Lucene search
K
ImpervablogMost viewed

1025 matches found

Imperva Blog
Imperva Blog
added 2017/08/29 10:0 a.m.18 views

Data Protection and the GDPR Job Market

The May 2018 deadline for full GDPR compliance will be upon us all before we know it. The GDPR will affect all organizations—regardless of their location—that handle personal data coming out of the EU. Article 37 of the GDPR requires organizations to retain a data protection officer DPO if, among...

6.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/06/20 3:30 p.m.18 views

Today’s File Security is So ’80s, Part 3: Dynamic Peer Groups – 3 Examples from Customer Data

In the first two parts of this series, we discussed why permissions management, the traditional approach to file security, no longer works and introduced a new approach to file security that leverages machine learning to build dynamic peer groups based on how users actually access files. In this...

6.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/03/14 4:7 p.m.18 views

GDPR Series, Part 4: The Penalties for Non-Compliance

In the first three parts of this series, we covered the GDPR basics: who is subject to the GDPR requirements, what rules require data protection technology, and how you can start preparing your organization for the regulation. In this final installment, we will cover what happens when you are not...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/08/15 10:7 p.m.17 views

What’s Different About Data Security in the Cloud? Almost Everything.

In 2019, most organizations already had digital transformation plans in place. These plans included migrating workloads to modern cloud architectures. However, the Covid-19 pandemic compelled organizations to expedite their modernization efforts due to practical reasons. For instance, setting up ...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/04/19 5:53 p.m.17 views

Taking Time to Understand NIS2 Reporting Requirements

The newest version of the European Union Network and Information Systems directive, or NIS2, came into force in January 2023. Member States have until October 2024 to transpose it into their national law. One of the most critical changes with NIS2 is the schedule for reporting a cybersecurity...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/03/13 3:6 p.m.17 views

Understanding the OWASP API Security Top 10: Why BOLA is the Number One Risk for APIs

Understanding and addressing vulnerabilities is critical in cybersecurity, where APIs serve as the backbone for seamless data exchange. The OWASP API Security Top 10, revised in 2023, provides a comprehensive guide to the critical issues that organizations must tackle to ensure the robust securit...

8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/03/11 1:28 p.m.17 views

Breaking it Down: A Data-Centric Security Perspective on NIST Cybersecurity Framework 2.0

On February 26, 2024, NIST released version 2.0 of the Cybersecurity Framework. This blog reviews the fundamental changes introduced in CSF 2.0 and data-centric security considerations that should be made when aligning with the new framework. As cybercriminals become more sophisticated, efficient...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/02/26 8:40 a.m.17 views

Healthcare Needs Risk-Based Cybersecurity for Comprehensive, Effective Protection

In the first blog post of this three-blog series, we discussed the extraordinarily powerful “perfect storm” of cyber risk faced by healthcare organizations. The second blog post reviews how data security risks persist despite HIPAA compliance. In this third blog, we will discuss how to get starte...

7.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/01/18 1:47 p.m.17 views

Are You Ready for PCI DSS 4.0?

The Payment Card Industry Data Security Standard PCI DSS is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure payment card systems. In...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/12/07 1:45 p.m.17 views

Is Web Scraping Illegal? Depends on Who You Ask

Web scraping has existed for a long time, and depending on who you ask, it can be loved or hated. But where is the line drawn between extracting data for legitimate business purposes and malicious data extraction that hurts business? The bar is getting blurrier by the day, and the introduction of...

6.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/10/19 12:54 p.m.17 views

Database Ransomware: From Attack to Recovery

Introduction In recent years, ransomware attacks have risen sharply, due to their profitability, ease of access with ransomware-as-a-service RaaS tools, and an increasing attack surface. Ransomware is a type of attack in which the attacker locks and encrypts a victim’s data and then demands a...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/07/10 3:27 p.m.17 views

Imperva Offers New Features to Simplify PCI DSS Compliance

The Silent Threat of Client-Side Attacks As more transactions move online, a silent threat is lurking in the deepest, darkest shadows of websites, threatening to steal your sensitive data. This rapidly evolving threat, known as client-side attacks such as Magecart, formjacking, and online skimmin...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/06/20 11:53 p.m.17 views

Unraveling an AI Scam with AI

The last year has seen an unprecedented surge in the use of Artificial Intelligence AI and its deployment across a variety of industries and sectors. Unfortunately, this revolutionary technology has not just captivated the good actors– the darker corners of the internet are awash with bad actors...

10AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/12/20 3:51 a.m.17 views

Buyer Beware! Account Takeover Attacks Surging This Shopping Season

The prevalence of Account Takeover ATO attacks continues to rise, as the threat creeps its way to the top of the list of security concerns for organizations today. Last year, Imperva recorded a staggering 148% increase in Account Takeover attacks, as reported in the 2022 Bad Bot Report. And befor...

0.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/11/16 9:21 a.m.17 views

Misconfigurations of Cloud-Managed Infrastructures Continue to be a Major Challenge to Data Security

In case you missed the memo, cloud-hosted data is here to stay. Recent data shows spending on cloud services reached a total of $178 billion in 2021, a 37 percent increase over the $130 billion spent in 2020 and twice the amount enterprises are spending on their data centers. As more organization...

0.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/11/10 10:17 a.m.17 views

Harsher penalties for data breaches in new Australian privacy bill

High-profile breaches mean high-profile action In the aftermath of another crop of high-profile data breaches, the Australian Government also known as the Commonwealth Government has introduced amendments to Australian privacy law which give the regulator new powers and the ability to impose...

0.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/10/26 12:51 p.m.17 views

What is Quantum Computing, and Why Should Security Professionals Care?

Quantum computing basics Quantum computing embraces the laws of quantum mechanics to solve those problems that are currently too challenging for even the most high-performance modern computers. Across the board, it is a fundamental shift in computing with the potential to alter the way business i...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/10/11 2:5 p.m.17 views

Talking to our Team about Cybersecurity Careers, on Ada Lovelace Day

Today’s Ada Lovelace Day, and this is a time to highlight the achievements of women in technology, engineering, science, and mathematics, and to encourage girls and women to pursue careers in STEM. Imperva Enterprise Account Managers, Leanora Weaver and Rebecca Kelly, both members of the Imperva...

7.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/09/12 2:11 p.m.17 views

PCI DSS Tackles Client-Side Attacks: Everything You Need to Know About Complying With PCI 6.4.3

Client-side attacks often referred to as Magecart attacks have been around since as early as 2015 and dramatically gained in popularity when the global pandemic accelerated digital transformation, by driving more people and data online. Now the fight against these attacks is stepping up a notch...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/08/17 2:16 p.m.17 views

“Don’t touch that server. Ralf set that up, and we don’t know what it does.”

Based on a true story… More than a couple of decades ago, I went to work for a network and web company as their customer marketing department. It was a crazy time. Online marketing was all about getting on DMOZ, Lycos was still a puppy, asking Jeeves felt like talking to an AI, and how you laid o...

6.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/08/08 12:57 p.m.17 views

Five Data Security Controls and Processes you Must Bring to Cloud-native Infrastructures

Too frequently, there are significant misunderstandings in organizations with regard to who has the responsibility to protect cloud-hosted data. In Imperva’s recent report, A Data-Centric Cybersecurity Framework for Digital Transformation, IT analyst and author Richard Stiennon explains what...

0.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/08/04 12:52 p.m.17 views

Research Shows the Annual Cost of API Security-related Breaches is Mind-blowing

Application Programming Interfaces APIs have emerged as useful tools that streamline business operations and enhance the digital experience for customers. As their use has become more widespread, they are a much more prominent part of the cyber threat landscape. API-related hacks and data breache...

0.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/07/21 12:57 p.m.17 views

Bots Hide Behind User Privacy – Should You Be Concerned?

Bot operators are perpetually devising innovative techniques to sneak past security as they go about their dubious, often downright illegal business. Emulating human behavior and traffic patterns are key elements of their strategy. One of the many layers comprising this strategy is reporting thei...

0.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/07/05 1:33 p.m.17 views

The Role of the Cybersecurity Leader in 2022

Who does the modern CISO need to be? According to the 2021 Gartner, Inc. Market Guide for Managed Detection and Response Services, the role of the chief information security officer CISO has to change in 2022 to combat the ever-evolving modern threat landscape. Eighty-eight percent of company...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/06/23 1:58 p.m.17 views

Determining “Need to share vs. Need to know” is a Cornerstone of a Data Protection Strategy

There is a paradox that lies at the heart of data security. Data itself only has real value if an organization can share it with stakeholders that need it to perform their roles. However, the more widely an organization shares data the greater the risks of the data being compromised. Data securit...

0.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/05/01 9:33 p.m.17 views

Data Protection as the Foundation of Trust: Celebrating Privacy Awareness Week in APAC

As part of our mission to help organisations protect their data and all paths to it, Imperva is supporting Privacy Awareness Week in Australia and Singapore, with the aim of educating individuals and organisations about the importance of data privacy and protection. In today’s digital economy, da...

0.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/03/02 2:18 p.m.17 views

5 Ways to Determine if you do Cybersecurity or Cybersecurity Theater

For a sentient species, humans, in general, have curious ideas when it comes to reckoning and responding to risk. For example, studies show using seat belts when driving in automobiles save lives. Studies also show when cyclists use helmets more cyclists’ lives are saved. This research drives...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/12/08 1:56 p.m.17 views

7 data privacy solution features your organization needs to have

The worldwide data privacy regulation landscape is changing National laws and state/provincial laws continue to be enacted and strengthened to ensure their citizens’ data is protected and give individuals more control over how personal data is collected, used, and shared. No matter what industry...

1.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/11/29 9:36 a.m.17 views

The role of runtime protection in eCommerce security

What is e-commerce security? E-commerce security is the set of guidelines that are designed to allow safe transactions on the web. These guidelines include steps and protocols that help protect the sale and purchase of goods and services online. Appropriate e-commerce security measures boost...

8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/10/01 1:26 p.m.17 views

Getting to Know Cybersecurity Awareness Month Champion: Imperva

As a cybersecurity industry leader, it is both our responsibility and our pleasure to work with the National Cyber Security Alliance NCSA and ​​the Cybersecurity and Infrastructure Agency CISA of the U.S. Department of Homeland Security as a 2021 Cybersecurity Awareness Month Champion and to join...

2.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/09/07 1:10 p.m.17 views

How to Exploit SQL Server Using Registry Keys

At the Imperva Research Labs we have the chance to scrutinize various security situations. In this blog, we will take a closer look at database security on SQL Server. One routine approach that security practitioners employ to protect databases is deploying honeypots and waiting for bad actors to...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/16 3:30 p.m.17 views

Imperva delivers mile high performance and protection with new PoPs in Denver and Dublin

We are very pleased to announce that we are extending our global coverage with the addition of two new PoPs points of presence in Denver in the US and Dublin, Ireland. The new PoPs will enhance Imperva’s existing network to provide enhanced protection against distributed denial of service DDoS...

0.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2019/10/29 6:3 p.m.17 views

What is NYDFS?

NYDFS Cybersecurity Regulation, 23 NYCRR 500 On March 1, 2017, the New York State Department of Financial Services NYDFS introduced new cybersecurity regulations for financial services companies that address the growing threat posed by cyber-criminality to financial firms. They are intended to...

1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/02/14 5:0 p.m.17 views

Integrate Your Ticketing System into Database Security to Prevent DBA Privilege Abuse

Many of the recent high-profile data security breaches were made by trusted insiders. They are often database administrators DBAs who are highly privileged and trusted insiders with access to sensitive data. In this blog post, I will discuss the inherent risk introduced by highly privileged...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/12/20 4:30 p.m.17 views

Women in Tech and Career Spotlight: Inna Shalom

The latest in our series featuring women in tech at Imperva is my interview with Inna Shalom, the data insight team lead at Imperva. She spoke about her professional journey and experience working in the cybersecurity industry. Tell us how you got into cybersecurity. IS: I spent the first six yea...

6.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/04/26 3:30 p.m.17 views

3 Steps to Protecting Sensitive Data

Cyber criminals, compromised insiders, malicious users, hacktivists. It seems like everyone is getting in on the threat game. In fact, despite efforts to prevent them, last year the U.S. experienced a 40% increase in data breaches according to a report by the Identity Theft Resource Center and...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/04/06 3:30 p.m.17 views

Understanding the Capacity Management Challenges of Database Monitoring Solutions

Database monitoring requires hardware resources such as storage space and processing power that can withstand the volume of database usage in your organization. A higher usage volume will require more resources. So how can you optimize the resources used by your database monitoring solution? Do y...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/08/27 5:19 p.m.16 views

Critical Flaws in Base44 Exposed Sensitive Data and Allowed Account Takeovers

Our research uncovered multiple critical vulnerabilities in Base44, an AI-powered platform that lets you turn any idea into a fully functional custom app. These flaws ranged from an open redirect that leaked access tokens, to stored cross-site scripting XSS, insecure authentication design,...

9.3CVSS6.6AI score0.00709EPSS
Exploits3
Imperva Blog
Imperva Blog
added 2025/08/21 3:35 p.m.16 views

Smuggling Requests with Chunked Extensions: A New HTTP Desync Trick

A new HTTP request smuggling technique was recently discovered, where attackers take advantage of inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This attack technique leverages ambiguous request formatting to inject malicious secondary requests th...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2025/01/15 11:53 p.m.16 views

GSocket Gambling Scavenger – How Hackers Use PHP Backdoors and GSocket to Facilitate Illegal Gambling in Indonesia

Since 1974, gambling has been officially illegal in Indonesia. However, the digital revolution of the 2000s introduced a new challenge: the rapid growth of online gambling platforms. This technological shift has created enforcement gaps, compelling the Indonesian government to intensify its effor...

7.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/11/14 1:0 a.m.16 views

Meet Andy Zollo, SVP of APJ Sales

Andy Zollo, who led the Imperva business in EMEA, relocated to Singapore in October to be Senior Vice President of Sales for the combined Imperva and Thales CPL businesses in the APJ region. With a wealth of experience in sales leadership and business transformation, Andy is set to play a vital...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/08/20 4:17 p.m.16 views

Agentless is a DAM Better Option for Securing Cloud Data

When it comes to on-premises database activity monitoring DAM, security teams have consistently relied on agents to seamlessly track all incoming requests and outgoing responses within the databases. The agent-based approach effectively ensures independent monitoring of database activity,...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/11/08 12:48 p.m.16 views

Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season

As the holiday season approaches, a palpable sense of joy and anticipation fills the air. Twinkling lights adorn homes, the aroma of freshly baked cookies wafts through the kitchen, and the sound of laughter and carolers melodies resonate on frosty evenings. Its a time when families come together...

7.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/10/16 11:30 p.m.16 views

Breaking the Chain of Data Access: The Importance of Separating Human and Application Users

Data, the lifeblood of any organization, relies on the database as its beating heart. As a result, businesses invest heavily in designing and monitoring all access to it. In traditional literature, there are two types of users: administrative users, who manage the entire lifecycle of a database...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2023/06/20 6:2 a.m.16 views

Understanding and Mitigating the MOVEit Incidents

Over the last several weeks, attackers have taken advantage of vulnerabilities in MOVEit, a popular file transfer application developed by Progress. Cyber attackers have successfully performed ransomware and exfiltrated data by uploading web shells into vulnerable MOVEit instances deployed...

7.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/11/02 10:14 a.m.16 views

The importance of combined user and data behavior analysis in anomaly detection

Muqeet Khan, Head of Sales Engineering Australia and New Zealand For decades security teams have understood the importance of tracking user behavior to identify potential cybersecurity threats. Behavior analysis systems first appeared in the early 2000s, and in 2015 Gartner officially defined Use...

0.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/10/04 12:44 p.m.16 views

Attack Analytics Helps You Find the Monsters Under the Bed

Alert fatigue kills data breach detection efforts Is there anything more frightening than missing a cyber attack? For most organizations, the answer is no. However, for many security teams, it’s challenging to tune alerts properly to minimize false positives and still be alerted to potential...

Exploits0
Imperva Blog
Imperva Blog
added 2022/10/03 12:30 p.m.16 views

Why Imperva is a Cybersecurity Awareness Month Champion

This is our second consecutive year as a champion of Cybersecurity Awareness Month. Nowadays, IT security is everyone’s responsibility, and that’s something we take very seriously. Cybersecurity Awareness Month raises awareness of the core principles behind cybersecurity and highlights the key...

0.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/07/06 12:59 p.m.16 views

New Waiting Room Solution Ensures Best Peak User Experience

New Imperva Waiting Room Enables Organizations to Deliver Consistent Optimal Website User Experiences During Peak Traffic Periods Organizations benchmark website success by the volume of legitimate traffic and online sales it generates. Website architects want to drive as many visitors as possibl...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/06/15 1:3 p.m.16 views

Imperva Introduces New Features to Help Prevent Online Fraud

As we move more of our daily activities and the services we consume online, the threat of fraud grows, and the risks become greater. Data suggests the majority of organizations are already detecting a rise in online fraud. In a recent survey of senior risk executives, 67 percent said that their...

0.9AI score
Exploits0
Total number of security vulnerabilities1025