For VendorsBlog
Login
Imperva SecureSphere Web Application Firewall

Add to comparison

Imperva SecureSphere Web Application Firewall

1.7
Pitch
Imperva SecureSphere Web Application Firewall (WAF) analyzes all user access to your business-critical web applications and protects your applications and data from cyber attacks.

Features of product

Проблемы Problem Solving
  • Risk of attacks by hackers
  • Risk of data loss or damage
  • Risk of lost access to data and IT systems
  • Risk or Leaks of confidential information
  • Unauthorized access to corporate IT systems and data
Ценности Business Values
  • Ensure Security and Business Continuity
  • Reduce Costs
Матрица сравнения с конкурентами Matrix of comparison with competitors
Описание

About Product

Imperva SecureSphere Web Application Firewall (WAF) analyzes all user access to your business-critical web applications and protects your applications and data from cyber attacks. SecureSphere WAF dynamically learns your applications’ “normal” behavior and correlates this with the threat intelligence crowd-sourced from around the world and updated in real time to deliver superior protection. The industry leading SecureSphere WAF identifies and acts upon dangers maliciously woven into innocent-looking website traffic; traffic that slips right through traditional defenses. This includes blocking technical attacks such as SQL injection, cross-site scripting and remote file inclusion that exploit vulnerabilities in web applications; business logic attacks such as site scraping and comment spam; botnets and DDoS attacks; and preventing account takeover attempts in real-time, before fraudulent transactions can be performed. SecureSphere WAF uses patented Dynamic Application Profiling to learn all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs to detect attacks with exceptional accuracy and block only bad parties, while eliminating impact to legitimate customers. SecureSphere WAF mitigates both technical attacks such as DDoS and SQL injection, as well as non-technical attacks such as comment spamming and site scraping.

OVERVIEW SPECIFICATIONS

Protect Your Critical Web Applications and Data Imperva SecureSphere Web Application Firewall (WAF) analyzes all user access to your business-critical web applications and protects your applications and data from cyber attacks. SecureSphere WAF dynamically learns your applications’ “normal” behavior and correlates this with the threat intelligence crowd-sourced from around the world and updated in real time to deliver superior protection. The industry leading SecureSphere WAF identifies and acts upon dangers maliciously woven into innocent-looking website traffic; traffic that slips right through traditional defenses. This includes blocking technical attacks such as SQL injection, cross-site scripting and remote file inclusion that exploit vulnerabilities in web applications; business logic attacks such as site scraping and comment spam; botnets and DDoS attacks; and preventing account takeover attempts in real-time, before fraudulent transactions can be performed.

DYNAMIC APPLICATION PROFILING

SecureSphere WAF uses patented Dynamic Application Profiling to learn all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs to detect attacks with exceptional accuracy and block only bad parties, while eliminating impact to legitimate customers. SecureSphere WAF mitigates both technical attacks such as DDoS and SQL injection, as well as non-technical attacks such as comment spamming and site scraping.

GRANULAR CORRELATION POLICIES REDUCE FALSE POSITIVES

SecureSphere WAF distinguishes attacks from unusual, but legitimate, behavior by correlating web requests across security layers and over time. SecureSphere Correlated Attack Validation capability examines multiple attributes such as HTTP protocol conformance, profile violations, signatures, special characters, and user reputation, to accurately alert on or block attacks with the lowest rate of false positives in the industry.

FLEXIBLE DEPLOYMENT OPTIONS

'SecureSphere WAF can be deployed as a physical or virtual appliance on-premises, and as a virtual image on Amazon Web Services or Microsoft Azure. Physical appliance deployments are particularly flexible in that they allow SecureSphere WAF to run transparently, requiring virtually no changes to the customer’s network. And granular policy controls enable superior accuracy and unequaled control to match each organization’s specific protection requirements.

DEEP THREAT INTELLIGENCE

To protect against today’s well resourced cyber-criminals, it is vital to have an advanced warning system that is aware of and protects against constantly evolving web-based attacks. Imperva ThreatRadar updates SecureSphere WAF with real-time threat intelligence crowd-sourced from around the world and curated by Imperva Application Defense Center. ThreatRadar provides better protection, improves WAF accuracy, and makes the security team more efficient by proactively filtering traffic from known bad sources so the security team can focus on what is really important. The following ThreatRadar intelligence feeds are available: Reputation Services: Filters traffic based upon latest, real-time reputation of source Community Defense: Adds unique threat intelligence crowd-sourced from Imperva users Bot Protection: Detects botnet clients and application DDoS attacks Account Takeover Protection: Protects website user accounts from attack and takeover Fraud Prevention: Simplifies deployment of best-in-class partner fraud prevention solutions VIRTUAL PATCHING SecureSphere WAF can perform “virtual patching” for your web applications via vulnerability scanner integration. Instead of leaving a web application exposed to attack for weeks or months while code is modified after discovering a vulnerability, virtual patching actively protects web applications from attacks to reduce the window of exposure, and decreases the costs of emergency fix cycles until you are able to patch them.

CUSTOMIZABLE REPORTS FOR COMPLIANCE AND FORENSICS

SecureSphere WAF rich graphical reporting capabilities enable customers to easily understand security status and meet regulatory compliance. SecureSphere WAF provides both pre-defined and fully-customizable reports. This enables you to quickly assess your security status and streamline demonstration of compliance with PCI, SOX, HIPAA and FISMA and other compliance standards.

MONITORING FOR IN-DEPTH ANALYSIS OF ATTACKS

Alerts can be easily searched, sorted, and directly linked to corresponding security rules. SecureSphere WAF monitoring and reporting framework provides instant visibility into security, compliance, and content delivery concerns. A real-time dashboard provides a high-level view of system status and security events.

Характеристики

Characteristics

SSL Transactions/Second

2230

Platform Throughput

500 Mbps

Ports

4-1GE (Copper)

Height

1U

SQL Injection Attacks
Cross-Site Scripting Attacks
Cookie Tampering
Form Validation and Protection N/A
HTTP and XML Reply and Request format validation
JSON payload inspection

Features of users

Роли заинтересованных сотрудников Stakeholders Roles
  • Chief Information Officer
  • Chief IT Security Officer
  • IT Security and Risk Management
Признаки применимости Company requirements
  • Internet access is available for employees
  • GDPR Compliance
Продающие истории Use Cases

Five Ways Imperva Beats WAF Competition

Продающия история

Web application firewalls have become an essential component of the modern organization’s security infrastructure, providing scalable high-fidelity protection of business-critical web applications from a broad spectrum of cyber threats. As with any must-have enterprise security solution, there is considerable variation in available offerings. To help IT security and application defense teams navigate the evaluation process, this paper examines five ways that Imperva SecureSphere Web Application Firewall surpasses the competition. Read here.

Work flow chart

Схема