Application Security
Organizations are embracing modern cloud-native architectures with increasing complexity that is driving the need for automated protection. Imperva Application Security helps them stay one step ahead of the cybercriminals.
Emerging attacks as applications evolve
Applications help to drive digital transformation but traditional security approaches can’t keep pace with dynamic, multicloud, and hybrid environments and leave you exposed to zero-day threats.
-
Ever-changing attack surface
Application form factor is transforming from on-premises monoliths to multi-cloud microservices and APIs
-
Unrelenting criminal ecosystem
While web and mobile applications attacks continue, innovative cyberthreats in the supply chain will demand increasingly sophisticated tools
-
Protecting without harming performance
The challenging balance is to deliver content faster and maximize uptime without allowing attackers to gain access to key business assets
-
Unmanageable flood of alerts
Security teams have too many tools with too many alerts and a challenge keeping experts on staff
-
Pervasive adoption of APIs
Not only are APIs growing in volume, they are also evolving just as fast–resulting in an ever-changing attack surface
Protect from web to internal applications
Imperva protects modern and hybrid applications against advanced and multi-vector attacks regardless of where they are running.
-
Replace 6+ point security products
One unified platform to protect against DDoS, bot, API, client-side, and supply chain attacks
-
Block with near-zero false positives
Over 90% of customers run in blocking mode to automatically protect without sacrifice
-
Respond faster across the enterprise
Adaptive control with hybrid deployments and managed services with threat research resources that extend your team
-
Deploy anywhere
Complete protection for applications regardless of whether they are on-premises, hybrid, or cloud-native
Application Security Products
Imperva Cloud WAF offers the industry’s leading web application security firewall, providing enterprise-class protection against the most sophisticated security threats.
As a cloud-based WAF, it ensures that your website is always protected against any type of application layer hacking attempt. Imperva Cloud WAF is a key component of Imperva’s market-leading, full stack application security solution which brings defense-in-depth to a new level.
Cloud WAF is part of an integrated, defense in depth suite of application security and delivery services including CDN, DDoS Protection, Advanced Bot Protection, and Load Balancing at every single one of our global points of presence. All components share intelligence so that security and delivery logic can be applied right from the edge, as soon as the request hits our network.
The solution integrates with leading SIEMs, and Imperva Attack Analytics uses artificial intelligence (AI) to distill thousands of Cloud WAF events into distinct narratives, significantly improving security operations center (SOC) efficiency and reducing risk.
Imperva Advanced Bot Protection prevents sophisticated automated attacks against your most valuable business applications without sacrificing business-critical traffic.
30 percent of e-commerce website visitors are competitors, hackers, and fraudsters. If your business has a web presence, its web applications are hit by sophisticated bots every day. Most recent data indicates that up to 30 percent of web traffic is generated by bots. Not all bots are bad, but malicious bots enable high-speed abuse, misuse, and attacks on websites and APIs that enable attackers, competitors and fraudsters to perform a wide array of malicious activities.
Imperva Bot Management protects websites, mobile applications, and APIs from automated threats without affecting the flow of business-critical traffic. It’s a key component in Imperva’s market-leading, full-stack application security solution that brings defense-in-depth to a new level.
Overview
Imperva Client-Side Protection identifies risky JavaScript code and detects attempts to exploit it to prevent supply chain fraud from client-side attacks like formjacking, digital skimming, and Magecart.
The widespread use of JavaScript services on web applications has created a blind spot for security teams—until now. Imperva’s Client-Side Protection gives security teams visibility and control over any third party JavaScript code embedded in your web applications.
Imperva’s Client-Side Protection continuously monitors which JavaScript services are present and only allows those pre-approved to execute. Better still, any new service or changes are blocked until authorized, and if any JavaScript code is poisoned, and attempts to send data elsewhere, your security team is the first to know.
Reduce risk
If any third-party JavaScript code is poisoned, and attempts to send data elsewhere, your security team is the first to know.
Gain visibility and control
Imperva’s Client-Side Protection gives your security team visibility and control over any third-party JavaScript code embedded in your website.
Overview
Imperva API Security provides deep discovery of all APIs and sensitive data to enable security teams to establish a positive security model. Finally, a security solution that can keep pace with DevOps.
Imperva API Security employs security, visibility and confidence across all of your API endpoints. Benefit from out of the box Attack Analytics, CDN, and our analyst recognized leading Cloud WAF.
Imperva API Security is a key component of Imperva’s market-leading, full stack application security solution which brings defense-in-depth to a new level with continuous visibility of APIs and protection through a positive security model.
Deep endpoint discovery
APIs are increasing exponentially with digital transformation projects creating the newest attack surface that security teams struggle to stay on top of. Eliminate data leakage and API abuse with comprehensive API discovery of all endpoints and classification of sensitivity data.
Automated threat classification
APIs are churned out faster than Security and DevSecOps teams can possibly keep up with using manual processes. Through machine learning and automation, Imperva API Security continuously detects and classifies changes to determine ‘threat and risk’, to enable Security to keep up with DevOps.
Overview
Imperva DDoS Protection secures the entire application layer against potential disruptions, so you can focus on continuous availability to your customers.
DDoS Protection for Websites is an always-on mitigation service that manages any size, type or duration of attack with near-zero latency. It relies on two key capabilities: smart global transit capacity deployment and accurate scrubbing technology. No other solution comes close to the Imperva SLA of three second mitigation against any attack. The solution is activated by a simple DNS change.
Minimize downtime
When it comes to DDoS mitigation, the rule of thumb is: ‘moments to go down, hours to recover’. This is why, when defending against an attack, every second counts. Imperva ensures business continuity, with guaranteed uptime, and no performance impact.
Avoid bandwidth costs
Imperva gives you the peace of mind that attack traffic will be automatically blocked at the edge – without you having to scale up in bandwidth to pay for it. Unlimited protection against attacks of any size or duration.
Overview
Imperva Runtime Protection applies a positive security model to application runtime environments to protect your applications against software supply chain and zero-day attacks from the inside out.
Application risk reduction
RASP protects your application from vulnerabilities so that your teams can focus on business logic, without leaving your application exposed to potential exploitation
Security as business transforms
With fading controls and ephemeral workloads, cloud native applications need more than just perimeter security. RASP provides security from within and goes wherever your application goes
What does RASP protect against?
Attacks
- Clickjacking
- HTTP Response Splitting
- HTTP Method Tampering
- Large Requests
- Malformed Content Types
- Path Traversal
- Unvalidated Redirects
- Software Supply Chain Attacks
Injections
- Command Injection
- Cross-Site Scripting
- Cross-Site Request Forgery
- CSS & HTML Injection
- Database Access Violation
- JSON & XML Injection
- OGNL Injection
- SQL Injection
Weaknesses
- Insecure Cookies & Transport
- Logging Sensitive Information
- Unauthorized Network Activity
- Uncaught Exceptions
- Vulnerable Dependencies
- Weak Authentication
- Weak Browser Caching
- Weak Cryptography
- Web Application Firewall
-
Imperva Cloud WAF offers the industry’s leading web application security firewall, providing enterprise-class protection against the most sophisticated security threats.
As a cloud-based WAF, it ensures that your website is always protected against any type of application layer hacking attempt. Imperva Cloud WAF is a key component of Imperva’s market-leading, full stack application security solution which brings defense-in-depth to a new level.
Cloud WAF is part of an integrated, defense in depth suite of application security and delivery services including CDN, DDoS Protection, Advanced Bot Protection, and Load Balancing at every single one of our global points of presence. All components share intelligence so that security and delivery logic can be applied right from the edge, as soon as the request hits our network.
The solution integrates with leading SIEMs, and Imperva Attack Analytics uses artificial intelligence (AI) to distill thousands of Cloud WAF events into distinct narratives, significantly improving security operations center (SOC) efficiency and reducing risk.
- Advanced Bot Protection
-
Imperva Advanced Bot Protection prevents sophisticated automated attacks against your most valuable business applications without sacrificing business-critical traffic.
30 percent of e-commerce website visitors are competitors, hackers, and fraudsters. If your business has a web presence, its web applications are hit by sophisticated bots every day. Most recent data indicates that up to 30 percent of web traffic is generated by bots. Not all bots are bad, but malicious bots enable high-speed abuse, misuse, and attacks on websites and APIs that enable attackers, competitors and fraudsters to perform a wide array of malicious activities.
Imperva Bot Management protects websites, mobile applications, and APIs from automated threats without affecting the flow of business-critical traffic. It’s a key component in Imperva’s market-leading, full-stack application security solution that brings defense-in-depth to a new level.
- Client-Side Protection
-
Overview
Imperva Client-Side Protection identifies risky JavaScript code and detects attempts to exploit it to prevent supply chain fraud from client-side attacks like formjacking, digital skimming, and Magecart.
The widespread use of JavaScript services on web applications has created a blind spot for security teams—until now. Imperva’s Client-Side Protection gives security teams visibility and control over any third party JavaScript code embedded in your web applications.
Imperva’s Client-Side Protection continuously monitors which JavaScript services are present and only allows those pre-approved to execute. Better still, any new service or changes are blocked until authorized, and if any JavaScript code is poisoned, and attempts to send data elsewhere, your security team is the first to know.
Reduce risk
If any third-party JavaScript code is poisoned, and attempts to send data elsewhere, your security team is the first to know.
Gain visibility and control
Imperva’s Client-Side Protection gives your security team visibility and control over any third-party JavaScript code embedded in your website.
- API Security
-
Overview
Imperva API Security provides deep discovery of all APIs and sensitive data to enable security teams to establish a positive security model. Finally, a security solution that can keep pace with DevOps.
Imperva API Security employs security, visibility and confidence across all of your API endpoints. Benefit from out of the box Attack Analytics, CDN, and our analyst recognized leading Cloud WAF.
Imperva API Security is a key component of Imperva’s market-leading, full stack application security solution which brings defense-in-depth to a new level with continuous visibility of APIs and protection through a positive security model.
Deep endpoint discovery
APIs are increasing exponentially with digital transformation projects creating the newest attack surface that security teams struggle to stay on top of. Eliminate data leakage and API abuse with comprehensive API discovery of all endpoints and classification of sensitivity data.
Automated threat classification
APIs are churned out faster than Security and DevSecOps teams can possibly keep up with using manual processes. Through machine learning and automation, Imperva API Security continuously detects and classifies changes to determine ‘threat and risk’, to enable Security to keep up with DevOps.
- DDoS Protection
-
Overview
Imperva DDoS Protection secures the entire application layer against potential disruptions, so you can focus on continuous availability to your customers.
DDoS Protection for Websites is an always-on mitigation service that manages any size, type or duration of attack with near-zero latency. It relies on two key capabilities: smart global transit capacity deployment and accurate scrubbing technology. No other solution comes close to the Imperva SLA of three second mitigation against any attack. The solution is activated by a simple DNS change.
Minimize downtime
When it comes to DDoS mitigation, the rule of thumb is: ‘moments to go down, hours to recover’. This is why, when defending against an attack, every second counts. Imperva ensures business continuity, with guaranteed uptime, and no performance impact.
Avoid bandwidth costs
Imperva gives you the peace of mind that attack traffic will be automatically blocked at the edge – without you having to scale up in bandwidth to pay for it. Unlimited protection against attacks of any size or duration.
- Runtime Protection
-
Overview
Imperva Runtime Protection applies a positive security model to application runtime environments to protect your applications against software supply chain and zero-day attacks from the inside out.
Application risk reduction
RASP protects your application from vulnerabilities so that your teams can focus on business logic, without leaving your application exposed to potential exploitation
Security as business transforms
With fading controls and ephemeral workloads, cloud native applications need more than just perimeter security. RASP provides security from within and goes wherever your application goes
What does RASP protect against?
Attacks
- Clickjacking
- HTTP Response Splitting
- HTTP Method Tampering
- Large Requests
- Malformed Content Types
- Path Traversal
- Unvalidated Redirects
- Software Supply Chain Attacks
Injections
- Command Injection
- Cross-Site Scripting
- Cross-Site Request Forgery
- CSS & HTML Injection
- Database Access Violation
- JSON & XML Injection
- OGNL Injection
- SQL Injection
Weaknesses
- Insecure Cookies & Transport
- Logging Sensitive Information
- Unauthorized Network Activity
- Uncaught Exceptions
- Vulnerable Dependencies
- Weak Authentication
- Weak Browser Caching
- Weak Cryptography
Protect cloud-native applications at the speed of DevOps
Reduced overhead
Imperva Application Security protects hybrid and modern architectures to reduce risk and lower management costs.
Best-in-class protection
Imperva is a recognized leader in protecting against all attack types, including the OWASP top 10 for automated bots and API abuse.
Automated response
Ensure faster response to incidents without the need for services, support calls, or manual intervention.