Tag: Blog

Read the original article: Opportunities and Threats – IoT and the Rise of 5G The Internet of Things (IoT) is expanding rapidly. The number of connected devices in homes, businesses, and vehicles across the world is expected to increase from…

Read more →

Read the original article: Data Privacy – Now’s the Time for the US to Catch Up The recent Netflix documentary, The Social Dilemma, may have highlighted to many Americans just what happens to the wealth of personal information they regularly…

Read more →

Read the original article: Lessons learned building supervised machine learning into DDoS Protection Imperva’s Data Scientists trained a machine-learning model to auto-configure DDoS security policies and this blog shares some of the lessons learned along the way. Data scientists consider…

Read more →

Read the original article: Shifting from Network Security to Data Security The world-wide events of 2020 have meant that organisations have had to simply react and adapt. More data is being moved to the cloud, applications are built in cloud…

Read more →

Read the original article: Virtual Hackathon Generates Next Generation of Imperva Innovation “How do we run a global hackathon amid a global pandemic?” That was my first thought when I began planning the 2020 Imperva Hackathon earlier this year. While…

Read more →

Read the original article: Virtual Hackathon Generates Next Generation of Imperva Innovation “How do we run a global hackathon amid a global pandemic?” That was my first thought when I began planning the 2020 Imperva Hackathon earlier this year. While…

Read more →

Read the original article: Holidays Are Coming – the State of Security for E-commerce in 2020 With the Coronavirus pandemic driving consumers online, a new report from Imperva reveals how this year’s holiday shopping season will present online retailers with…

Read more →

Read the original article: Advanced Bot Protection Handling More Traffic Than Ever It’s been six months since we launched the Advanced Bot Protection solution as fully integrated into Imperva’s Application Security platform. Previously, the Advanced Bot Protection solution lived on…

Read more →

Read the original article: Imperva SD-SOC: How Using AI and Time Series Traffic Improves DDoS Mitigation Much has changed since we first started providing protection against DDoS attacks. Attacks which were once considered huge are now mitigated on a daily…

Read more →

Read the original article: Bug hunting for a quick buck using WebLogic vulnerability (CVE-2020–14882) Introduction Popular within the commercial sphere, Oracle WebLogic Server is a scalable enterprise Java platform application server for Java-based web applications. When a vulnerability is discovered…

Read more →

Read the original article: The Threat of DDoS Attacks Creates A Recipe for Election Chaos Four years ago, we published a blog on the ways a Distributed Denial of Service (DDoS) attack could disrupt the U.S. Presidential election. Unfortunately, the…

Read more →

Read the original article: CrimeOps of the KashmirBlack Botnet – Part I Introduction Being in a research team exposes us to a variety of attacks on different platforms, of different types, scope, and volume. It also gives us the opportunity…

Read more →

Read the original article: CrimeOps of the KashmirBlack Botnet – Part II Introduction The previous blog – “CrimeOps of the KasmirBlack Botnet – Part I” – described the DevOps behind the botnet. It showed how its well-designed infrastructure makes it…

Read more →

Read the original article: Imperva A Seven-Time Magic Quadrant Leader and Named Highest for Completeness of Vision for WAF Gartner has published its 2020 Gartner Magic Quadrant for Web Application Firewalls (WAF) and Imperva has been named a Leader for…

Read more →

Read the original article: Life post-acquisition: A people-centric plan to get you total data security a lot faster Getting acquired can be an emotional rodeo. Some days are crazy excitement and others are heartache over the unknowns ahead. It’s natural…

Read more →

Read the original article: Never Leave Your Cloud Database Publicly Accessible Introduction In cybersecurity, we often hear about best practices, one of the most important of which is never to open services that should be for internal use to public…

Read more →

Read the original article: Imperva’s Mobile Security App How many apps do you currently have on your mobile device? Is this number a total across both your personal and professional devices? Did you know that between Android’s Google Play Store…

Read more →

Read the original article: Imperva 收购 jSonar： 新一代数据安全 我很高兴地宣布，Imperva 已达成收购 jSonar 的协议！我们认为，jSonar 令人难以置信的产品和技术与我们保护数据和所有通往数据的路径的使命完美契合。合并之后，我们将能够提供一种全新的数据安全方法，帮助企业满足当前和未来的需求。 Imperva，数据安全的先驱 Imperva 成立于 18 年前，其理念是通过融合应用程序和数据安全来保护组织的数字资产和信息。2020 年，全球最大的公司告诉我们一个道理，所有的安全性（包括网络和应用程序）最终目的都是为了保护数据。从长远来看，网络的存在是为了把人们带到应用程序中，而应用程序则负责读写数据。Imperva 比市场上任何其他公司都更全面地保护数据和所有通往数据的路径——从网络，到应用程序栈，再到管理数据的地方——为关键客户和分析师提供关于安全性和合规性的解决方案。 如今，数据以各种格式（结构化、半结构化、非结构化）驻留在任何地方（本地、云服务提供商、第三方），当然，有些是高度敏感的，包含组织和客户相关的 PII。在 Imperva，我们一贯以我们的数据安全框架来指导和保护客户： 发现和分类：在我所有的环境中，敏感数据存储在哪里？ 漏洞评估：哪些数据库存在安全漏洞或缺少重要的补丁？ 访问和策略管理：用户对特定数据存储拥有什么访问权限？ 审计与安全：用户访问哪些数据以及访问多少数据？ 报告与洞察：这一特定的数据活动是否异常？ 所有行业中最大的公司都采用并实施了涵盖此框架的 Imperva 数据安全解决方案——数据保护与审计、数据风险分析 (DRA)、发现与评估 (DAS)，以及最近的云数据安全 (CDS)¹。虽然该框架的基础仍然牢固，但近年来出现了令人感兴趣的趋势。 5 个关键的数据安全趋势和机遇 我将从“房间里的大象”开始：COVID-19。这场全球大流行病至少使数字化转型加快了 10 年，并加速了企业采用云计算和存储。各种规模的组织正在向云服务提供商迁移和存储比以往任何时候都多的数据。在与许多行业领先组织的首席信息官和首席信息安全官的对话中，他们希望了解如何在本地以及跨多个云服务提供商管理和保护数据。 第二，越来越多的企业开始采用专门的数据存储来解决特定的问题。在我们保护的客户中，我们看到了…

Read more →

Read the original article: DDoS Attacks Grow More Sophisticated as Imperva Mitigates Largest Attack Only a few months ago Imperva reported mitigating against two of the largest DDoS attacks of 2020. However, in the past few weeks we’ve observed a…

Read more →

Read the original article: Providing Security and Acceleration of Single Page Applications HTTP/2 + gRPC and protobuf Today many digital transformation and DevOps teams have been tasked with building applications that will enhance their customer’s digital experience. The goal, to…

Read more →

Read the original article: When The Going Gets Tough – R&D Calls With Customers – Doing It Right! Several years ago, I joined the development team of a new product within Imperva. I discovered that direct interaction between us developers…

Read more →

Read the original article: When The Going Gets Tough – R&D Calls With Customers – Doing It Right! Several years ago, I joined the development team of a new product within Imperva. I discovered that direct interaction between us developers…

Read more →

Read the original article: Putting Your Data Security at the Center of our Mission We’re more than just an industry-leading Web Application Firewall! For a long time now, Imperva has been known in the cyber security industry as ‘the WAF…

Read more →

Read the original article: Top Security and Data Privacy Regulations for Financial Services Regulatory compliance has become an increasingly more important part of the financial services industry in recent years. And it’s a trend that’s likely to continue due to…

Read more →

Read the original article: Auditing Your Database – Is It Enough For Your Data Security Needs? Audit trails have been a feature of databases for a long time, but are they still compatible with today’s data security demands? What do…

Read more →

Read the original article: From Layers to Microunits The evolution of “Code Cohesion” and “Separation of Concerns” The software industry has recognized the values of “Separation of Concerns” and “Code Cohesion” for more than two decades. Many articles, books and…

Read more →

Read the original article: WAF and RASP: Best Practice for Defense in Depth Why do you need a RASP solution if WAF’s layer of defense is so powerful? The simple answer is that no single security product can provide protection…

Read more →

Read the original article: WAF and RASP: Best Practice for Defense in Depth Why do you need a RASP solution if WAF’s layer of defense is so powerful? The simple answer is that no single security product can provide protection…

Read more →

Read the original article: Achieving Product Platform mindset Imperva has decided to gradually shift to a company-wide Platform mindset in which, instead of having a set of separate products and features, there is a set of capabilities and building blocks…

Read more →

Read the original article: Imperva mitigates largest DDoS attacks of 2020… so far… The word “unprecedented” has never been used so much as it has during 2020. And in the latest of many unprecedented events, July saw the two largest…

Read more →

Read the original article: Fast, Furious, and Scalable: Designing a High-throughput, Real-time Network Traffic Analyzer These days, our focus is on spoiling our customers. For example, we give our DDoS Protection customers the peace of mind that their network traffic…

Read more →

Read the original article: Fast, Furious, and Scalable: Designing a High-throughput, Real-time Network Traffic Analyzer These days, our focus is on spoiling our customers. For example, we give our DDoS Protection customers the peace of mind that their network traffic…

Read more →

Read the original article: Avoid Alert Fatigue: Web Application Firewall Installation, Configuration and Best Practices Alert fatigue – introducing false positives in WAF All WAF experts know what it’s like handling massive amounts of alerts. They’re also very likely wasting…

Read more →

Read the original article: Automation & Development – Why It’s Worth Investing in This Relationship Good relationships will be stable whenever something goes wrong. But, if you don’t invest in your relationships, they won’t last long. Let’s take, for example,…

Read more →

Read the original article: Introduction to SQL: Examples, Best Practices and Pitfalls SQL (Structured Query Language) has been with us for more than half a century and it’s not going away anytime soon. Popular in both traditional relational databases and…

Read more →

Read the original article: Dynamic Swagger Support Comes to Imperva It’s no secret that the shift to DevOps deployments has taken center stage at organizations small and large. The ability to quickly configure, manage and update via APIs is critical…

Read more →

Read the original article: Imperva Shields Against Windows DNS Server RCE Vulnerability (CVE-2020-1350) Recently, Check Point researchers found a 17-year-old high-profile flaw, SIGRed (CVE-2020-1350). The flaw is a wormable, critical vulnerability in the Windows DNS server, and can be triggered…

Read more →

Read the original article: Imperva Shields Against Windows DNS Server RCE Vulnerability (CVE-2020-1350) Recently, Check Point researchers found a 17-year-old high-profile flaw, SIGRed (CVE-2020-1350). The flaw is a wormable, critical vulnerability in the Windows DNS server, and can be triggered…

Read more →

Read the original article: The Anatomy of Massive Application Layer DDoS Attacks During 2020 between June 18 and June 24 Imperva mitigated massive 200K RPS (Request Per Second) attacks on a daily basis. Here at Imperva we investigate major attacks…

Read more →

Read the original article: DDoS Protection for Networks: Combatting Local Preference from ISPs One of the most common issues we have seen when onboarding customers to our DDoS Protection for Networks service is when a customer’s ISP implements a high…

Read more →

Read the original article: DDoS Protection for Networks: Combatting Local Preference from ISPs One of the most common issues we have seen when onboarding customers to our DDoS Protection for Networks service is when a customer’s ISP implements a high…

Read more →

Read the original article: How bad bots are targeting the healthcare sector Credential cracking, or password spraying, is one of the most effective ways for cybercriminals to get access to user accounts. It refers to the brute-force automated cracking, or…

Read more →

Read the original article: Introducing Imperva Cloud Data Security! We are excited to announce that our latest data security innovation is now available worldwide! Made for the cloud, Imperva Cloud Data Security (CDS) builds on our industry-leading application and data…

Read more →

Read the original article: Australian Cyber Attack Vectors Blocked Out of the Box by Imperva WAF On June 18, 2020, the Australian Cyber Security Centre (ACSC) released a disclosure detailing a ‘sophisticated’ and sustained attack against Australian government bodies and…

Read more →

Read the original article: Australian Cyber Attack Vectors Blocked Out of the Box by Imperva Cloud WAF On June 18, 2020, the Australian Cyber Security Centre (ACSC) released a disclosure detailing a ‘sophisticated’ and sustained attack against Australian government bodies…

Read more →

Read the original article: Why should you worry about DNS attacks? Domain Name System (DNS) is a very basic protocol and service that enables Internet users and network devices to discover websites using human-readable hostnames instead of numeric IP addresses.…

Read more →

Read the original article: DDoS Protection for Networks: Divert Traffic Using More Specific Routin In our previous blog post, we talked about AS (autonomous system) prepending, but sometimes a customer might have restrictions that would not allow them to use…

Read more →

Read the original article: Key Elements for DDoS Detection, Mitigation and Analysis Given today’s volatile DDoS threat landscape with attacks ranging from massive volumetric assaults to sophisticated and persistent application level threats, comprehensive protection is a must for online businesses.…

Read more →

Read the original article: Key Elements for DDoS Detection, Mitigation and Analysis Given today’s volatile DDoS threat landscape with attacks ranging from massive volumetric assaults to sophisticated and persistent application level threats, comprehensive protection is a must for online businesses.…

Read more →

Read the original article: DDoS Protection for Networks: Utilizing AS Prepending to Route Traffic Through Imperva In order for Imperva to protect customers’ traffic using DDoS Protection for Networks, the Internet must select Imperva as the best path. So what…

Read more →

Read the original article: Open Banking Around the World Open Banking, the practice of sharing financial data with competitors and third parties via open APIs, offers many benefits for consumers who not only have more control over their data, but…

Read more →

Read the original article: Attack Analytics Multi-Sensor Integrations Provide Unmatched Visibility Since debuting Attack Analytics back in 2018, this groundbreaking security analytics functionality has come a long way. Time and again our customers have told us how powerful they find…

Read more →

Read the original article: 5 Things to Know About Imperva RASP Imperva Runtime Application Self-Protection (RASP) is a server-side security solution for applications, providing application security by default. Here are 5 things to know about Imperva RASP: 1. RASP and…

Read more →

Read the original article: 5 Things to Know About Imperva RASP Imperva Runtime Application Self-Protection (RASP) is a server-side security solution for applications, providing application security by default. Here are 5 things to know about Imperva RASP: 1. RASP and…

Read more →

Read the original article: Imperva Takes on its Largest Recorded Account Takeover Attack on a Single Company Imperva recently detected and mitigated the largest – and most concentrated – series of brute force ATO (account takeover) attacks in its history.…

Read more →

Read the original article: Smart Mesh Topology Boosts Capacity and Performance Recently we introduced our advanced architectural topology for ensuring that traffic inspection and request logs are maintained within the region. This capability is especially beneficial to our customers who…

Read more →

Read the original article: Smart Mesh Topology Boosts Capacity and Performance Recently we introduced our advanced architectural topology for ensuring that traffic inspection and request logs are maintained within the region. This capability is especially beneficial to our customers who…

Read more →

Read the original article: Is Your AWS Data Secure and Compliant? Cloud Database Visibility in Minutes Internal and external attackers are after your data. Regardless of where the data resides, cloud, or on-premises, you need to protect it. In some…

Read more →

Read the original article: Is Your AWS Data Secure and Compliant? Cloud Database Visibility in Minutes Internal and external attackers are after your data. Regardless of where the data resides, cloud, or on-premises, you need to protect it. In some…

Read more →

Read the original article: Hybrid DDoS Protection is Like a Faulty Airbag We know that some businesses are the target of constant DDoS attacks, while others face attacks less frequently. If your company falls on the side of less-frequent attacks…

Read more →

Read the original article: Python and Go Top the Chart of 2019’s Most Popular Hacking Tools Imperva Cloud WAF protects over a hundred thousand websites globally and observes around a billion of attacks daily. We detect thousands of hacking tools…

Read more →

Read the original article: How Imperva Advanced Mesh Topology Keeps Canadian Data In-Country The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian federal law that sets out how organizations can collect, use and disclose personal information in…

Read more →

Read the original article: When Bandwidth Doesn’t Last Introduction Imperva’s Cloud WAF networking team went through a major transition from an operation team to a development team during the SDN era. We saw new products emerging for our network infrastructure…

Read more →

Read the original article: When Bandwidth Doesn’t Last Introduction Imperva’s Cloud WAF networking team went through a major transition from an operation team to a development team during the SDN era. We saw new products emerging for our network infrastructure…

Read more →

Read the original article: Cloud Compliance – A Top Challenge for organizations Regulatory compliance violations are among the top three biggest Cloud Application Security challenges for organizations, according to the CyberEdge Group’s ‘2020 Cyberthreat Defense Report’. Equally concerning are ‘Limitations…

Read more →

Read the original article: Imperva Cloud WAF Customers Can Easily Integrate Advanced Bot Protection for Increased Security Almost 25% of web traffic is bad bots, and only growing both in volume and sophistication. This information and more is available in…

Read more →

Read the original article: Imperva Cloud WAF Customers Can Easily Integrate Advanced Bot Protection for Increased Security Almost 25% of web traffic is bad bots, and only growing both in volume and sophistication. This information and more is available in…

Read more →

Read the original article: Imperva Poised to Deliver its Leading Advanced Bot Protection and Network Security in India With a presence in India since 2017, Imperva is continuing to provide a level of security excellence in the region. With Asia…

Read more →

Read the original article: Imperva Poised to Deliver its Leading Advanced Bot Protection and Network Security in India With a presence in India since 2017, Imperva is continuing to provide a level of security excellence in the region. With Asia…

Read more →

Read the original article: Advanced Bot Protection integrated into Imperva’s Cloud Application Security Today, Imperva announced the general availability of Advanced Bot Protection that now fully integrates the industry-leading bot protection technology into its Cloud Application Security platform. By integrating…

Read more →

Read the original article: More Insights on The Global DDoS Threat Landscape Recently, edge services product manager David Elmaleh and Imperva Research Labs’ data scientist Johnathan Azaria shared their DDoS knowledge in a live BrightTalk webinar about the current threat…

Read more →

Read the original article: Bad Bot Report 2020: Bad Bots Strike Back The 7th Annual Bad Bot Report is now available from Imperva. Prepared by data from Imperva’s Threat Research Lab, it provides a comprehensive look at the bad bot…

Read more →

Read the original article: Bad Bot Report 2020: Bad Bots Strike Back The 7th Annual Bad Bot Report is now available from Imperva. Prepared by data from Imperva’s Threat Research Lab, it provides a comprehensive look at the bad bot…

Read more →

Read the original article: New Cyber Threat Index Shows Industries Are Under Attack in Uncertain Times It has been more than a month since businesses around the world started to implement contingencies in response to the Coronavirus. The Cyber Threat…

Read more →