1025 matches found
Imperva Threat Research Shows Cyber Attacks on the Rise in Australia
Every year, cyber attacks increase. Attackers get smarter, tools get better, and incentives to target sites grow. Over the last year, Imperva Threat Research detected a large increase in attacks targeting Australian sites, more than the global rise over the same timeframe. Australian attacks rose...
Six Ways to Have Your eCommerce Site Ready for High-Traffic eShopping Days
The spikes are coming September is nearly over, and Black Friday, Cyber Monday, Thanksgiving, Hanukkah, Halloween, Super Saturday, and the festive season will soon be upon us. With the holidays comes increased sales opportunities, driven by increased traffic. When you’re ready for the spikes, you...
Can Business Cybersecurity Protection Outlay Offset Cybercrime Insurance?
What is cybercrime insurance? Business cybersecurity protection cybercrime insurance safeguards organizations from any financial losses relating to damage to or loss of information from, networks and IT systems. This may include reputation loss, the cost of business interruption, infringement of...
Five Steps to Prepare Data for a Zero-Trust Security Model
The outmoding of traditional network security Traditional network security was based on the concept of a guarded network perimeter, which is difficult to access from the outside but implicitly trusts everyone on the inside. The problem with this approach is that once an attacker has access to the...
The Business Case for Modernizing On-Premises and Cloud-Based Database Security
Nobody ever says, “We don’t need better security for the data we manage.” There is, however, a balancing act that security professionals perform every day to get the most security value from their solutions at the lowest possible cost. As they move more workloads into cloud-native environments an...
Imperva Ships API Security Providing Continuous API Discovery and Data Classification with Two Deployment Models
Every day, organizations are challenged to bring products to market faster and out innovate their competition. At the heart of many digital transformation initiatives are development teams looking for ways to achieve initiatives and deliver on new product goals. Many of these teams openly embrace...
Imperva is on Top of the World as it Announces New PoP in Bogotá
Imperva is on top of the world to announce the opening of our newest and highest data center yet in Bogotá, Colombia. This latest move represents our commitment as an organization to improve performance, security and connectivity for our customers in the Colombian market. In the very center of th...
New research reveals that one third of all log-in attempts on eCommerce sites are malicious
What do humans and bots have in common? A love for visiting online shopping sites: more than half 57% of all attacks on retail websites in 2021 were carried out by bots, compared to 33% for all other industries. It gets worse: a third of all log-in attempts on retail eCommerce websites are accoun...
By the Numbers: The State of Security in eCommerce
The ongoing global pandemic has accelerated eCommerce growth and pushed more consumers online. More consumers mean a larger threat landscape and ensure that cybersecurity issues remain a significant, ongoing challenge for the retail industry. Based on a 12-month analysis by Imperva Research Labs,...
Caveat Cyber Emptor: 3 Ways to Protect Sensitive Personal Data this Online Shopping Season
The phrase caveat emptor, Latin for “let the buyer beware”, has long been a warning to carefully scrutinize the quality and suitability of goods before making a purchase. In the world of eCommerce, caveat emptor has a whole new meaning. After meticulously researching any number of crowdsourcing...
5 elements to include in a cybersecurity strategy for any size business
Whether you obsess about cybersecurity every day or you are completely new to the process, there are certain things that you should consider to make your company’s cybersecurity strategy successful. In this post, we’ll reveal five elements you should include in your strategy, regardless of whethe...
Fostering the Next Generation of Female Technologists at Imperva
Today marks the start of the 2021 Grace Hopper Celebration, the largest gathering of female technology leaders in the world. Last year, over 40,000 women from 117 different countries attended virtually, bringing together their research and career interests to help inform and inspire others. As...
Connect, Share, and Learn at Imperva Amplify 2021
On the heels of high-profile breaches, attacks e.g., Sunburst, Raindrop and COVID-19, rapid digital transformation places even more pressure on security. We’re seizing the opportunity to launch our first virtual user conference -- Imperva Amplify -- to share our knowledge so together, we can bett...
Web Application Attacks on Healthcare Spike 51% As COVID-19 Vaccines are Introduced
As the first vials of COVID-19 vaccines were disseminated in December, Imperva Research Labs monitored an astounding 51% increase in web application attacks on healthcare targets. The activity concludes an unprecedented year of cybersecurity activity. Imperva data shows the healthcare industry...
Is Your AWS Data Secure and Compliant? Cloud Database Visibility in Minutes
Internal and external attackers are after your data. Regardless of where the data resides, cloud, or on-premises, you need to protect it. In some cases that data needs to be put under compliance controls. Data protection principles hold for data hosted in the cloud database as a service DBaaS. Fo...
Build-Your-Own Data Masking. Yes or No?
A lot of organizations are taking great strides to protect their sensitive data with a multi-layered strategy—one that includes data masking. We’ve even seen many tackling this critical data security component in DIY fashion, often tasking one resource with developing and implementing scripts to...
Can a License Solve Your Cloud Migration Problem?
No, but it can certainly reduce friction. Cloud adoption is no longer an if, but a when. Even Gartner says there’s no such thing as a ‘no cloud policy.’ The winds of technology change are blowing, but no enterprise is talking about 100% cloud adoption in the near term. Hybrid IT environments are...
Imperva Customers Protected Against CVE-2026-45247 in Mirasvit Full Page Cache Warmer for Magento
TL;DR: CVE-2026-45247 is a critical unauthenticated remote code execution RCE vulnerability affecting Mirasvit Full Page Cache Warmer for Magento 2. The flaw stems from unsafe PHP deserialization of attacker-controlled data supplied through the CacheWarmer cookie. Successful exploitation can allo...
Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks
The Clop ransomware group has once again demonstrated its ability to exploit vulnerabilities to compromise sensitive systems. As Cleo—a managed file transfer provider for businesses—grapples with the aftermath of Clop’s targeted attack on their systems, the spotlight turns to CVE-2024-50623 and...
Imperva’s Wildest 2025 AppSec Predictions
Humans are spectacularly bad at predicting the future. Which is why, when someone appears to be able to do it on a regular basis, they are hailed as visionaries, luminaries and celebrated with cool names like Nostradamus and The Amazing Kreskin. Nostradamus made his fame on predictions about the...
Trouble in Da Hood: Malicious Actors Use Infected PyPI Packages to Target Roblox Cheaters
The world of gaming can be a cut-throat place, with many players turning to online help via third-party programs ‘game hacks’ to get ahead. Although some of these programs offer legitimate game boosts, malicious actors frequently leverage these game hackers’ interest in modifications to deliver...
Imperva Customers Protected Against Critical ServiceNow Vulnerability
Introduction ServiceNow is a widely used platform for IT service management, and its security is paramount for businesses relying on it for their operations. Recently, a critical vulnerability was discovered that could potentially allow attackers to access all data within ServiceNow instances. Th...
Why it Pays to Have a Comprehensive API Security Strategy
In an era dominated by digital connectivity and rapid technological advancements, Application Programming Interfaces APIs play a pivotal role in facilitating seamless communication and data exchange between diverse software applications. As API usage continues to grow, so does the need for robust...
The New York Times vs. OpenAI: A Turning Point for Web Scraping?
In a recent blog, we covered the blurry lines of legality surrounding web scraping and how the advent of artificial intelligence AI and large language models LLMs further complicates the matter. Shortly after publishing the blog, a significant legal development began unfolding: The New York Times...
Overcoming Challenges in Delivering Machine Learning Models from Research to Production
So, you’ve finished your research. You developed a machine learning ML model, tested, and validated it and you’re now ready to start development, and then push the model to production. The hard work -- the research -- is finally behind you. Or is it? Understanding the Challenges in Machine Learni...
What We Learned from the 2023 Imperva Bad Bot Report
The 2023 Imperva Bad Bot Report is now available. The 10th edition of the annual report takes a deep dive into the latest bad bot statistics and trends from the past year, providing meaningful information and guidance about the nature and impact of bots. Understanding the risks of unmanaged bot...
The Worrying Rise of Cybercrime as a Service (CaaS)
What is CaaS? Put simply, Cybercrime as a Service CaaS means black hat hackers for hire. Now, any ex-employee with a grudge, any disgruntled customer, any troubled ex-partner, or vindictive competitor, literally anyone with the right browser, can hire a dark web bad actor to perform...
How to Teach Colleagues About the Dangers of Phishing
Every day worldwide, tens of thousands of employees fall prey to phishing scams. In the second quarter of 2022, the Anti-Phishing Working Group APWG saw 1,097,811 total phishing attacks, the worst quarter on record. The results can be devastating: from lost data and identity theft to compromised...
At Kong Summit 2022, Imperva Will Demonstrate how to Use Terraform to Onboard Kong-managed Apps and Discover API Endpoints
Imperva and Kong are working together to simplify APIs Imperva is attending Kong’s 2022 Summit on September 28 and 29 in San Francisco. Imperva’s Summit booth will feature both a recorded and live demo built to showcase how Kong and Imperva seamlessly integrate using Terraform. Imperva, a...
How to Support Agile Development Through Cybersecurity Best Practices
Understanding other peoples problems It’s often said that people only notice cybersecurity when it fails, or when it gets in the way of them doing their jobs. Organizations, and especially software development teams, want to be able to develop quickly and easily to stay ahead of their competition...
Imperva Data Security Fabric Wins 2022 SC Media Trust Award for Data Security
SC Media has announced the winners of their 2022 SC Awards, with 38 companies, executives, and security solutions selected by their panel of judges as the best of the year. We are thrilled to report that Imperva Data Security Fabric has earned the 2022 SC Media Trust Award for Data Security. For...
The Five Principles of a Zero Trust Cybersecurity Model
When even the US Government concludes that to ensure baseline security practices are in place and to realize the security benefits of cloud-based infrastructure while mitigating associated risks, they must migrate to a zero trust model, every organization should be actively moving in that...
How to do Feature Selection Using Feature Contribution Data
Feature contribution is a method to give a weight to each feature that reflects its impact on the model’s prediction. Feature contribution can be calculated on an entire dataset or a single data point. In our previous blog post, we showed how to visualize feature contributions to make it easy to...
How to Find Extra Cybersecurity Budget
Risk is up and budgets are down Organizational cybersecurity is a business issue, one could even say a finance issue, not just an IT issue. Gone are the days when cybersecurity was a luxury investment. Worldwide attacks are growing daily in frequency and complexity, regardless of the business siz...
ATO Attacks Targeting Financial Services Increased 58 Percent in May. Who Else Needs to Worry?
Account takeover ATO is a form of identity theft that cyber criminals use to get unauthorized access to the accounts of legitimate users through some kind of brute force method such as Credential Stuffing. In 2022, account takeover attacks are on the rise. In June for example, Imperva’s Threat...
How the Evolution of Agents has Been Essential for Modern Database Security
In today’s data driven world, every organization’s most important asset is their data. Accordingly and similarly to other protected components like applications, web and peripheral gateways, databases require a dedicated security solution as well. An essential database security solution must...
8 Ways to Avoid CISO Burnout
Times have changed In recent years the job of Chief Information Security Officer CISO has become more and more frenetic and involved. Already stretched CISOs have the added responsibilities of employee management in a time of a global pandemic, staff retention when priorities have changed and...
6 Best Data Security Practices You Can Start Today
Given the dramatic increases in the volume and frequency of data theft due to breaches and the increased threat of cyberattacks resulting from current conflicts, organizations worldwide are prioritizing tactical and strategic efforts to shore up their data security. Here are six best practices yo...
Ethical Hacking and Penetration Testing. Where to Begin.
Looking at the employment landscape, it’s clear that prospects for landing cybersecurity positions are excellent and on the rise, but what about the commercial viability of that “grey side-gig”, ethical hacking and penetration testing? While the notion of “being bad to help the good people” is...
Agents and Agentless: Better Together
In your effort to collect data access information from your data repositories in order to apply security controls, you don’t have to make the black and white choice to go with agents or an agentless approach. It is important, however, that the tool you choose is right for the job you are doing. I...
Forrester report suggests Imperva Data Protection delivers high value and rapid ROI
In mid-2021, Imperva commissioned Forrester Research to interview five current Imperva enterprise customers - two in the financial services industry and three in the insurance industry. The goal of the exercise was to gain insight into the economic impact of deploying the Imperva data security...
Why Now Is the Time to Jump into Cybersecurity and Join Imperva
Throughout history, periods of disruption are followed by eras of progress and transformation. While we are living through an unprecedented time, I believe we are on the cusp of another chapter of innovation — and I expect cybersecurity will be at the center of it. Cybersecurity Awareness Month, ...
Reputation Intelligence At Your Fingertips
How important is a reputation? American entertainer Will Rogers once famously said, “it takes a lifetime to build a good reputation, but you can lose it in a minute.” Our reputations are valuable commodities that establish rapport and clout among our colleagues, partners, and customers. A good...
2018 Cyberthreat Defense Report: Where IT Security Is Going
What keeps you awake at night? We asked IT security professionals the same question and found that these issues are top of mind: malware and spear phishing, securing mobile devices, employee security awareness and new technologies that detect threats capable of bypassing traditional signature-bas...
How to Secure AWS Deployments with SecureSphere WAF
The Imperva SecureSphere Web Application Firewall WAF analyzes all user access to business-critical web applications and protects your applications and data from cyberattacks. SecureSphere WAF dynamically learns an applications’ “normal” behavior and correlates it with crowd-sourced threat...
5 Questions to Ask Your CISO about the GDPR
The European General Data Protection Regulation GDPR comes into force on May 25, 2018, and it will have a huge impact on the way businesses store and collect personal information belonging to those located in the European Union EU. The regulation applies to all businesses that hold and process da...
Today’s File Security is So ’80s, Part 1: Why the Traditional Approach to File Security is Broken
In today’s knowledge-driven economy, modern enterprises have a fluid organizational structure in which most employees have access to most data to do their jobs. Working groups are formed organically and are cross-functional by nature. The amount of unstructured data organizations create is growin...
Get a Single View of WAF Events with the Imperva AppSecurity View App for Splunk Enterprise
Enterprises are adopting a hybrid infrastructure model to take advantage of rapid deployment of cloud-based services and higher computing power. A compilation of analyst predictions by SecureWorks, shows that the cloud continues to gain momentum as organizations embrace and benefit from new ways ...
Shortening Your DCAP Short List: Five Critical Things to Consider for a Data-Centric Audit and Protection Solution
Exponential data growth. You’ve heard it many times before, but it’s still the most accurate way to describe the enormous and growing amount of data that businesses generate and collect today. It’s this growth that is driving today’s enterprises to revisit their strategies for data security and...
Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic
What Is CVE-2026-21962? CVE-2026-21962 is a critical CVSS 10.0 vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy Plug-in for Apache HTTP Server and Microsoft IIS. An unauthenticated attacker with HTTP access can exploit this flaw by sending crafted requests to the affected pro...