Imperva Application Security mitigates risk for your business with full-function defense-in-depth, providing protection wherever you choose to deploy - in the cloud, on-premises, or via a hybrid model. Imperva offers advanced analytics to quickly identify the threats that matter, DDoS protection with a 3-second mitigation SLA, a developer-friendly Content Delivery Network (CDN) for the utmost performance, Web Application Firewall (WAF) solutions, bot protection, Runtime Application Self-Protection (RASP) for security embedded into the application itself, and more.

Attack Analytics

• Automatically correlate and extract meaningful narratives from thousands of security events, using machine learning

• Reduce risk by combating alert fatigue

• See attacks from the edge to the heart of the network, incorporating behavioral attack data from every customer we protect

 
DDoS Protection

• Best-in-the-industry 3-second mitigation SLA

• Automatic detection and mitigation

• Available in always-on or on-demand mode

• 44 global scrubbing centers, 6+ Tbps of scrubbing capacity at 65 billion Packets-Per-Second (PPS)

 
CDN

• Fast onboarding with a simple DNS change

• Offload origin bandwidth via automatic content profiling

• Layer 7 cloud load balancing with redirect and rewrite rules

 
Cloud WAF

• Little to no tuning required

• Deploy in blocking mode with near-zero false positives

• A managed service backed by a team of security experts

 
WAF Gateway

• Ideal for highly-regulated industries like financial services and healthcare

• Dynamically profile application structure and usage, blocking anomalies and illegal traffic

• Highly configurable to allow tight protection of your specific applications

 
Runtime Application Self-Protection

• Push code into production fast with security embedded

• Autonomous protection blocks real-time attacks without added latency

• Works in any type of deployment architecture including on-premises, in the cloud, and in containers

Imperva Data Security discovers databases on the network, classifies sensitive data and detects database vulnerabilities. Discover databases by scanning specific network segments on-demand or at scheduled intervals. Once databases are discovered, Imperva Data Security classifies the data stored in the database using dictionary and pattern-matching classification methods. Conduct vulnerability assessments with over 1,500 pre-defined vulnerability tests, based on CIS and DISA STIG benchmarks. Data Risk Analytics

• Distills billions of audit events into a manageable number of security insights

• Provides granular risk context into how data is being used by whom with machine learning and behavior analytics

• Explains incidents in plain language to accelerate investigation and reduce risk

 
Data Monitoring and Protection

• Stops threats in real-time with pre-built or custom security policies that block unauthorized activity

• Automatically captures detailed audit trail showing who accessed what data, when and what was done to the data for compliance and forensics

• Enables consistent oversight across a wide range of environments - databases, big data, clouds, mainframes and more

 
Data Discovery and Classification

• Automates discovery of databases on-premises or in the cloud

• Identifies sensitive, regulated data for compliance mandates (e.g. PCI, HIPAA, GDPR)

• Examines database content and metadata for pre-defined and custom data types

 
Database Vulnerability Assessments

• Identifies vulnerabilities and misconfigurations for databases on-premises or in the cloud

• Leverages over 1,500 pre-defined assessments, based on CIS and DISA STIG benchmarks

 
Data Masking

• Replaces sensitive data with fictional, but realistic values using multiple transformation techniques

• Maintains data utility with referential integrity and statistical accuracy

• Delivers enterprise-class scalability and performance by masking large volumes of data quickly and easily

• Supports a broad range of data stores

 
File Security

• Uses policy-based monitoring and deception technology

• Detects ransomware-infected users and blocks them from connecting to file shares in real-time

• Pinpoints risky file access activity by leveraging data risk analytics

• Blocks or quarantines risky users

Incapsula can protect your organization against any DDoS threat. WEBSITE PROTECTION Always-on DDoS protection that automatically detects and mitigates attacks targeting websites and web applications. Website Protection is an optional DDoS mitigation service that can be added to any Website Security subscription. INFRASTRUCTURE PROTECTION On-demand or always-on protection against DDoS attacks that directly target your network infrastructure. Infrastructure Protection can be used to defend entire subnets. NAME SERVER PROTECTION Always-on DDoS protection for your Name Server (NS) that protects DNS servers against network and application layer assaults. Name Server Protection also accelerates DNS responses. ALL-INCLUSIVE DDOS PROTECTION Incapsula DDoS protection supports Unicast and Anycast technologies to power a many-to-many defense methodology. This automatically detects and mitigates attacks exploiting application and server vulnerabilities, hit-and-run events and large botnets. 10-SECOND MITIGATION SLA When DDoS strikes, it takes target services moments to go down and hours to recover. Incapsula is the only service to offer a SLA-backed guarantee to detect and block all attacks in under 10 seconds. HIGH-CAPACITY NETWORK Our high-capacity global network holds over  (Terabits per second) of on-demand scrubbing capacity and can process 30 billion attack packets per second. Incapsula network has successfully defended clients against some of the largest attacks on record. ATTACK VISIBILITY Incapsula shows you attacks as they are happening and gives you actionable insight into Layer 7 attacks. Incapsula security dashboard lets you quickly analyze attacks and lets you adjust security policies on-the-fly to stop web application attacks. BLOCK ANY TYPE OF DDOS ATTACK Incapsula proxies all web requests to block DDoS attacks from being relayed to client origin servers. Incapsula detects and mitigates any type of attack, including:

• TCP SYN+ACK
• TCP FIN
• TCP RESET
• TCP ACK
• TCP ACK+PSH
• TCP Fragment
• UDP
• Slowloris
• Spoofing
• ICMP
• IGMP
• HTTP Flood
• Brute Force
• Connection Flood
• DNS Flood
• NXDomain
• Mixed SYN + UDP or ICMP + UDP Flood
• Ping of Death
• Smurf
• Reflected ICMP & UDP
• As well as other attacks

SecureSphere use two monitoring channels – one for security policies and one for audit policies. The independence enables resource and task optimization that is not possible with a single channel. SecureSphere Database Firewall

• Logs only what activity is necessary while monitoring all activity for security violations
• Monitors and protects high-transaction databases
• Blocks suspicious behavior when it happens – investigate in-context
• Executes multi-action security alerts, eliminating bottlenecks and delays
• Interlocks database protection with the SecureSphere Web Application Firewall, CounterBreach Insider threat protection, and malware protection, providing multifactored data security

SecureSphere helps organizations address compliance regulations including GDPR, PCI DSS, SOX, POPI, and HIPAA.

Imperva Web Application Firewall (WAF) analyzes all user access to your business-critical web applications and protects your applications and data from cyber attacks. WAF dynamically learns your applications’ “normal” behavior and correlates this with the threat intelligence crowd-sourced from around the world and updated in real time to deliver superior protection. The industry leading WAF identifies and acts upon dangers maliciously woven into innocent-looking website traffic; traffic that slips right through traditional defenses. This includes blocking technical attacks such as SQL injection, cross-site scripting and remote file inclusion that exploit vulnerabilities in web applications; business logic attacks such as site scraping and comment spam; botnets and DDoS attacks; and preventing account takeover attempts in real-time, before fraudulent transactions can be performed. WAF uses patented Dynamic Application Profiling to learn all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs to detect attacks with exceptional accuracy and block only bad parties, while eliminating impact to legitimate customers. WAF mitigates both technical attacks such as DDoS and SQL injection, as well as non-technical attacks such as comment spamming and site scraping. OVERVIEW SPECIFICATIONS Protect Your Critical Web Applications and Data Imperva Web Application Firewall (WAF) analyzes all user access to your business-critical web applications and protects your applications and data from cyber attacks. WAF dynamically learns your applications’ “normal” behavior and correlates this with the threat intelligence crowd-sourced from around the world and updated in real time to deliver superior protection. The industry leading WAF identifies and acts upon dangers maliciously woven into innocent-looking website traffic; traffic that slips right through traditional defenses. This includes blocking technical attacks such as SQL injection, cross-site scripting and remote file inclusion that exploit vulnerabilities in web applications; business logic attacks such as site scraping and comment spam; botnets and DDoS attacks; and preventing account takeover attempts in real-time, before fraudulent transactions can be performed. DYNAMIC APPLICATION PROFILING WAF uses patented Dynamic Application Profiling to learn all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs to detect attacks with exceptional accuracy and block only bad parties, while eliminating impact to legitimate customers. WAF mitigates both technical attacks such as DDoS and SQL injection, as well as non-technical attacks such as comment spamming and site scraping. GRANULAR CORRELATION POLICIES REDUCE FALSE POSITIVES WAF distinguishes attacks from unusual, but legitimate, behavior by correlating web requests across security layers and over time. Correlated Attack Validation capability examines multiple attributes such as HTTP protocol conformance, profile violations, signatures, special characters, and user reputation, to accurately alert on or block attacks with the lowest rate of false positives in the industry. FLEXIBLE DEPLOYMENT OPTIONS WAF can be deployed as a physical or virtual appliance on-premises, and as a virtual image on Amazon Web Services or Microsoft Azure. Physical appliance deployments are particularly flexible in that they allow WAF to run transparently, requiring virtually no changes to the customer’s network. And granular policy controls enable superior accuracy and unequaled control to match each organization’s specific protection requirements. DEEP THREAT INTELLIGENCE To protect against today’s well resourced cyber-criminals, it is vital to have an advanced warning system that is aware of and protects against constantly evolving web-based attacks. Imperva ThreatRadar updates WAF with real-time threat intelligence crowd-sourced from around the world and curated by Imperva Application Defense Center. ThreatRadar provides better protection, improves WAF accuracy, and makes the security team more efficient by proactively filtering traffic from known bad sources so the security team can focus on what is really important. The following ThreatRadar intelligence feeds are available: Reputation Services: Filters traffic based upon latest, real-time reputation of source Community Defense: Adds unique threat intelligence crowd-sourced from Imperva users Bot Protection: Detects botnet clients and application DDoS attacks Account Takeover Protection: Protects website user accounts from attack and takeover Fraud Prevention: Simplifies deployment of best-in-class partner fraud prevention solutions VIRTUAL PATCHING WAF can perform “virtual patching” for your web applications via vulnerability scanner integration. Instead of leaving a web application exposed to attack for weeks or months while code is modified after discovering a vulnerability, virtual patching actively protects web applications from attacks to reduce the window of exposure, and decreases the costs of emergency fix cycles until you are able to patch them. CUSTOMIZABLE REPORTS FOR COMPLIANCE AND FORENSICS WAF rich graphical reporting capabilities enable customers to easily understand security status and meet regulatory compliance. WAF provides both pre-defined and fully-customizable reports. This enables you to quickly assess your security status and streamline demonstration of compliance with PCI, SOX, HIPAA and FISMA and other compliance standards. MONITORING FOR IN-DEPTH ANALYSIS OF ATTACKS Alerts can be easily searched, sorted, and directly linked to corresponding security rules. WAF monitoring and reporting framework provides instant visibility into security, compliance, and content delivery concerns. A real-time dashboard provides a high-level view of system status and security events.