Community Blogs

Protect Your AWS Lambda Functions - for FREE

By Sarah Lamont(csp) posted 6 days ago
Be the first person to recommend this.
Join Rajaram Srinivasan , Imperva Senior Product Manager to learn how to protect your AWS Lambda Functions with Imperva... for free! This session covers: What it means to adopt serverless technology Why organizations need to secure their serverless functions How to secure your transition to AWS Lambd Raj also answers attendee questions live during a very active Q&A session. If you still have questions, why not comment below, or start your own thread ? Keep an eye on our events page for more webinars from Raj in the coming weeks. #RASP
0 comments

PowerShell and the SecureSphere API

By Jim Burtoft (Prm) posted 28 days ago
Be the first person to recommend this.
Imperva has a lot of documentation around the SecureSphere API along with examples of how to use it. https://docs.imperva.com/bundle/v12.6-api-reference-guide/page/61914.htm We also have a lot of tools and utilities built around it with examples using cURL and python: https://github.com/imperva/imperva-web-api-composer/blob/master/src/assets/CURL_API_Samples_SecureSphere.zip and https://github.com/imperva/mx-toolbox However, I was working with a customer that wanted to use PowerShell. All we had to do was follow the cURL examples - authenticate, save the returned session id to a cookie, then make our API call. While it seemed like a simple enough ...
0 comments

Webinar: Finding the data you didn't know you had.

By Sarah Lamont(csp) posted 07-26-2021
Be the first person to recommend this.
How to navigate the chaotic world of personal privacy rights regulations. When it comes to personal privacy rights laws, not knowing where all of your sensitive data is can be costly, time-consuming, and could have a significant impact on your brand and reputation. During this webinar, Jim Coalwell, Senior Product Manager, examines how Imperva is helping our customers find data they didn't know they had and how to avoid some of the pitfalls of complying with personal privacy rights regulations. The session ends with a Q&A so that Jim can answer live questions #CloudDataSecurity #AllImperva #jSonar #Dataprivacy #Webinar
0 comments

Data Risk Analytics (DRA) Integration with API - The Final Deep Dive!

By Doron Tzur posted 06-28-2021
Be the first person to recommend this.
In our previous blogs, I have described several Data Risk Analytics (DRA) integration use cases and how to configure and use the Syslog. In this final blog I discuss the DRA API and how it can be used. The cool thing about APIs is that you can provide configuration and entry points to the DRA from other systems (as you have seen in the use cases examples) and the even cooler thing is that you can actually enhance your experience by adding extra functionality that currently doesn’t exist. Let’s dive deeper into the subject. API Security DRA APIs use secure communications. Client and DRA communicate via encrypted traffic using certificate ...
0 comments

Manual Mitigation for CVE-2021-21985: VMware vCenter Server Virtual SAN Health Check plugin RCE

By Patrick Mccrudden(csp) posted 06-09-2021
Be the first person to recommend this.
Below are the manual mitigation for the recently published vulnerability CVE-2021-21985: VMware vCenter Server Virtual SAN Health Check plugin RCE Vulnerability Description: A vulnerability in VMware vCenter Server contains a flaw in the vSphere Client (HTML5) that is triggered as input passed to the Virtual SAN Health Check plug-in is not properly validated. With a specially crafted request to the /ui/h5-vsan/rest/ endpoint, a remote attacker can execute arbitrary commands. Cloud WAF customers are already protected OOTB. Below are manual mitigation steps to address CVE-2021-21985: VMware vCenter Server Virtual SAN Health Check plugin ...
0 comments

*Webinar* Live DDoS Attack - Mitigation in Action

By Sarah Lamont(csp) posted 06-08-2021
Be the first person to recommend this.
The Imperva community welcomes DDoS Principal Architect, Alex Bakshtein and DDoS attack expert James Mal, of Redwolf Security Inc. In this session you willl witness a live DDoS attack and see the Imperva DDoS mitigation solution in action. Our speakers explore and track the different challenges that organizations are faced with when under a DDoS attack and in the aftermath. In this session you will learn how to investigate and understand the components of a DDoS attack so that when – not if – a DDoS attack hits, you’re prepared to answer any questions that come your way. You will also get to see the Imperva DDoS mitigation solution in action. #DDoSProtectionforNetworks ...
0 comments

Integrating DRA with Syslog - The Deep Dive!

By Doron Tzur posted 06-07-2021
Be the first person to recommend this.
In the previous blog , I have described several Data Risk Analytics (DRA) integration use cases. In this blog I will dive deeper into how you can integrate your DRA with Syslog. DRA can send Syslog messages to products that use Syslog. For example: SIEM, SOAR, ELK and others. There are several options that can be configured based on your operational/business requirements including the target server, message format and what you actually want to send. Syslog server target You need to configure the target to which messages will be sent. This includes the IP, Port, Protocol (UDP/TCP) and facility. It is recommended that once you configure ...
0 comments

Webinar: DataSec 2021: Ensuring Compliance with Imperva Data Privacy

By Sarah Lamont(csp) posted 05-18-2021
Be the first person to recommend this.
The Imperva Community is delighted to welcome @Kobi Katzir , Imperva Director, Product Management, and Assaf Zweifler, Imperva Technical Product Manager, to discuss Data Privacy and how to leverage your Imperva Data Security products to ensure compliance. During this webinar, Kobi and Assaf address why Imperva Data Privacy is important for your organization and follow with a deep dive product demo . They also provide a sneak peek of what is ahead with a look at the product roadmap . As always, we end the session with a Q&A, answering user questions live. Do you have a question? Ask it below or start your own thread . #CloudDataSecurity ...
0 comments

7 Key Use Cases for Data Risk Analytics (DRA) Integration with Syslog and API

By Doron Tzur posted 05-12-2021
Be the first person to recommend this.
As the cybersecurity industry matures and modernizes, security products are required to integrate with a wider range of products within the customer ecosystem, this is also true for the Imperva Data Risk Analytics (DRA) product. We see more and more customers that want to use external products to manage the DRA incidents and in some cases do not even provide direct access to the DRA GUI to their users. Based on these requirements Imperva invested even more into functionality development so that DRA will have the ability to integrate it into different processes using modern devops and automation methods, mainly Syslog and APIs. This first blog ...
1 comment

*Webinar - Account Takeover - Is Your Organization At Risk?

By Sarah Lamont(csp) posted 04-26-2021
Be the first person to recommend this.
The Imperva Community is delighted to welcome @Lynn Marks , Imperva Product Manager, and Erez Hasson, Imperva Associate Product Marketing Manager, to discuss Account Takeover (ATO) and how it could impact your industry. During this webinar, Lynn and Erez discuss ATO, how it occurs and why it is a prevalent issue for the full range of industries. They follow this with a deep dive into specific industry cases, showing the impact of ATO and how tools like Imperva’s Account Takeover Protection can mitigate organizational risk. As always, the session ends with a Q&A allowing the team to answer your user questions directly. To receive a copy of the Bad Bot Report ...
0 comments

Webinar: DRA Integration with API and Syslog

By Sarah Lamont(csp) posted 03-31-2021
Be the first person to recommend this.
The Imperva Community welcomed , Imperva Customer Success Manager , to discuss how to integrate Data Risk Analytics (DRA) into your eco-system using API and Syslog. Modern eco-systems are very complex and have multiple products that interact with each other to increase productivity through automation and devops processes. In this technical session you will see several examples of how customers integrate DRA using Syslog and APIs. You will understand how to configure DRA and see an example of how DRA API was used to enhance the DRA capabilities. Got a question? Ask it below or start a new thread by posting it here . ​ #DataRiskAnalytics ...
1 comment

Manual Mitigation for recently published PHP Git Repository Hack

By Patrick Mccrudden(csp) posted 03-30-2021
Be the first person to recommend this.
Yesterday it was published that the official PHP Git repository was hacked and a RCE Backdoor was committed into the PHP base code. PHP is one of the popular server-side programming languages to power over 79% of the websites on the Internet, thus making this vulnerability a very critical one. More information on the disclosed vulnerability can be found here: https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/ Vulnerability Description: The official PHP Git repository was hacked and a RCE Backdoor was committed into the PHP base code. Cloud WAF customers and On-Prem customers that have ...
0 comments

Webinar: Advanced Bot Protection - Ask Me Anything

By Sarah Lamont(csp) posted 03-29-2021
Be the first person to recommend this.
Join us for this month’s Advanced Bot Protection AMA (Ask Me Anything) community webinar where we are joined by @Jim Burtoft (prm) , Sr. Sales Engineer and @John Cosgrove , Sr. Product Manager. During this AMA the team share their unique insights on working behind the scenes at Imperva, sharing some of their ABP best practices and tips to securing workloads, and a little of what’s coming on the horizon. This webinar is mostly an open forum where we field your ABP questions live. Do you have another question? Ask it below or start a new discussion here . #AdvancedBotProtection #AllImperva #Webinar
0 comments

* Webinar * CloudWAF New Features Demo

By Sarah Lamont(csp) posted 03-25-2021
Be the first person to recommend this.
The Imperva Community welcomes @Allegra Dan , Imperva Product Manager , to introduce some of the upcoming features on CloudWAF. What's new in CloudWAF? During this session, Allegra provides an overview of the latest feature releases in Imperva's CloudWAF, including a demonstration of the upcoming enhancements to the User Interface - navigation revamp and features, as well as the new SaaS Analytics. Allegra answers many attendee questions throughout the session and will address any additional questions in an upcoming Q&A blog. Watch this space for the next webinar in the series! #AllImperva #CloudWAF(formerlyIncapsula) ​
2 comments

Manual Mitigation for CVE-2021-22986

By Patrick Mccrudden(csp) posted 03-24-2021
Be the first person to recommend this.
A recent vulnerability found in F5 BIG IP , assigned CVE-2021-22986. The vulnerability allows unauthenticated remote attackers to execute arbitrary code on vulnerable BIG-IP devices. Vulnerability Description: On March 10th F5 published a security advisory with 21 CVEs. The most critical one (CVE-2021-22986) can be exploited for unauthenticated remote code execution attacks. In the past week, several security researchers have reverse engineered the Java software patch published by BIG-IP and posted tweets and blogs with detailed POCs. We observed multiple exploitation attempts against our customers in the last 4 days. Cloud WAF customers and ...
0 comments

Manual Mitigation for CVE-2021-26855: Microsoft Exchange Server

By Patrick Mccrudden(csp) posted 03-05-2021
2 people recommend this.
After further information has become available we have revised our manual mitigation advisory and updated the post: A recent vulnerability found in Microsoft Exchange Server, assigned CVE-2021-26855. The vulnerability allows the server to be induced into performing unintended actions (Server Side Request Forgery aka SSRF). By sending a specially crafted request to the application, the server can be used to conduct host-based attacks. Vulnerability name: CVE-2021-26855: Microsoft Exchange Server HAFNIUM SSRF Vulnerability description: Microsoft Exchange Server contains a flaw related to request handling between a user and a server, where the ...
1 comment

Manual Mitigation for CVE-2021-21972

By Patrick Mccrudden(csp) posted 03-02-2021
Be the first person to recommend this.
A recent vulnerability found in VMware vCenter server, assigned CVE-2021-21972. The vulnerability allows non-authorized clients to execute arbitrary commands and send requests on behalf of the targeted server via file upload. Vulnerability Description: You can read more about it in blogpost published by PT SWARM in the following link: https://swarm.ptsecurity.com/unauth-rce-vmware/ Cloud WAF customers and On-Prem customers that have “SecureSphere Emergency Feed” (THR feeds) are already protected OOTB. Below are manual mitigation steps to address VMware vCenter Exploitation (for On-Prem customers): Create a new manual dictionary ...
0 comments

Webinar - Edge Security 2021: Introducing Imperva’s New Managed DNS

By Sarah Lamont(csp) posted 03-02-2021
Be the first person to recommend this.
In this webinar @Gil Osovsky (csp) , Customer Success Manager, and Hemmy Yona, Sr Engineering Manager Edge Services, give an overview of Imperva’s Edge Security solutions including an in-depth look at our leading DDoS Protection and an introduction to our latest Edge Security enhancement – Managed DNS. The session looks at how the increase in online traffic threatens your network and applications; why recovery time from a DDoS attack is much longer than the attack itself and how DNS Protection secures your domains at the Edge for uninterrupted operations. We welcome your comments and questions below or, if you would like to start a new discussion, ...
0 comments

Manual Mitigation for Zero-Day vulnerability disclosure in Accellion FTA

By Patrick Mccrudden(csp) posted 02-26-2021
Be the first person to recommend this.
**Updated 5th March 2021** A recent zero-day disclosure was published for Accellion FTA as part of an attack campaign where cyber criminals exploit Accellion FTA for data theft and Extortion. Vulnerability Description: You can read more about it in the original disclosure blogpost published by FireEye in the following link: https://www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html Cloud WAF customers and On-Prem customers that have “SecureSphere Emergency Feed” (THR feeds) are already protected OOTB. Below are manual mitigation steps to address Accellion FTA Exploitation (for On-Prem ...
0 comments

Webinar: Introduction to the Imperva Mobile App

By Sarah Lamont(csp) posted 02-17-2021
Be the first person to recommend this.
Never Miss Another Critical Update! The Imperva Community welcomes Itai Gal, Imperva Product Manager , to introduce Imperva’s new Mobile Security App in the latest community webinar. In this session, Itai discusses the pain points of remote security management and how the new Mobile Security App addresses these issues. You’ll get the first look at our new Mobile App demo, with onboarding walk-through and key feature callouts. As always, we close out the session with Q&A—if you have any additional questions for our presenters, you can post them right here on the community. #AllImperva #Webinar
0 comments