of Cybersecurity Awareness Month. It has been invaluable in raising awareness of digital safety issues for…
How Imperva Mitigates Security Threats in Oracle Cloud Infrastructures
Most organizations today rely on an unprecedented number of computing resources to build, deploy and scale the workflows and applications they need to succeed. They are responsible for more data than ever before, on-premises and in the cloud, which presents…
Gain Control of Rapidly Securing Your Critical APIs Without Worrying About Your Backend Stack
Imagine trying to protect your web application farm, while needing to integrate with all the different web servers’ backend stacks on a one-to-one basis. This requires a WAF that understands systems such as Nginx, Apache, IIS, and Tomcat. You will…
Gain Control of Rapidly Securing Your Critical APIs Without Worrying About Your Backend Stack
Imagine trying to protect your web application farm, while needing to integrate with all the different web servers’ backend stacks on a one-to-one basis. This requires a WAF that understands systems such as Nginx, Apache, IIS, and Tomcat. You will…
Out with the WAF, in with the WAAP
Advanced attacks call for advanced protection Bad actors are constantly discovering new attack vectors to exploit applications. To meet the threat, organizations need enterprise-level security more now than ever. Traditionally, implementing a Web Application Firewall (WAF) would be enough to…
Apache Commons Text vulnerability CVE-2022-42889
CVE-2022-42889 was recently added to the NVD catalog, with a critical score of 9.8. This vulnerability allows remote code execution (RCE) in Apache Commons Text. It affects version numbers 1.5-1.9, and an upgrade to Apache Commons Text 1.10.0 disables the…
Four Big Reasons to Update Your Software
ABP To shamelessly paraphrase the 1992 crime drama Glengarry Glen Ross, “Always be patching.” Any home computer needs to be updated regularly. Drives and software updates are critical to the smooth running of the average home PC, and can often…
Gain Control of Rapidly Securing Your Critical APIs Without Worrying About Your Backend Stack
Imagine trying to protect your web application farm, while needing to integrate with all the different web servers’ backend stacks on a one-to-one basis. This requires a WAF that understands systems such as Nginx, Apache, IIS, and Tomcat. You will…
Out with the WAF, in with the WAAP
Advanced attacks call for advanced protection Bad actors are constantly discovering new attack vectors to exploit applications. To meet the threat, organizations need enterprise-level security more now than ever. Traditionally, implementing a Web Application Firewall (WAF) would be enough to…
Apache Commons Text vulnerability CVE-2022-42889
CVE-2022-42889 was recently added to the NVD catalog, with a critical score of 9.8. This vulnerability allows remote code execution (RCE) in Apache Commons Text. It affects version numbers 1.5-1.9, and an upgrade to Apache Commons Text 1.10.0 disables the…
Four Big Reasons to Update Your Software
ABP To shamelessly paraphrase the 1992 crime drama Glengarry Glen Ross, “Always be patching.” Any home computer needs to be updated regularly. Drives and software updates are critical to the smooth running of the average home PC, and can often…
Imperva Threat Research Shows Cyber Attacks on the Rise in Australia
Every year, cyber attacks increase. Attackers get smarter, tools get better, and incentives to target sites grow. Over the last year, Imperva Threat Research detected a large increase in attacks targeting Australian sites, more than the global rise over the…
A Recap of Released Features in Q3 for Imperva’s Online Fraud Prevention Solution
Advanced Bot Protection Earlier this year, Imperva was named a Leader in The Forrester Wave™: Bot Management, Q2 2022. Advanced Bot Protection (ABP) ranked at the top in the current offering category, based on criteria including the range of supported…
Imperva Threat Research Shows Cyber Attacks on the Rise in Australia
Every year, cyber attacks increase. Attackers get smarter, tools get better, and incentives to target sites grow. Over the last year, Imperva Threat Research detected a large increase in attacks targeting Australian sites, more than the global rise over the…
7 Ways Imperva Solutions Reduce the Cost of Data Security
As we push into Q4, economic uncertainty caused by rising interest rates, as-yet unchecked inflation, and a bear market is driving many enterprises to buck the trend and tighten cyber security budgets for the last three months of 2022. The…
A Recap of Released Features in Q3 for Imperva’s Online Fraud Prevention Solution
Advanced Bot Protection Earlier this year, Imperva was named a Leader in The Forrester Wave™: Bot Management, Q2 2022. Advanced Bot Protection (ABP) ranked at the top in the current offering category, based on criteria including the range of supported…
Why a Resilient Content Delivery Network (CDN) is Key to Website Performance
Today’s online users have built-up certain standards of quality when visiting a website. They expect a high performance website with fast page load times and easily accessible, fresh and dynamic content. They also expect to enjoy a seamless and secure…
Talking to our Team about Cybersecurity Careers, on Ada Lovelace Day
Today’s Ada Lovelace Day, and this is a time to highlight the achievements of women in technology, engineering, science, and mathematics, and to encourage girls and women to pursue careers in STEM. Imperva Enterprise Account Managers, Leanora Weaver and Rebecca…
Imperva Threat Research Shows Cyber Attacks on the Rise in Australia
Every year, cyber attacks increase. Attackers get smarter, tools get better, and incentives to target sites grow. Over the last year, Imperva Threat Research detected a large increase in attacks targeting Australian sites, more than the global rise over the…
Why we all Need a Password Manager
What is a password manager? A password manager helps users create unique and complex passwords and store them in an encrypted fashion, meaning each website, application, or program that needs login information can use a more secure string of characters,…
7 Ways Imperva Solutions Reduce the Cost of Data Security
As we push into Q4, economic uncertainty caused by rising interest rates, as-yet unchecked inflation, and a bear market is driving many enterprises to buck the trend and tighten cyber security budgets for the last three months of 2022. The…
Talking to our Team about Cybersecurity Careers, on Ada Lovelace Day
Today’s Ada Lovelace Day, and this is a time to highlight the achievements of women in technology, engineering, science, and mathematics, and to encourage girls and women to pursue careers in STEM. Imperva Enterprise Account Managers, Leanora Weaver and Rebecca…
Why a Resilient Content Delivery Network (CDN) is Key to Website Performance
Today’s online users have built-up certain standards of quality when visiting a website. They expect a high performance website with fast page load times and easily accessible, fresh and dynamic content. They also expect to enjoy a seamless and secure…
Why we all Need a Password Manager
What is a password manager? A password manager helps users create unique and complex passwords and store them in an encrypted fashion, meaning each website, application, or program that needs login information can use a more secure string of characters,…
Massive Multi-Vector 1.37 Tbps DDoS Attack Mitigated by Imperva DDoS Protection
On July 22, an Imperva customer was targeted by a network DDoS attack that reached a maximum bandwidth of 1.37 trillion bits per second (Tbps), making it one of the largest attacks that Imperva has stopped and one of the…
Imperva DSF Secures Your Data in Amazon Web Services Enterprise Data Lakes
Data lakes serve as a central repository for storing several data types – structured, semi-structured, and unstructured – at scale. One of the ways data lakes are useful is they do not require any upfront work on the data. You…
Attack Analytics Helps You Find the Monsters Under the Bed
Alert fatigue kills data breach detection efforts Is there anything more frightening than missing a cyber attack? For most organizations, the answer is no. However, for many security teams, it’s challenging to tune alerts properly to minimize false positives and…
Massive Multi-Vector 1.37 Tbps DDoS Attack Mitigated by Imperva DDoS Protection
On July 22, an Imperva customer was targeted by a network DDoS attack that reached a maximum bandwidth of 1.37 trillion bits per second (Tbps), making it one of the largest attacks that Imperva has stopped and one of the…
Imperva DSF Secures Your Data in Amazon Web Services Enterprise Data Lakes
Data lakes serve as a central repository for storing several data types – structured, semi-structured, and unstructured – at scale. One of the ways data lakes are useful is they do not require any upfront work on the data. You…
Attack Analytics Helps You Find the Monsters Under the Bed
Alert fatigue kills data breach detection efforts Is there anything more frightening than missing a cyber attack? For most organizations, the answer is no. However, for many security teams, it’s challenging to tune alerts properly to minimize false positives and…
Why Imperva is a Cybersecurity Awareness Month Champion
This is our second consecutive year as a champion of Cybersecurity Awareness Month. Nowadays, IT security is everyone’s responsibility, and that’s something we take very seriously. Cybersecurity Awareness Month raises awareness of the core principles behind cybersecurity and highlights the…
How Scanning Your Projects for Security Issues Can Lead to Remote Code Execution
The Imperva Red Team recently discovered and disclosed CVE-2022-40764, a command injection vulnerability affecting Snyk CLI. Snyk is a security company best known for its dependency vulnerability management software. The disclosed command injection vulnerability affects the Snyk command-line interface tool…
Microsoft Exchange Server Vulnerabilities CVE-2022-41040 and CVE-2022-41082
On September 29, Microsoft security researchers announced two new zero-day vulnerabilities, CVE-2022-41040 and CVE-2022-41082 affecting Microsoft Exchange Server. The vulnerabilities allow remote code execution (RCE) when used in tandem. It is important to note that both require authenticated access to…
The 5-Question Test to Assess Your Readiness to Manage Insider Threats
An insider threat is a cyber security risk that originates from within any organization that is being targeted by attackers. Often, insider threats involve a current or former employee, or business associate, who has access to sensitive information or privileged…
For Cost-Conscious Compliance Reporting, Rethink Your Data Retention Capability
Staffing costs required to generate reports for compliance audits are high, but the time required to generate the reports themselves is not necessarily to blame if you have suitable access to your data. Today, the cost to retain data is…
How Scanning Your Projects for Security Issues Can Lead to Remote Code Execution
The Imperva Red Team recently discovered and disclosed CVE-2022-40764, a command injection vulnerability affecting Snyk CLI. Snyk is a security company best known for its dependency vulnerability management software. The disclosed command injection vulnerability affects the Snyk command-line interface tool…
At Kong Summit 2022, Imperva Will Demonstrate how to Use Terraform to Onboard Kong-managed Apps and Discover API Endpoints
Imperva and Kong are working together to simplify APIs Imperva is attending Kong’s 2022 Summit on September 28 and 29 in San Francisco. Imperva’s Summit booth will feature both a recorded and live demo built to showcase how Kong and…
For Cost-Conscious Compliance Reporting, Rethink Your Data Retention Capability
Staffing costs required to generate reports for compliance audits are high, but the time required to generate the reports themselves is not necessarily to blame if you have suitable access to your data. Today, the cost to retain data is…
At Kong Summit 2022, Imperva Will Demonstrate how to Use Terraform to Onboard Kong-managed Apps and Discover API Endpoints
Imperva and Kong are working together to simplify APIs Imperva is attending Kong’s 2022 Summit on September 28 and 29 in San Francisco. Imperva’s Summit booth will feature both a recorded and live demo built to showcase how Kong and…
Six Ways to Have Your eCommerce Site Ready for High-Traffic eShopping Days
The spikes are coming September is nearly over, and Black Friday, Cyber Monday, Thanksgiving, Hanukkah, Halloween, Super Saturday, and the festive season will soon be upon us. With the holidays comes increased sales opportunities, driven by increased traffic. When you’re…
SaaS Eliminates Barriers to Applying Security Controls to Your Entire AWS and Azure Data Repository
Businesses today widely regard data as “the new oil,” the most valuable resource on earth. At the same time, we are in the midst of the most dynamic IT landscape in history which is increasing the risk to this most…
“Oops, I insecurely coded again!”
The call is coming from inside the house It’s no secret that companies need to be vigilant about application security. However, frequently the source of application vulnerabilities may come as a surprise to security teams. While zero-day exploits are a…
Six Ways to Have Your eCommerce Site Ready for High-Traffic eShopping Days
The spikes are coming September is nearly over, and Black Friday, Cyber Monday, Thanksgiving, Hanukkah, Halloween, Super Saturday, and the festive season will soon be upon us. With the holidays comes increased sales opportunities, driven by increased traffic. When you’re…
Record 25.3 Billion Request Multiplexing Attack Mitigated by Imperva
On June 27, 2022, Imperva mitigated a single attack with over 25.3 billion requests, setting a new record for Imperva’s application DDoS mitigation solution. While attacks with over one million requests per second (RPS) aren’t new, we’ve previously only seen…
“Oops, I insecurely coded again!”
The call is coming from inside the house It’s no secret that companies need to be vigilant about application security. However, frequently the source of application vulnerabilities may come as a surprise to security teams. While zero-day exploits are a…
Record 25.3 Billion Request Multiplexing Attack Mitigated by Imperva
On June 27, 2022, Imperva mitigated a single attack with over 25.3 billion requests, setting a new record for Imperva’s application DDoS mitigation solution. While attacks with over one million requests per second (RPS) aren’t new, we’ve previously only seen…