Imperva Cloud WAF and Graylog, Part II: How to Collect and Ingest SIEM Logs

This guide gives step-by-step guidance on how to collect and parse Imperva Cloud Web Application Firewall WAF, formerly Incapsula logs into the Graylog SIEM tool. Read Part I to learn how to set up a Graylog server in AWS and integrate with Imperva Cloud WAF. This guide assumes: You have a clean...

Now-Patched Google Photos Vulnerability Let Hackers Track Your Friends and Location History

A now-patched vulnerability in the web version of Google Photos allowed malicious websites to expose where, when, and with whom your photos were taken. Background One trillion photos were taken in 2018. With image quality and file size increasing, it’s obvious why more and more people choose to...

How Our Threat Analytics Multi-Region Data Lake on AWS Stores More, Slashes Costs

Data is the lifeblood of digital businesses, and a key competitive advantage. The question is: how can you store your data cost-efficiently, access it quickly, while abiding by privacy laws? At Imperva, we wanted to store our data for long-term access. Databases would’ve cost too much in disk and...

How to Deploy a Graylog SIEM Server in AWS and Integrate with Imperva Cloud WAF

Security Information and Event Management SIEM products provide real-time analysis of security alerts generated by security solutions such as Imperva Cloud Web Application Firewall WAF. Many organizations implement a SIEM solution to bring visibility of all security events from various solutions...

Mapping Communication Between Facebook Accounts Using a Browser-Based Side Channel Attack

A now-patched vulnerability in the web version of Facebook Messenger allowed any website to expose who you have been messaging with. In a previous post, I showed how your Facebook likes, location history, and other metadata could have been extracted from your Facebook account using a side-channel...

Imperva Wins Awards for Best Database Security, Coolest Cloud Security Vendor

SC Magazine has long been one of the most respected names in cybersecurity journalism, and one that has written about Imperva’s security research and solutions many times. So we’re proud to announce that we’ve won the 2019 SC Award for Best Database Security solution at SC’s awards ceremony on...

Hundreds of Vulnerable Docker Hosts Exploited by Cryptocurrency Miners

Docker is a technology that allows you to perform operating system level virtualization. An incredible number of companies and production hosts are running Docker to develop, deploy and run applications inside containers. You can interact with Docker via the terminal and also via remote API. The...

Don’t Let Security Needs Halt Your Digital Transformation. Imperva FlexProtect Offers Agile Security for any Enterprise.

Is your enterprise in the midst of a digital transformation? Of course it is. Doing business in today’s global marketplace is more competitive than ever. Automating your business processes and infusing them with always-on, real-time applications and other cutting-edge technology is key to keeping...

Latest Drupal RCE Flaw Used by Cryptocurrency Miners and Other Attackers

Another remote code execution vulnerability has been revealed in Drupal, the popular open-source Web content management system. One exploit — still working at time of this writing — has been used in dozens of unsuccessful attacks against our customers, with an unknown number of attacks, some like...

Imperva Makes Major Expansion in Application Security

When Imperva announced in 2018 it would acquire the application security solution provider Prevoty, a company I co-founded with Julien Bellanger, I knew it would be a win-win for our industry. Prevoty’s flagship product, Autonomous Application Protection, is the most mature, market-tested runtime...

No One is Safe: the Five Most Popular Social Engineering Attacks Against Your Company’s Wi-Fi Network

Your Wi-Fi routers and access points all have strong WPA2 passwords, unique SSIDs, the latest firmware updates, and even MAC address filtering. Good job, networking and cybersecurity teams! However, is your network truly protected? TL;DR: NO! In this post, I’ll cover the most common social...

How Imperva’s New Attack Crowdsourcing Secures Your Business’s Applications

Attacks on applications can be divided into two types: targeted attacks and “spray and pray” attacks. Targeted attacks require planning and usually include a reconnaissance phase, where attackers learn all they can about the target organization’s IT stack and application layers. Targeted...

A Cybersecurity and Cloud Innovator – and a Great Partner

Imperva has long been a cybersecurity leader, recognized by the likes of Gartner and Forrester Research for the capabilities of our application and data security solutions. For more than 6,000 business customers, we are their champion in the daily fight to secure data and applications. To ensure...

The Challenges of DIY Botnet Detection – and How to Overcome Them

Botnets have been around for over two decades, and with the rise of the Internet of Things IoT they have spread further to devices no one imagined they would - printers, webcams, and even toasters and fridges. Some botnets enlist infected devices to mine cryptocurrency or steal passwords from oth...

Meet the New Imperva – Defending Your Business Growth Today and Tomorrow

Today’s Imperva is a champion in the fight to secure data and applications, wherever they reside. The threat landscape is dangerous and ever-changing, but our thousands of customers know they can count on Imperva to protect them. No wonder our solutions are recognized as leaders by analysts such ...

Seven Must-Dos to Secure MySQL 8.0

Most database breaches are blamed on insiders such as employees who are either malicious or whose security has been compromised. In fact, most of these breaches are actually caused by poor security configuration and privilege abuse. Every new database version brings security upgrades. Use them...

Seven Must-Dos to Secure MySQL 8.0

Most database breaches are blamed on insiders such as employees who are either malicious or whose security has been compromised. In fact, most of these breaches are actually caused by poor security configuration and privilege abuse. Every new database version brings security upgrades. Use them...

Imperva Increases Self-Service Capability Fourfold with Custom Security Rules

Back in 2014, we introduced Rules previously IncapRules to give our customers advanced control over their application security. Today we’re putting even more of this custom tuning power in the hands of our customers by quadrupling the number of filters available via self-service. Rules Basics Rul...

Dynamic Content Acceleration in Imperva CDN Improves Enterprise Website Performance

Today we introduced a new dynamic content acceleration network enhancement feature designed to improve response times to the origin server by up to 30%. Clients using the Imperva content delivery network CDN service are now able to more fully leverage the high-quality connectivity between PoPs in...

The State of Web Application Vulnerabilities in 2018

Jan. 12 update: Due to a data transfer error, some of the 2017 figures were incorrectly reported; this version of the blog has been corrected. This error did not affect our 2018 statistics, nor our conclusions. As a web application firewall provider, part of our job at Imperva is to continually...

Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending

We recently discovered that the latest version of Scapy, a powerful packet manipulation tool used by cybersecurity researchers and network engineers, is susceptible to a Denial of Service DoS vulnerability. Ironically, we found this vulnerability while researching ways to better detect and fight...

The Year Ahead: Cybersecurity Trends To Look Out for In 2019

A Proven Record Tracking Cybersecurity Trends This time of the year is always exciting for us, as we get to take a step back, analyze how we did throughout the year, and look ahead at what the coming year will bring. Taking full advantage of our team’s expertise in data and application security,...

Read: New Attack Analytics Dashboard Streamlines Security Investigations

Attack Analytics, launched this May, aimed to crush the maddening pace of alerts that security teams were receiving. For security analysts unable to triage this avalanche of alerts, Attack Analytics condenses thousands upon thousands of alerts into a handful of relevant, investigable incidents...

Hey Belfast, Imperva’s Moving Into The Neighborhood

As a local, I’m very excited to be Imperva’s first Belfast hire, in charge of spinning up the operation in our new European location. Imperva provides best-in-class data and application security solutions on premises, in the cloud, and in hybrid environments. As we position ourselves for the next...

Imperva Integration With AWS Security Hub: Expanding Customer Security Visibility

This article explains how Imperva application security integrates with AWS Security Hub to give customers better visibility and feedback on the security status of their AWS hosted applications. Securing AWS Applications Cost reduction, simplified operations, and other benefits are driving...

Headless Chrome: DevOps Love It, So Do Hackers, Here’s Why

Google Chrome is the most popular web browser and has been so for almost a decade. Each new version of Chrome brings new usability, security and performance features. This article focuses on the “headless mode” feature that Google released more than a year ago; and, since day one has become very...

DirtyCOW Bug Drives Attackers to A Backdoor in Vulnerable Drupal Web Servers

In this post we’ll unpack a short -- but no less serious -- attack that affected some Linux-based systems, on October 31. Throughout the campaign, the attacker used a chain of vulnerabilities including the infamous Drupalgeddon2 and DirtyCOW, and system misconfigurations to persistently infect...

With The NASDAQ Bell Ceremony, We Kick Off The Next Leg of Imperva’s Incredible Journey

On Friday morning our CEO Chris Hylen and company execs rung the NASDAQ opening bell in New York, welcoming another day of trading for the world’s second-largest stock exchange; and taking full advantage of the opportunity to celebrate recent corporate milestones for Imperva. “I’m honored to be...

Imperva and Amazon Partner to Help Mitigate Risks Associated With Cloud Migration

Helping our customers reduce the risks associated with migrating to the cloud, and preventing availability and security incidents, has been a major development focus for Imperva over the last several years. Why the partnership matters Although cloud service providers take a host of IT management...

Patched Facebook Vulnerability Could Have Exposed Private Information About You and Your Friends

In a previous blog we highlighted a vulnerability in Chrome that allowed bad actors to steal Facebook users’ personal information; and, while digging around for bugs, thought it prudent to see if there were any more loopholes that bad actors might be able to exploit. What popped up was a bug that...

New Docker-based Dev Pipeline: Microservice Projects Just Got A ‘Speed-Boost’

A bulwark of software engineering projects, the development pipeline is an automated process used to deliver changes from development through to production; enabling near real-time updates. The dev pipeline is a critical time saver as it enables you to: Avoid mistakes and wasted time as a result...

New Imperva Java SDK: Greasing The Wheels for Active Directory Coding Projects

words and research by Gabriel Beyo. According to StackOverflow’s 2018 Developer Survey, Java remains one of the world’s most popular coding languages, universally liked for its versatility and ease of adoption. Even so, working under the pressures developers often do, a bit of help always goes a...

New Imperva Java SDK: Greasing The Wheels for Active Directory Coding Projects

According to StackOverflow’s 2018 Developer Survey, Java remains one of the world’s most popular coding languages, universally liked for its versatility and ease of adoption. Even so, working under the pressures developers often do, a bit of help always goes a long way. To that end, we’ve put...

44% of Security Professionals Spend More than 20 Hours a Week Responding to Alerts

As the global cybersecurity climate continues to heat up, so too do the subsequent levels of alert fatigue IT security professionals have to deal with. A recent survey by Imperva reveals that nine percent of UK security teams battle with over five million alerts each week. Five million, just let...

Survey: 44% of Security Professionals Spend More than 20 Hours a Week Responding to Alerts

As the global cybersecurity climate continues to heat up, so too do the subsequent levels of alert fatigue IT security professionals have to deal with. A recent survey by Imperva reveals that nine percent of UK security teams battle with over five million alerts each week. Five million, just let...

Read: How To Build Resilient Cloud Configuration Shields

Configurable systems have a high level of flexibility and are better adapted to most customer needs, but their management isn’t a trivial task in complex cloud deployments. The configuration management concept isn't new and originated in the United States Department of Defense in the 1950s as a...

The World’s Most Popular Coding Language Happens to be Most Hackers’ Weapon of Choice

Python will soon be the world’s most prevalent coding language. That’s quite a statement, but if you look at its simplicity, flexibility and the relative ease with which folks pick it up, it’s not hard to see why The Economist recently touted it as the soon-to-be most used language, globally...

Imperva Joins Global Cybersecurity Tech Accord

Imperva is dedicated to the global fight to keep people's data and applications safe from cybercriminals. What this means for our Imperva Threat Research team is that we spend a lot of time researching new cyber attacks, creating mitigations and writing powerful software. We believe that nothing...

Microsoft and Imperva Collaboration Bolsters Data Compliance and Security Capabilities

This article explains how Imperva SecureSphere V13.2 has leveraged the latest Microsoft EventHub enhancements to help customers maintain compliance and security controls as regulated or sensitive data is migrated to Azure SQL database instances. Database as a Service Benefits Platform as a Servic...

Explainer Series: RDaaS Security and Managing Compliance Through Database Audit and Monitoring Controls

As organizations move to cloud database platforms they shouldn't forget that data security and compliance requirements remain an obligation. This article explains how you can apply database audit and monitoring controls using Imperva SecureSphere V13.2 when migrating to database as a service clou...

Taking Stock: The Internet of Things, and Machine Learning Algorithms at War

It’s in the news every day; hackers targeting banks, hospitals, or, as we’ve come to fear the most, elections. Suffice to say then that cybersecurity has, in the last few years, gone from a relatively obscure industry – let's qualify that: not in the sense of importance, but rather how folks have...

Imperva Recognized as a 2018 Gartner Magic Quadrant WAF Leader, Five Years Running

Gartner has named Imperva as a Leader in the 2018 Gartner Magic Quadrant for Web Application Firewalls WAF -- for the fifth year in a row! Our combination of on-premises appliances, cloud WAF, shared threat intelligence and flexible licensing once again cement us as the best choice for companies ...

Report: Nearly Half of Security Professionals Think They Could Execute a Successful Insider Attack on Their Organization

As potential threats and entry points into organizations’ databases keep growing, so does the amount of money folks are throwing at detecting and actioning insider threats. In fact, the ballooning amount of money being spent on cybersecurity overall clearly highlights the seriousness with which...

Explainer Series: What is Clickjacking?

Here we go, another online trap ready to ensnare unsuspecting – well, until now anyway – users. As if Phishing, Cryptojacking, credential stuffing and old school scamming wasn’t enough, folks really just can’t catch a break these days. Anyway, we’re here to chat about clickjacking, for those of y...

Static vs Dynamic Data Masking: Why Are We Still Comparing the Two?

Earlier this month a leading analyst released their annual report on the state of Data Masking as a component of the overall Data Security sector; which included commentary on what’s known as ‘static’ data masking and an alternative solution known as ‘dynamic’ data masking. And these two solution...

Read: Apache Struts Patches ‘Critical Vulnerability’ CVE-2018-11776

On August 22, Apache Struts released a security patch fixing a critical remote code execution vulnerability. This vulnerability has been assigned CVE-2018-11776 S2-057 and affects Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16. The vulnerability was responsibly disclosed by Man Yue Mo fro...

A Bug in Chrome Gives Bad Actors License to Play ‘20 Questions’ with Your Private Data

In a 2013 interview with The Telegraph, Eric Schmidt, then CEO of Google was quoted as saying: “You have to fight for your privacy or lose it.” Five years later, with the ‘Cambridge Analytica’ data breach scandal fresh in our memory, Eric Schmidt’s statement rings as a self-evident truth. Similar...

Watch: An Account Takeover Attack Using Credential Stuffing, and How to Protect Against It [Video]

As cryptocurrencies continue to grow in diversity, so too do the threats they face, specifically those targeting the cryptocurrency exchange. Now, more than ever, cryptocurrency exchanges are facing security threats in the form of volumetric and application layer DDoS and account takeover ATO...

Enhanced Infrastructure DDoS Protection Analytics: Targeted Visibility for Greater Accuracy

We've rolled out enhanced infrastructure protection analytics which shows top traffic patterns for traffic flowing through our Incapsula Infrastructure DDoS Protection service. Imperva clients can now view network statistics categorized by source or destination IPs and ports, or by packet size fo...

Onwards and Upwards: Our GDPR Journey and Looking Ahead

At Imperva, our world revolves around data security, data protection, and data privacy. From our newest recruits to the most seasoned members of the executive team, we believe that customer privacy is key. For the better part of the last two years, Imperva has laid the foundation for our complian...