Critical Infrastructure and Cyber Security

Before the recent natural disasters, I could describe to you how we as a community might recover after a cyberattack to our critical infrastructure, but it would be hard to imagine. Some may argue that it would be too extreme of a scenario to consider and that we would never get to the point wher...

Women in Tech and Career Spotlight: Michal Pal

We continue our articles focusing on the themes of National Cyber Security Awareness Month with the first of a series of articles spotlighting some of the women who work at Imperva. I spoke to Michal Pal, automation group manager for the Imperva Incapsula product line and got to know about what...

Detecting Data Breaches: Why Understanding Database Types Matters

Different data characteristics and access patterns found in different database systems lead to different ways of detecting suspicious data access, which are indicators of potential data breaches. To accurately detect data access abuse we need to classify the database processing type. Is it a...

Protecting Xero’s Cloud-Based Accounting Platform from Cyber Attacks

Meeting with customers is always insightful, and recently I got a chance to sit down with Aaron McKeown, head of security engineering and architecture at Xero, to talk about how they use Imperva SecureSphere for their cloud-hosted applications. Founded in 2006, Xero provides cloud accounting...

Monitor More, Worry Less. Outpace Threats With Machine Learning.

In the past two years, enterprises have created more data than has been created in the entire history of humankind. At scale, securing this amount of data requires a re-think of how we grant and revoke access to sensitive files and, more importantly, how we identify and track the inevitable acces...

Tuning Capacity Tips for SecureSphere Database Activity Monitoring

You have Imperva SecureSphere Database Activity Monitoring DAM up and running. You’ve deployed the system and configured your business audit policies. So, what’s next? In a previous post I discussed the capacity management challenges of database monitoring solutions, in this post I’ll elaborate o...

Today’s Predictions for Tomorrow’s Internet

This weekend I realized just how much the future of securing the Internet of Things IoT will become a critical component to maintain our lifestyle. CyberPatriot is the National Youth Cyber Education Program created by the Air Force Association to encourage careers in STEM. Each year the program...

Ransomware Attacks on MySQL and MongoDB

Ransomware is arguably one of the most vicious types of attack cyber security experts are dealing with today. The impact ransomware attacks can have on an organization is huge and costly. A ransomware payment alone does not reflect the total expense of an attack—the more significant costs come fr...

Bo Knows Security – Whiteboard Wednesday [Video]

October is National Cyber Security Awareness Month NCSAM and to address this week's theme of "Cybersecurity in the Workplace is Everyone’s Business" our Whiteboard Wednesday this month features Bo Kim, head of information security at Imperva. When it comes to building a security program, focusing...

How to Protect AWS ECS with SecureSphere WAF

Adoption of container technology is growing widely. More and more workloads are being transferred from traditional EC2 compute instances to container-based services. However, the need for securing the web traffic remains the same regardless of the elected platform. In this post, we’ll deep dive...

Q2 2017 Global DDoS Threat Landscape Report

This week we released our latest Global DDoS Threat Landscape Report, a statistical analysis of more than 15,000 network and application layer DDoS attacks mitigated by Imperva Incapsula services during Q2 2017. This quarter, for the fifth one in a row, we saw a decrease in the number of network...

Professional Services for GDPR Compliance

The GDPR effective date is less than seven months away and the stakes are high. GDPR non-compliance penalties have the potential to be quite significant up to 79 times higher than existing guidelines, and GDPR applies to any organization of any size that collects or processes personal data...

Practical Tips for Personal Online Security

As a cybersecurity professional I write about enterprise security on a daily basis. But with the start of National Cyber Security Awareness Month NCSAM I was inspired to switch gears and write about personal security given this week’s theme of simple steps to online safety for consumers. So, with...

GDPR Requirements: Get Started with Classifier

The GDPR requires that organizations exhibit commitment to individuals’ data privacy by implementing a data protection by design and by default approach, meaning organizations need to build privacy and protection into their products, services, and applications. GDPR also mandates that organizatio...

Building a Security Risk Management Program

The frequency of data breaches today highlights the need to peel back the onion on security programs and identify a laser-focused mission and ultimate goal. As a compliance manager, I know the horror stories first hand. Let’s take a deeper dive into security and risk management basics to enable...

How to Deploy SecureSphere WAF on Azure

If you host apps in the cloud, then you need security in the cloud. The Imperva SecureSphere Web Application Firewall WAF identifies and acts upon dangers maliciously woven into innocent-looking website traffic, both on-premises and in the cloud, such as: Blocking technical attacks such as SQL...

Apache Struts, RCE and Managing App Risk

People used to argue about whether cyber security is a business problem or a technical problem. But this frames the issue poorly. “Problem” and “solution” imply that there is a definitive “solve.” Cybercrime isn’t a technical problem that can be definitively solved. It is an inherent business ris...

Three Ways to Use Data Classification Scan Results

In July we launched Classifier, a free data classification tool that allows you to quickly and easily uncover sensitive data in your databases. Since its launch, the tool has been widely used around the globe, which comes as no surprise given the heightened focus on data protection. Furthermore,...

Encryption: Pros and Cons

The expression “when you are a hammer, everything is a nail” has a curious background. The concept belongs to a generalized law of the instrument which is a cognitive bias that occurs by being overly familiar with certain tools, and the likelihood of force-fitting problems to the tools at hand. A...

CVE-2017-9805: Analysis of Apache Struts RCE Vulnerability in REST Plugin

Just two months ago we published an analysis of a critical remote code execution RCE security vulnerability in Apache Struts. Now Apache Struts has published a new version fixing yet another critical RCE vulnerability September 5, 2017. CVE-2017-9805 is a vulnerability in Apache Struts related to...

Sensitive Data Access: Where Traditional UBA Solutions Fall Short – Whiteboard Wednesday [Video]

In today’s global information economy an ever-increasing amount of sensitive data is collected, used, exchanged, analyzed, and retained. And with that comes an ever-increasing number of accidental or intentional data breaches. Identifying inappropriate access to data is paramount in stopping a...

Managing Security in a DevOps Environment

DevOps is a software development practice in which development and operations engineers collaborate during the entire product lifecycle. With the adoption of DevOps at mainstream levels, we now see security starting to take a bigger role in DevOps’ day-to-day responsibilities. From a security...

Data Protection and the GDPR Job Market

The May 2018 deadline for full GDPR compliance will be upon us all before we know it. The GDPR will affect all organizations—regardless of their location—that handle personal data coming out of the EU. Article 37 of the GDPR requires organizations to retain a data protection officer DPO if, among...

Analysis of Ronggolawe Ransomware and How to Block It

In the last few years ransomware attacks have been significantly on the rise. This infamous trend began by targeting end point users’ machines, such as personal desktop and laptops. Later, it evolved and broadened the attack surface to target mobile phones and servers. Web Servers Not Immune to...

Five Tips for Getting Started with Scuba Database Vulnerability Scanner

Scuba is a free tool that scans leading enterprise databases for security vulnerabilities and configuration flaws, including patch levels, that allows you to uncover potential database security risks. It includes more than 2,300 assessment tests for Oracle, Microsoft SQL Server, SAP Sybase, IBM D...

Addressing Data Across Borders for the GDPR

Most enterprises today do business across the globe, have databases in multiple countries and DBAs or users in different regions who have access to those databases. With GDPR mandating privacy requirements for personal data of European Union EU residents and visitors, it is important for an...

How to Protect AWS API Gateway with SecureSphere WAF

Serverless architectures are becoming more and more popular, and Amazon’s API Gateway service is a key factor in many serverless deployments on AWS. Currently API Gateway only supports a public CloudFront endpoint, and securing the API Gateway with high-end WAF protection may seem like a difficul...

A Leader for Four Consecutive Years in the Gartner Magic Quadrant for WAFs

Gartner has published their 2017 Magic Quadrant for Web Application Firewalls WAF and Imperva has again been named a WAF leader—now for four consecutive years. Attacks remain same, but infrastructure is changing According to 2017 Verizon Data Breach Investigations Report, web app attacks remain t...

Do’s and Don’ts of Capacity Estimation for Database Monitoring Tools

When deploying a database monitoring tool, one of the first things you need to do is to determine the size of your deployment. So, where do you start? In a previous blog post I described the various aspects that can have an impact on the capacity requirements needed for a database monitoring...

Challenges of Big Data Security – Whiteboard Wednesday [Video]

Database security best practices are also applicable for big data environments. The question is how to achieve security and compliance for big data environments given the challenges they present. Issues of volume, scale, and multiple layers/technologies/instances make for a uniquely complex...

Clustering and Dimensionality Reduction: Understanding the “Magic” Behind Machine Learning

These days we hear about machine learning and artificial intelligence AI in all aspects of life. We see machines that learn and imitate the human brain in order to automate human processes. There are autonomous cars that learn the road conditions to drive, personal assistants we can converse with...

How to Secure AWS Deployments with SecureSphere WAF

The Imperva SecureSphere Web Application Firewall WAF analyzes all user access to business-critical web applications and protects your applications and data from cyberattacks. SecureSphere WAF dynamically learns an applications’ “normal” behavior and correlates it with crowd-sourced threat...

Three Telltale Signs a Hacker Has Been in Your Account

Imperva’s latest Hacker Intelligence Initiative HII report, Beyond Takeover - Stories from a Hacked Account, was just released. With this research, we set forth to learn about the dynamics of phishing attacks from the victim’s perspective and shed some light on attacker practices. Our intent was ...

Uncover Sensitive Data with the Classifier Tool

Understanding what sensitive data resides in your enterprise database is a critical step in securing your data. Imperva offers Classifier, a free data classification tool that allows you to quickly uncover sensitive data in your database. Classifier contains over 250 search rules for popular...

Conversations on Securing Microservices, API Gateways and Containers

Last month, I met James name changed while at AWS Summit in London. As I was managing Imperva's booth, he walked over to me with a query about what we do. A conversation ensued and James described his company for me. They were into financial-legal intermediation between underwriters, insurance...

CVE-2017-9791: Analysis of RCE in the Struts Showcase App in Struts 1 Plugin

On July 7th, a new security vulnerability was published in Apache Struts 2 CVE-2017-9791 S2-0481. Struts 2.3.x users with Struts 1 plugin, which includes the Showcase app, are vulnerable. Once again, this vulnerability enables a Remote Code Execution RCE, which is the most commonly exploited Apac...

Top Insider Threat Concern? Careless Users. [Survey]

It’s been a busy year thus far in the cybercrime world with the stakes seeming to grow higher every month. Just last month, insider threats were making headlines with a news report that Reality Winner, a contractor for the National Security Association with a top-level security clearance, leaked...

Static Versus Dynamic Data Masking

Most participants in the trench warfare of IT security agree that the best way to protect data is to apply a layered approach to security. Data masking is a security and privacy enhancing technology recommended by industry analysts as a must-have data protection layer. While terminology varies...

Challenges of Insider Threat Detection – Whiteboard Wednesday [Video]

Insider threat detection and containment of insider threats requires an expert understanding of both users and how they use and access enterprise data. In our first Whiteboard Wednesday, Drew Schuil, Vice President of Global Product Strategy at Imperva, talks about the challenges of insider threa...

Move Securely to the Cloud: WAF Requirements and Deployment Options

Moving to the cloud has become an overwhelmingly popular trend even among organizations that were at first reluctant to make the move. Wherever you are in your cloud migration plan, it can take time, sometimes years, and often starts with first moving peripheral workloads to the cloud while leavi...

The Evolution of Cybercrime and What It Means for Data Security

Cybercrime is now an industry unto itself. And, just as any industry evolves, so does the cybercrime industry. This industry is built upon enterprise data. Granted, there is a ready underworld supply chain and market for vulnerabilities, attack kits, botnets, APTs, phishing-as-a-service,...

Are All Ransom Attacks Considered Ransomware?

Ransomware has loomed large in the news of late. It seems to be around every turn, and it’s not going anywhere. The untraceability of Bitcoin payments, coupled with new blackhat tools available to anyone at little if any cost, means extortion attempts will continue to grab headlines worldwide. Bu...

Today’s File Security is So ’80s, Part 3: Dynamic Peer Groups – 3 Examples from Customer Data

In the first two parts of this series, we discussed why permissions management, the traditional approach to file security, no longer works and introduced a new approach to file security that leverages machine learning to build dynamic peer groups based on how users actually access files. In this...

5 Questions to Ask Your CISO about the GDPR

The European General Data Protection Regulation GDPR comes into force on May 25, 2018, and it will have a huge impact on the way businesses store and collect personal information belonging to those located in the European Union EU. The regulation applies to all businesses that hold and process da...

Today’s File Security is So ‘80s, Part 2: Detect Suspicious File Access with Dynamic Peer Groups

In a previous post, we shared three primary reasons why the traditional, static approach to file security no longer works for today’s modern enterprises. Working groups are formed organically and are cross-functional by nature, making a black and white approach to file access control outdated—it...

Data Anonymization: Motivation and Mechanics

Data is one of the most valuable assets a company has in its possession. And while it may not be listed as a line item on the balance sheet, when a company’s data is breached it can have a very negative impact on the bottom line—in a company’s stock price, reputation and brand. One approach to...

Today’s File Security is So ’80s, Part 1: Why the Traditional Approach to File Security is Broken

In today’s knowledge-driven economy, modern enterprises have a fluid organizational structure in which most employees have access to most data to do their jobs. Working groups are formed organically and are cross-functional by nature. The amount of unstructured data organizations create is growin...

GDPR Readiness – Calculate Your Return on Security Investment (ROSI)

What is the cost of a data breach? Assuming annual revenue of £30M, a single fine could be as much as a whopping £1.2M—the maximum 4%—when the European Union’s General Data Protection Regulation GDPR becomes effective in May 2018. Compare that to a database control cost factor of £750K, the cost ...

7 Steps to Protect Your Data From Insider Threats

Like it or not, your greatest risk is already on the payroll. When internal users with trusted access to data are careless, become compromised or have malicious intent, enterprise data is exposed. Just ask the CIA. Detecting insider threats, however, is challenging for organizations due to the...

Protect Against WannaCry with Deception-Based Ransomware Detection

The WannaCry ransomware attack caught the world off guard—and may have even literally left some crying. The attack infected more than 230,000 computers in 150 countries by encrypting data on networked machines and demanding payments in Bitcoin. According to Malwarebytes researchers, the attack...