1025 matches found
Why Imperva is a Cybersecurity Awareness Month Champion
This is our second consecutive year as a champion of Cybersecurity Awareness Month. Nowadays, IT security is everyone’s responsibility, and that’s something we take very seriously. Cybersecurity Awareness Month raises awareness of the core principles behind cybersecurity and highlights the key...
New Waiting Room Solution Ensures Best Peak User Experience
New Imperva Waiting Room Enables Organizations to Deliver Consistent Optimal Website User Experiences During Peak Traffic Periods Organizations benchmark website success by the volume of legitimate traffic and online sales it generates. Website architects want to drive as many visitors as possibl...
Imperva Introduces New Features to Help Prevent Online Fraud
As we move more of our daily activities and the services we consume online, the threat of fraud grows, and the risks become greater. Data suggests the majority of organizations are already detecting a rise in online fraud. In a recent survey of senior risk executives, 67 percent said that their...
How to Stop New Employees from Becoming Insider Threats
In the midst of a booming tech economy and a concurrent Great Resignation, recruitment and hiring are all-seasons imperatives. As new people constantly join the organization, how can busy security teams guarantee they will adhere to established data security practices from their onboarding and...
Reading the API Security Tea Leaves for 2022
Just as the global pandemic persists in redefining the new norm, so has enterprises’ growing investments in digital transformation initiatives to keep one step ahead of their competitors. APIs are the engine that are helping drive these digital transformations from the innovation of new services...
Gain Insight into Database Security Vulnerabilities you Didn’t Know you Had
Identifying and taking action to stop policy-violating behavior is hard enough when you have complete insight into the risks affecting your data repositories. It is virtually impossible to achieve security, however, when you cannot even see these risks to your data repositories. Unfortunately, to...
Preparing for Heightened Attacks in the Current Geopolitical Environment
The current geopolitical environment has raised many concerns about security postures and readiness to respond to a cyberattack. Today, Imperva customers are protected by our world-class network, application, and data security products. Alongside that, Imperva Threat Research is closely monitorin...
The Data-Centric Approach to Data Privacy
All organizations understand how critical it is to have access to their customers and prospects’ sensitive personal data. This intelligence is essential to helping them create and maintain relationships so they can deliver tailored experiences and recommendations. Having this sensitive personal...
Build successful data security evaluation criteria with help from your peers
When you evaluate data security products it is imperative to have the end goal in sight. If you look forward 365 days from now, what is the best way to predict how your team will use the product so that you can communicate the value that it will provide? One approach is to examine operational...
New reforms will enhance the security and resilience of Australia’s critical infrastructure
Improving the security of critical infrastructure has become the focus of many governments around the world, including Australia. This is because a failure or disruption in one area of critical infrastructure can have flow on effects that affect a nation’s security, economy and sovereignty. In th...
Wake up and smell the Javascript – website supply chain puts online retail at risk
There are more than 1.8 billion websites online today, and almost 98% of them are powered by JavaScript. There’s a good reason for this: JavaScript’s flexibility and portability enable the rich online functionality we’ve all come to know and love. But what happens when that same functionality...
Your inbox is mine. How attackers could gain continuous access to your email
Although new messaging apps like WhatsApp, Telegram, and Messenger have taken a large chunk of our day to day communications, email remains one of the most popular ways we communicate. In this post we’ll talk about the post exploitation of a vulnerability we recently disclosed to one of the most...
When data privacy and protection are rights, don’t get it wrong
Twenty-one years ago, Latanya Sweeney showed that it’s possible to uniquely identify 87% of Americans with just three pieces of personal data: gender, ZIP code and full date of birth. Long before anyone had heard the words ‘data lake’, ‘cloud storage’ or ‘big data’, nevermind ‘social media’, it w...
The Advantages and Risks of Serverless Computing
Organizations are increasingly embracing serverless computing for its convenience and cost-effectiveness. But many IT teams are blindly embracing this innovation in cloud technology without consulting their security peers. As a result, we can expect to see a growing number of cyber-attacks in thi...
The Threat of DDoS Attacks Creates A Recipe for Election Chaos
Four years ago, we published a blog on the ways a Distributed Denial of Service DDoS attack could disrupt the U.S. Presidential election. Unfortunately, the same risk persists in 2020. In fact, given the historic influx of mail-in ballot voting for the November 3 election, a targeted DDoS attack...
Life post-acquisition: A people-centric plan to get you total data security a lot faster
Getting acquired can be an emotional rodeo. Some days are crazy excitement and others are heartache over the unknowns ahead. It’s natural – we’re human. I remember years ago sitting in a doctor’s office staring at a poster about the “10 most stressful life events” and “starting a new job” was 4...
The Forrester Wave Ranks Imperva as a Leader for DDoS Mitigation Providers
Imperva has tracked the DDoS threat for some time now. Back in 2014 we saw the rise of DDoS botnets. In 2015, we revealed one of the first IoT-based DDoS attacks. Last year, we predicted and then documented one of the largest botnet-based DDoS attacks. DDoS mitigation, as it turns out, is the...
Q3 2017 Global DDoS Threat Landscape Report
Today we are releasing our latest Global DDoS Threat Landscape Report, a statistical analysis of 5,765 network and application layer DDoS attacks mitigated by Imperva Incapsula services during Q3 2017. Before diving into the report’s highlights, it should be mentioned that this quarter was marked...
Get Going on Your GDPR Plan [Infographic]
General Data Protection Regulation GDPR enforcement begins May 2018. Are you ready? While enforcement may seem a way off, you don’t want to get derailed by last-minute planning efforts. Organizations should revisit their security and compliance strategies today to ensure they’re prepared to meet...
Imperva Customers Protected Against CVE-2026-49975 (HTTP/2 Bomb) DoS
TL;DR: CVE-2026-49975, dubbed the “HTTP/2 Bomb,” is a critical remote Denial-of-Service DoS vulnerability affecting default HTTP/2 configurations of major web servers including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. Discovered by security firm Calif using OpenAI’s Code...
React2DoS (CVE-2026-23869): When the Flight Protocol Crashes at Takeoff
Executive Summary In this article, we disclose a new high severity unauthenticated remote denial‑of‑service vulnerability we identified and reported in React Server Components that we’ve dubbed “React2DoS”. In this blog, we’ll analyze its impact and place it in the broader context of recently fou...
Cloud Based WAF Upload Scan and Control: The New Standard for File Upload Security
We're excited to announce the launch of Upload Scan and Control, an essential new feature for Imperva Cloud WAF. This add-on tackles one of the most critical vulnerabilities facing web applications today—insecure file uploads—offering protection with scalability, simplicity, and enterprise-grade...
The 2025 WAF Wave from the Other Side
Forrester just published its 2025 Web application Firewall Wave. As a former industry analyst, and as a contributor on the vendor side for Imperva cough, a leader in the report, cough, let me share some reactions on the shape of this report. The Center of the Universe The first top level header H...
The CISO’s Top Priority: Elevating Data-Centric Security
The shift to cloud computing has enhanced the resilience and security of most organizations. In this era of unparalleled agility and scalability, data-centric security can offer transformational opportunities for Chief Information Security Officers CISOs to improve data protection, compliance, an...
Optimizing Data Lakes: Streamlining Storage with Effective Object Management
Data lakes are a popular solution for data storage, and for good reason. Data lakes are flexible and cost effective, as they allow multiple query engines and many object formats without the need to manage resources like disks, CPUs, and memory. In a data lake, data is simply stored in an object...
Five Takeaways from Black Friday & Cyber Monday Cyber Attacks
The online retail industry is one of the prime targets for cybercrime, as detailed in our annual analysis of the cybersecurity threats targeting eCommerce websites and applications. As the 2023 holiday shopping season continues, Imperva Threat Research is closely monitoring how cybercriminals are...
Augmented Software Engineering in an AI Era
Artificial Intelligence AI has been making waves in many industries, and software engineering is no exception. AI has the potential to revolutionize the way software is developed, tested, and maintained, bringing a new level of automation and efficiency to the field. However, with this...
The Global DDoS Threat Landscape – November 2022
Every month in this space, we will post the Global DDoS Threat Landscape blog on behalf of the Imperva Threat Research team. As DDoS attacks continue to pose a significant risk to businesses, it is critical that we regularly communicate our Threat Research team’s findings to help the cybersecurit...
The 5-Question Test to Assess Your Readiness to Manage Insider Threats
An insider threat is a cyber security risk that originates from within any organization that is being targeted by attackers. Often, insider threats involve a current or former employee, or business associate, who has access to sensitive information or privileged accounts, and who misuses this...
The Global DDoS Threat Landscape – September 2022
Every month in this space, we will post the State of the Global DDoS Threat Landscape blog on behalf of the Imperva Threat Research team. As DDoS attacks become more frequent, varied, and sophisticated, it is critical that we regularly communicate the Imperva Threat Research team’s findings and...
Is it Illegal to Scrape a Website for Content?
Web scraping is the process of using bots to extract information from a website. In recent years, the debate over web scraping is growing more complex as business intelligence and data privacy issues arise. The practice of web scraping has gone on for nearly as long as there have been websites. T...
Four Reasons why you Should Consider Contingency DDoS Protection
The experts agree that Imperva is solidly positioned as a leader in Distributed Denial of Service DDoS mitigation. Over our many years as leaders in this space, we have determined that no matter how reliable your current DDoS protection is, there is always a chance that your network infrastructur...
The Benefits of Including Static Data Masking in Your Security Arsenal
Static data masking SDM is defined as, “The act of permanently replacing sensitive data at rest with a realistic fictional equivalent for the purpose of protecting data from unwanted disclosure.” Industry analysts characterize SDM as a must-have data protection layer capable of protecting large...
7 Facts About Insider Threats That Should Make you Rethink Data Security
In the report, Insider Threats Drive Data Protection Improvements, Forrester Research asserts that most organizations are making positive steps toward protecting the sensitive data they are migrating to the cloud. However, Forrester suggests that many have not devised a comprehensive plan that...
How to Reduce the Risk of Buy Now, Pay Later Fraud
According to a recent FinTech trends report, 2022 is expected to be a big year for Buy Now, Pay Later BNPL. Apple’s recent announcement of its entry into BNPL with Apple Pay Later represents a seismic boom for a sector which is projected to top $1 trillion in annual gross merchandise volume by...
Q1 2022 Global DDoS Threat Landscape Report Findings Summary
Last week, Imperva released the Q1 2022 Global DDoS Threat Landscape Report. To produce the report’s findings, Imperva performs detailed statistical analysis of all DDoS activity that our Threat Research Labs monitored from our global network of PoPs during the first three months of 2022. In...
Three Reasons Why Unification Drives Modern Data Security Strategy
Today, the necessities of business innovation compel most organizations to have several teams with diverse priorities managing dozens of data sources, all with different structures. This makes it impossible to secure complete data repositories successfully using traditional methods. This post wil...
Hacktivists Expanding DDoS Attacks as Part of International Cyber Warfare Strategy
In April 2022 it was reported that pro-Russian hacktivist group, KILLNET, carried out a series of Distributed Denial of Service DDoS attacks against a number of websites including the United Nations UN, The Organization for Security and Cooperation OSCE an organization founded in Finland, and oth...
Forrester Report Reveals the 5 Benefits IT Teams Really Need from API Security Tools
An Application Programming Interface API is a software intermediary that allows applications to communicate with one another. APIs provide routines, protocols, and tools for developers to facilitate and accelerate the creation of software applications. They enable applications to easily access an...
Building on Your Existing DAM Instance is Smart Budget Planning
For organizations that use it, Imperva’s DAM Gateway is the workhorse of data auditing and security. Today, the explosion of data and data repositories that organizations need to manage - both on-premises and in cloud environments - requires a more flexible, higher-capacity technology platform to...
API Gateway or not, You Need API Security
To build and deploy apps in a fast-paced, iterative process, cloud-native developers in organizations on the digital transformation journey rely on APIs for communication. With at least 90% of developers using APIs in cloud-native web application development, organizations are reviewing their API...
How Web Applications Are Attacked Through APIs
Happy Pi Day, everyone! As a technician, pi is a number that represents a constant. This constant reflects the ongoing cyberthreats that put enterprise assets at continuous risk as digital transformation and the resultant attack surface grow in parallel. Whether it’s a simple identity theft hack...
Imperva Suspends Operations in Russia and Belarus
We are heartbroken by the escalation of events in Ukraine, and the tragic loss of life, displacement of people, culture and history. The safety of our global team remains a priority, and we’re in constant communication with Impervians in Ukraine to ensure their well-being and that of their...
The Tripod Foundation of a Database Analytics Solution for Today’s Threat Landscape
In the first and second posts in this series, we explained why traditional approaches are no longer viable to take on today’s threat landscape and showed why internally-generated attacks are so difficult to stop. In this post, we’ll identify the critical elements of a highly effective database...
Five Data Privacy Tips for Consumers
As a consumer, you must assume that your personal information is not 100% safe online. Hackers cause data breaches every single day, exposing our email addresses, passwords, credit card numbers, social security numbers and other sensitive personal data in the process. Most people don’t think abou...
Grinchbots strike again this holiday shopping season as bot traffic spikes 73%
The days are getting chilly, holiday drinks are back on the menu at your favorite café and family gatherings are planned. In an almost pavlovian response, Grinchbots have also returned in record levels to ruin your online holiday shopping experience. In the State of Security Within eCommerce in...
Annual Imperva Hackathon Inspires 2022 Product Roadmap
Bold ideas, diverse thought and challenging the status quo sum up the Imperva state-of-mind. We’re always looking to inspire the next big innovation that can transform the future of the cybersecurity industry. But if there’s anything the past year and a half has taught us, it’s that transformativ...
Imperva Recognized as a Best Place to Work in Israel
It is not easy and takes many things to create a winning workplace, including and certainly not limited to: a vibrant culture, a balanced approach to professional and personal life, career advancement opportunities and, most importantly, a group of talented, world-class professionals who care abo...
New Imperva Java SDK: Greasing The Wheels for Active Directory Coding Projects
words and research by Gabriel Beyo. According to StackOverflow’s 2018 Developer Survey, Java remains one of the world’s most popular coding languages, universally liked for its versatility and ease of adoption. Even so, working under the pressures developers often do, a bit of help always goes a...
44% of Security Professionals Spend More than 20 Hours a Week Responding to Alerts
As the global cybersecurity climate continues to heat up, so too do the subsequent levels of alert fatigue IT security professionals have to deal with. A recent survey by Imperva reveals that nine percent of UK security teams battle with over five million alerts each week. Five million, just let...