Lucene search
K
ImpervablogMost viewed

1025 matches found

Imperva Blog
Imperva Blog
added 2017/08/02 3:29 p.m.49 views

Challenges of Big Data Security – Whiteboard Wednesday [Video]

Database security best practices are also applicable for big data environments. The question is how to achieve security and compliance for big data environments given the challenges they present. Issues of volume, scale, and multiple layers/technologies/instances make for a uniquely complex...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/02/28 5:0 p.m.48 views

Imperva Customers are Protected Against New SQL Injection Vulnerability in WordPress Plugin

A critical security flaw, identified as CVE-2024-1071, was discovered in the Ultimate Member plugin for WordPress, affecting over 200,000 active installations. This vulnerability has a high severity CVSS score of 9.8 and allows for SQL injection via the sorting parameter due to insufficient input...

7.5CVSS8.8AI score0.89431EPSS
Exploits8
Imperva Blog
Imperva Blog
added 2023/07/23 1:11 a.m.48 views

Adobe ColdFusion vulnerabilities mitigated by Imperva

Several vulnerabilities in Adobe ColdFusion have been discovered recently, tracked as CVE-2023-29300, CVE-2023-38205, and CVE-2023-29298. These vulnerabilities, which can be exploited to allow arbitrary code execution and bypass access controls, affect several ColdFusion versions since 2016...

7.5CVSS8.1AI score0.99984EPSS
Exploits0
Imperva Blog
Imperva Blog
added 2021/05/31 1:56 p.m.48 views

Imperva’s WAF Gateway 14.4 Protects Enterprises for the Post-COVID Era

Whether it’s called the New Normal or Next Normal era, COVID-19 has impacted all businesses worldwide and accelerated their digital transformation initiatives during this new post-pandemic era. Whether it’s from a recent retail trend like omnichannel commerce or a newly defined, post-COVID practi...

1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/07/24 4:13 p.m.48 views

The Data Breach ‘Kill Chain’: Early Detection is Key

Today, organizations rely heavily on data, with a big portion of that data made up of sensitive information. As organizations become the custodians of more and more sensitive information, the frequency of data breaches increases accordingly. In some cases, the origin of a data breach is outside o...

1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/06/19 4:2 p.m.48 views

Indonesian Hacker Group Cashes In On Blockbuster Movie Titles

When breaking the law isn't a barrier, there’s always a way to make a quick buck. We see it every day, and this time from an Indonesian cybercrime campaign infecting vulnerable websites by luring their visitors to a network of scam websites using blockbuster movies. The attack part I: Recruiting...

0.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/06/12 10:6 p.m.48 views

Clustering App Attacks with Machine Learning Part 2: Calculating Distance

In our previous post in this series we discussed our motivation to cluster attacks on apps, the data we used and how we enriched it by extracting more meaningful features out of the raw data. We talked about the many features that can be extracted from IP and URL. In this blog post we’ll discuss...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/06/01 3:1 p.m.48 views

New research shows 75% of ‘open’ Redis servers infected

Since our initial report on the RedisWannaMine attack that propagates through open Redis and Windows servers, we’ve been hearing about more and more attacks on Redis servers. Redis is a great tool, it can serve as in-memory distributed database, cache or a message broker and is widely popular...

0.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/10/09 3:30 p.m.48 views

How to Protect AWS ECS with SecureSphere WAF

Adoption of container technology is growing widely. More and more workloads are being transferred from traditional EC2 compute instances to container-based services. However, the need for securing the web traffic remains the same regardless of the elected platform. In this post, we’ll deep dive...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/10/05 3:30 p.m.48 views

Q2 2017 Global DDoS Threat Landscape Report

This week we released our latest Global DDoS Threat Landscape Report, a statistical analysis of more than 15,000 network and application layer DDoS attacks mitigated by Imperva Incapsula services during Q2 2017. This quarter, for the fifth one in a row, we saw a decrease in the number of network...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/07/12 3:39 p.m.48 views

Top Insider Threat Concern? Careless Users. [Survey]

It’s been a busy year thus far in the cybercrime world with the stakes seeming to grow higher every month. Just last month, insider threats were making headlines with a news report that Reality Winner, a contractor for the National Security Association with a top-level security clearance, leaked...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/24 4:32 p.m.47 views

Top five insights from the 2021 CyberEdge Cyberthreat Defense Report

For the last eight years, the Cyberthreat Defense Report has been helping enterprise security professionals gauge their internal practices and security investments against their peers across multiple countries and industries. The report is based upon data from 1,200 qualified IT security...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/02 6:25 p.m.47 views

Is It Time to Consider Replacing Your CDN?

Content delivery networks CDNs are the pipelines of the Internet. Working behind the scenes, they are reshaping how information is consumed online, accelerating web traffic, enhancing user experience, and providing every website with the ability to truly go global. As you may imagine, any...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/01/11 1:51 p.m.47 views

Reprioritizing security requirements for 2021

To say 2020 was a strange year would be an understatement. Among the effects of the global pandemic were major changes in where and how people work and accelerated commitments to organizational digital transformation. Cyber attackers weren’t shy about taking advantage of the blind spots these...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/04/08 12:17 p.m.47 views

New Imperva Framework: Accelerating the development of large scale solutions with “Stepping”

Handling large amounts of data at scale is a common task in the high-tech industry nowadays. To address this challenge many frameworks have been developed and made publicly available such as distributed messaging queues, distributed databases, lightweight protocols and caching servers, among...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/12/04 2:45 p.m.47 views

Hey Belfast, Imperva’s Moving Into The Neighborhood

As a local, I’m very excited to be Imperva’s first Belfast hire, in charge of spinning up the operation in our new European location. Imperva provides best-in-class data and application security solutions on premises, in the cloud, and in hybrid environments. As we position ourselves for the next...

1.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/09/24 9:38 p.m.47 views

Imperva Joins Global Cybersecurity Tech Accord

Imperva is dedicated to the global fight to keep people's data and applications safe from cybercriminals. What this means for our Imperva Threat Research team is that we spend a lot of time researching new cyber attacks, creating mitigations and writing powerful software. We believe that nothing...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/10/11 3:22 p.m.47 views

Bo Knows Security – Whiteboard Wednesday [Video]

October is National Cyber Security Awareness Month NCSAM and to address this week's theme of "Cybersecurity in the Workplace is Everyone’s Business" our Whiteboard Wednesday this month features Bo Kim, head of information security at Imperva. When it comes to building a security program, focusing...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/04/16 7:1 a.m.46 views

Five Key Takeaways from the 2024 Imperva Bad Bot Report

Bad bots continue to affect consumers and organizations across all sectors. For over eleven years, Imperva has been dedicated to helping organizations manage and mitigate the threat of bad bots. We’ve published the 2024 Imperva Bad Bot Report as part of our commitment to helping organizations...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/01/28 4:25 p.m.46 views

Enhanced Security at the Edge with Imperva DNS Protection

Your website is the gateway to your business and the potential for disruption of your site or damage to your web infrastructure makes DNS security a serious consideration for organizations. The criticality of DNS Services for ensuring network connectivity and website availability make them a hot...

0.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/10/12 7:57 p.m.46 views

Imperva’s Mobile Security App

How many apps do you currently have on your mobile device? Is this number a total across both your personal and professional devices? Did you know that between Android’s Google Play Store and Apple’s App Store, there are between 2.2 and 2.8 million apps available to download? Did you know that,...

0.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2026/06/22 11:39 a.m.45 views

On-Premises API Security on Kubernetes: What It Actually Looks Like in Practice

Let’s Talk About Where Your APIs Actually Run Quick answer: On-premises API security keeps API discovery, detection, and enforcement inside your own perimeter instead of a third-party cloud—the model regulated industries need. Deploying it natively on Kubernetes sidecar sensors → a discovery...

6.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/07/01 5:4 p.m.45 views

Five Tips to Impress at Your CISO Job Interview

Chief Information Security Officers CISOs are in demand and the lack of experienced candidates, coupled with the evolving required skill set, helped make it the highest paying tech job in 2020. With 100% of large corporations Fortune 500, Global 2000 forecast to have a CISO or equivalent position...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/09 4:6 p.m.45 views

Analysis of 100 Data Breaches: Part 2, What are the root causes of breaches?

As we discussed in Part 1 of this series, Imperva’s Security Labs continuously monitor cyber threat levels around the world and report on them. In the last post, we reported the breakdown of the specific types of data that get stolen and explained what organizations needed to do to mitigate the...

8.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/07 3:29 p.m.45 views

Lessons Learned from 100 Data Breaches: Part 1, What Specific Types of Data Get Stolen?

As part of Imperva’s Security Labs’ ongoing efforts to monitor and report on the current Application and Data Security Threat landscape, we studied and analyzed over 100 of the largest and best-known data breaches of the last decade. Download the full report, Lessons Learned From Analyzing 100 Da...

0.3AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/02/23 4:4 p.m.45 views

The Pitfalls of DIY Security for Your AWS RDS Databases

AWS RDS enables easy DIY database provisioning The trend toward using Database as a Service DBaaS is unmistakable. Organizations are leveraging DBaaS flexibility to bring new products and services to market faster, or to save time and money by reducing the cost and complexity of their database...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2019/12/19 8:31 p.m.45 views

The Zero Trust Approach to Data Security – 2020 Trend #2

As 2019 comes to an end, our security experts are looking ahead to the new year to predict cybersecurity trends that will shape the landscape in 2020. Imperva CTO Kunal Anand blogged about his “Top 5 Cybersecurity Trends to Prepare for in 2020,” last week. This week, we’re digging deeper into his...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2019/10/23 6:18 p.m.45 views

Celebrate Cybersecurity Awareness Month with These Tips From a Survey of 1,200 Security Pros

Held every October, National Cybersecurity Awareness Month NCSAM is a collaborative effort between government and industry meant to raise awareness about the importance of cybersecurity. NCSAM is focused largely on consumer awareness, but for cybersecurity leaders, it is also a great opportunity ...

7.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/09/06 3:30 p.m.45 views

Sensitive Data Access: Where Traditional UBA Solutions Fall Short – Whiteboard Wednesday [Video]

In today’s global information economy an ever-increasing amount of sensitive data is collected, used, exchanged, analyzed, and retained. And with that comes an ever-increasing number of accidental or intentional data breaches. Identifying inappropriate access to data is paramount in stopping a...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/25 1:52 p.m.44 views

Infographic: Bad Bot Sophistication Levels

All bad bots interact with applications in the same way a legitimate user would, making them harder to detect and block. They enable high-speed abuse, misuse, and attacks on your websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to perform ...

1.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/01/05 4:48 p.m.44 views

2020 Ends With A Bang

December 2020 was an eventful month in cyber security. This blog recaps three of the major security events we saw towards the end of last year. December began with FireEye’s breach announcement that included a leak of its red team tools arsenal. Quickly after this announcement, Imperva Threat...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/06/16 7:1 a.m.44 views

5 Things to Know About Imperva RASP

Imperva Runtime Application Self-Protection RASP is a server-side security solution for applications, providing application security by default. Here are 5 things to know about Imperva RASP: 1. RASP and a WAF are complementary While a cloud-based web application firewall keeps previously known ba...

0.2AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/02/05 7:59 a.m.44 views

2019 Global DDoS Threat Landscape Report

Today Imperva Research Labs, made up of senior researchers and industry experts who have been delivering sound and valid advice for over 15 years, is releasing a brand new Global DDoS Threat Landscape Report. The report is a statistical analysis of 3,643 network layer DDoS attacks throughout 2019...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/07/19 3:26 p.m.44 views

Imperva Cloud Security Now Available Through UK Government’s GCloud 10 Digital Marketplace

Building on the success of Imperva listing our market-leading, single stack Incapsula cloud platform for DDOS protection; CDN; load balancing and WAF on the GCloud 9 framework, Imperva has now added more products to the GCloud 10 portfolio. As the UK pushes for even greater digital adoption on a...

0.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/06/05 4:56 p.m.44 views

Zero to Account Takeover: How I ‘Impersonated’ Someone Else Using Auth0

Since the publication of this blog, attempts have been made to discredit our findings, methodology and accuracy. Imperva stands by our research. Our findings were reported to Auth0 as part of their own bug bounty program, following their official process. Auth0 was kept informed of our findings a...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/12/21 9:0 a.m.44 views

Top Five Trends IT Security Pros Need to Think About Going into 2018

It’s that time of the year when we look back at the tech trends of 2017 to provide us with a hint of things to come. Accordingly, let’s engage in our favorite end-of-year pastime: predictions about the coming year. Equipped with Imperva’s own research, interactions with our customers, and a wealt...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/10/30 6:49 p.m.44 views

Critical Infrastructure and Cyber Security

Before the recent natural disasters, I could describe to you how we as a community might recover after a cyberattack to our critical infrastructure, but it would be hard to imagine. Some may argue that it would be too extreme of a scenario to consider and that we would never get to the point wher...

7.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/07/20 3:30 p.m.44 views

Uncover Sensitive Data with the Classifier Tool

Understanding what sensitive data resides in your enterprise database is a critical step in securing your data. Imperva offers Classifier, a free data classification tool that allows you to quickly uncover sensitive data in your database. Classifier contains over 250 search rules for popular...

6.9AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/05/02 3:30 p.m.44 views

Why Care About Data-Centric Security?

It’s no surprise that data breaches are evolving and becoming increasingly more complex. According to the Verizon 2017 Data Breach Investigation Report, data breaches are “complex affairs often involving some combination of human factors, hardware devices, exploited configurations or malicious...

6.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/01/11 4:31 p.m.43 views

Python’s Poisoned Package: Another ‘Blank Grabber’ Malware in PyPI

Python Package Index PyPI is a platform that offers an extensive range of packages to simplify and enhance the development process. Malicious actors regularly upload phishing packages in the platform’s repository aimed at delivering malware to steal the victims information, or more frequently, to...

7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/07/20 1:49 p.m.43 views

How to build a security-first culture with remote teams

If recent world events have driven an increase in the number of remote workers in your organization, you are now confronted by even more security challenges for already stretched security teams and busy IT departments. Sixty-one percent of CISOs are more concerned about security risks targeting...

7.7AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/05/26 1:28 p.m.43 views

Top Four Reasons for Data Loss from Databases (and what to do about it)

The need for data loss prevention DLP is well understood by IT security practitioners. As organizations embrace cloud-based managed database services such as Amazon RDS and Amazon Redshift, these risks don’t go away, and in many ways become more serious. Although AWS takes the security of their...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/06/18 9:16 a.m.43 views

Implementing Privacy in a Real World Application

Background Whenever Personally Identifiable Information PII is involved, it is wise to encrypt it from the get go. Strong encryption coupled with need-to-know access is key to gaining the trust of your customers and protecting their privacy. And it’s often required by ever-evolving data privacy...

6.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/04/06 7:16 p.m.43 views

NIST Recognizes RASP as Critical to Lowering Risk

The United States Congress ratified the Cybersecurity Framework set forth by the National Institute of Standards and Technology NIST in 2014 to standardize the practices and controls that mitigate constantly evolving cyberthreats. The framework has been adopted by federal and local government...

0.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/03/31 7:33 p.m.43 views

Key Findings from the 2020 Cyberthreat Defense Report

The new 2020 Cyberthreat Defense Report CDR released this week. Now in its seventh year, the annual report provides a look at how global cybersecurity professionals perceive threats and plan to defend against them. The CDR enables cybersecurity professionals to benchmark their company’s security...

7.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2018/01/09 4:30 p.m.43 views

Cloud Migration Fundamentals

The advantages offered by a cloud-based environment make it an easy decision for most companies to make. Still, there are numerous critical choices to be made that can transform the complexities of the migration process into a relatively smooth transition—especially regarding application and data...

6.8AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/09/12 3:30 p.m.43 views

Encryption: Pros and Cons

The expression “when you are a hammer, everything is a nail” has a curious background. The concept belongs to a generalized law of the instrument which is a cognitive bias that occurs by being overly familiar with certain tools, and the likelihood of force-fitting problems to the tools at hand. A...

6.4AI score
Exploits0
Imperva Blog
Imperva Blog
added 2024/02/26 12:34 p.m.42 views

Latest Research Reveals Rise in API Attacks in 2023, Putting Businesses at Risk in 2024

The State of API Security in 2024 Report highlights how APIs and their increased usage are significantly changing the threat landscape. In 2023, the number of API-targeted attacks rose significantly. Attacks targeting the business logic of APIs constituted 27% of attacks in 2023, a growth of 10%...

7.5AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/06/22 1:37 p.m.42 views

How to Create a Simulated Phishing Attack Across Your Company

Email is one of the many weapons at the disposal of bad actors on the Internet, and your employees are in the firing line. Attackers try to hide behind a trusted entity, sometimes even masquerading as a known vendor or even as a representative of a group within your own organization, like HR or I...

0.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2021/05/04 11:41 a.m.42 views

Why Software Supply Chain Attacks Are Inevitable and What You Must Do to Protect Your Applications

Most organizations have limited visibility over their software supply chain and little control of up to 95% of the software code they utilize. With multiple code sources from multiple software vendors, the number of known and unknown vulnerabilities quickly grows beyond the capabilities of intern...

0.6AI score
Exploits0
Total number of security vulnerabilities1025