Community Blogs

Good Bots, Bad Bots, and Sneaker Bots: Categorizing Automation by Intent and Transparency

By Brooks Cunningham posted 11 minutes ago
Be the first person to recommend this.
Users and security professionals aren’t always on the same page when it comes to defining a “bad bot”. “How do I buy a good bot so I can buy the sneakers I want?” This question, which came up during a recent seminar on Cloud WAF Advanced Bot Protection , points to something incredibly important in the world of bot mitigation. It’s not always easy to tell what distinguishes a “good bot” from a “bad bot”, or what those terms really imply when it comes to using automation tools on the Internet. There are entire capital enterprises built on the use of automation tools to collect, categorize, and analyze data online. Bots are incredibly ...
0 comments

Cloud WAF ABP - How to Win the BOT War - Webinar

By Christopher Detzel posted 4 days ago
Be the first person to recommend this.
In this video we will talk about bad BOT risks, we go over some case studies and walk you through a technical deep dive into BOT mitigation. #AdvancedBotProtection #CloudWAF(formerlyIncapsula) #video #
0 comments

Cloud WAF Advanced Bot Protection (ABP) Transcript and Video from Webinar

By Christopher Detzel posted 13 days ago
Be the first person to recommend this.
In this community webinar, Brooks Cunningham Manager, Service Operations, took us on an inside view of: 1. Overview of Cloud WAF reporting 2. Overview of configuring the policies 3. Overview of debugging Chris Detzel: (00:16) Thank you, everyone for attending today's webinar. I'm going to go ahead and share my screen. Like I said before, if you weren't on, I only have two slides, Brooks has no slides, it's all demo and going to... Showing you how to do some cool things. So, my name is Chris Detzel, and I am the community manager here at Imperva. If you can't tell my background, Imperva Community, just got that up and running yesterday. So, I'm ...
0 comments

Impervian Community Spotlight: Rakesh Chinta, Database Security Specialist, IHiS Singapore

By Christopher Detzel posted 28 days ago
Be the first person to recommend this.
Imperva’s DAM solutions help secure the data of millions of healthcare patients in Singapore. Singapore’s Integrated Health Information Systems (IHiS) is a multi-award winning tech agency responsible for digitizing, connecting, and analyzing Singapore’s healthcare system for more than 50,000 users. IHiS enables smooth, secure information exchange and analysis between the sovereign city-state’s 14 public hospitals, using the latest techniques to gather actionable insights for the island’s growing population. Managing and analyzing patient data securely is no easy feat. Database security specialist stepped up to the responsibility by leveraging ...
0 comments

Accurate Detection Is the First Step to Effective Bot Mitigation

By Brooks Cunningham posted 04-28-2020
Be the first person to recommend this.
https://unsplash.com/photos/y6HpQzW87Vc Learn about the state-of-the-art technologies Imperva uses to detect bots 2014 was the first year bots outnumbered human users online . That number has only increased since then, and is virtually guaranteed to continue. In previous articles, we’ve talked about how Imperva differentiates good bots from bad bots, and what kinds of strategies are effective against various kinds of bad bots. But all of these processes rely on a single, all-important first step – distinguishing between bots and legitimate users. Bots are simply software applications that run scripts on the Internet. Simple bots are ...
0 comments

Imperva Product Updates - Imperva On-Premises Version 14.1 Release

By Ira Miga posted 04-23-2020
1 person recommends this.
Version 14.1 for Imperva On-Premises products was released on April 6th 2020 . In this release one of the major changes was the underlying operating system update, which allows Imperva products newer Cloud instances support, security hardening and introducing Next Generation Reverse Proxy, as a new deployment mode for Imperva On-Premises WAF. Imperva On-Premises WAF and DAM products running version 13 and below are based operating system CentOS 6.3. CentOS 6 will reach End of Life by the end of November 2020. New CentOS version allows better security, stability, as well as ability to deliver patches and new features faster. There are some important ...
0 comments

Transcript and Video from Webinar: How to Protect Data and be Compliant When Embracing the Cloud

By Christopher Detzel posted 04-21-2020
Be the first person to recommend this.
Photo by Pixabay from Pexels Take a look at the Webinar that hosted for Community Members here. Transcript from Ran's Webinar on How to Protect Data and be Compliant When Embracing the Cloud Christopher Detzel ( 00:29 ): Welcome, everybody. Thank you for coming to the community online webinar called How to Protect Data and Be Compliant When Embracing the Cloud. Christopher Detzel ( 00:38 ): I have a special guest today on, Ran Rosin . He's director of product management. So, I will not be presenting today, but I will lay down some of the ground rules. So let me do that first, but definitely welcome. Thank you ...
0 comments

HashiCorp Terraform: Cloud-Agnostic Deployment and Provisioning for Imperva Cloud WAF

By Brian Anderson posted 04-20-2020
Be the first person to recommend this.
https://unsplash.com/photos/GDP_CXFHiuI Integrating Security as Infrastructure as Code with HashiCorp’s Terraform The DevOps framework is all about removing production bottlenecks through automation and integration. For many enterprises, introducing security gets in the way of DevOps-oriented infrastructural goals. This is especially true of enterprises that make extensive use of cloud-based applications and services. Two out of three enterprise IT specialists say security is their primary concern when it comes to adopting cloud computing strategies. HashiCorp Terraform is a cloud-agnostic deployment and provisioning tool that allows ...
0 comments

Incapsula-CLI: An Easy-to-use Interface for Imperva’s Cloud WAF

By Brian Anderson posted 04-13-2020
Be the first person to recommend this.
https://unsplash.com/photos/pjAH2Ax4uWk Take control of Incapsula using a command-line interface Command-line interfaces (CLIs) offer users the ability to invoke system functions and operations, including interacting with external systems, in an easy to use text based format. Cloud WAF users can use the Incap-CLI to invoke remote API calls to automate daily tasks with simple and easy to understand commands, as opposed to having to write the underlying code to make those API calls on their own. How to Use Incapsula-CLI Incapsula-CLI is an open source project available on Imperva’s GitHub repository . It’s a Python application ...
0 comments

Webinar: GitHub Tools - Imperva API Composer Transcript and Video

By Christopher Detzel posted 04-09-2020
Be the first person to recommend this.
https://unsplash.com/photos/LG8ToawE8WQ Chris Detzel: (00:14) Welcome everybody, my name is Chris Detzel, and this is our first Community Online Webinar. I'm very excited about today's topic with Brian Anderson, Director of Technology, and our focus today will be GitHub Tools- Imperva API Composer: Open Source On-Prem and Cloud WAF Request Call Automation. That's a lot to say, but I could have done a better job on the topic. But I think that you're in for a treat today. I had the opportunity to talk to Brian about three or four weeks ago around this topic. He walked me through the tools and it's just jam-packed full of really great stuff and so ...
0 comments

5 Things to Know About Imperva RASP

By Simon Dickerson posted 04-07-2020
Be the first person to recommend this.
Caption Imperva Run-time Application Self protection (RASP) is a server-side security solution for applications, providing application security by default. Here are 5 things to know about Imperva RASP: RASP and a WAF are complementary A Cloud WAF does it's work at the edge. It's good for keeping previously known bad traffic off of your infrastructure which is not only good for security but also good for saving money. However, not all bad traffic is previously known (i.e. signatures/patterns haven't been determined, bad guys are constantly changing tactics). For example, attacks targeting 0-day vulnerabilities found in your 3rd party software ...
0 comments

Automated Certificate Management and Security Policy Migration Made Easy

By Brian Anderson posted 04-06-2020
Be the first person to recommend this.
https://unsplash.com/photos/NLE9RCsxX3c Imperva’s automated capabilities help users implement consistent security solutions and maintain operations at the speed of business. The key to world-class security is consistency. The cybersecurity chain is only as strong as its weakest link. Most organizations expose their weakest links when performing complex manual operations. The more manual steps in any single business process, the harder it is to adequately manage it operationally. This problem is amplified when trying to insert security into an existing application deployment process, unless those solutions can support the existing process and ...
0 comments

Impervian Community Spotlight: Jason Park, CISSP, CISM, Network Security, Internal Services for the County of Los Angeles

By Christopher Detzel posted 04-01-2020
Be the first person to recommend this.
Jason Park, CISSP, CISM, Network Security, Internal Services for the County of Los Angeles Learn about how Imperva products help municipal institutions catch cybercriminals, improve election security, and keep local governments running smoothly. 2019 was a tough year for government cybersecurity. More than 70 state and local governments throughout the United States found themselves targeted by ransomware, with high-profile cases like Atlanta and New Orleans making national headlines. According to Barracuda Networks, two out of every three ransomware attacks in the United States targeted a government institution. City and county-level institutions ...
1 comment

Imperva API Composer: Open Source On-Premise and Cloud WAF Automation

By Brian Anderson posted 03-30-2020
1 person recommends this.
https://unsplash.com/photos/842ofHC6MaI Integrating security into your application provisioning process is easy with Imperva’s open source API Composer tool, available on GitHub. Application programming interfaces ( APIs ) are the cornerstone of many an enterprise’s core business functionality. These powerful tools streamline development and allow for easy, standardized feature implementation in a wide range of contexts. Imperva’s on-premise Gateway WAF and Cloud WAF technologies can help protect both external and internally facing business critical applications, but introducing security can not break the current deployment processes used ...
0 comments

Five Bot Threats and Mitigation Strategies Explained

By Brooks Cunningham posted 03-26-2020
1 person recommends this.
https://unsplash.com/photos/kBUfvkbFIoE Discover how Imperva’s holistic approach to bot defense detects and mitigates malicious bot behavior. The larger an enterprise’s web presence is, the greater a surface area it provides to cyberattackers. Today’s hackers use highly automated systems to probe for vulnerabilities, carry out cyberattacks, and scrape data from public-facing web pages. Enterprises are leading the overall growth of web application and user interconnectivity. The enterprise networking market is growing at a rate of 30.8% per year . At the same time, Gartner expects 5.8 billion enterprise and automotive IoT endpoints will be ...
0 comments

What Kinds of Threats Does ATO Protection Mitigate?

By Nadav Avital posted 03-16-2020
Be the first person to recommend this.
https://unsplash.com/photos/fzOITuS1DIQ ATO Protection addresses attack strategies typically underserved by other cybersecurity technologies. Two and a half thousand years ago, on the banks of the Yellow river near the modern-day city of Luoyang, a horse-mounted general scribbled a note to himself that would change history: The skillful leader subdues the enemy's troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field The value of the practical advice in Sun Tzu’s Art of War has made it one of the most revered books in history. Over ...
0 comments

WAF and RASP: Best Practice for Defense in Depth

By Simon Dickerson posted 03-13-2020
1 person recommends this.
https://unsplash.com/photos/OqtafYT5kTw Many would ask why do you need a RASP solution if WAF's layer of defense is so powerful. I will answer that question in this blog. With all the high profile security breaches the topic of application security forefront, a ll internet-facing applications are subjected to a constant barrage of probes and attacks. A good solid security strategy is vital with the many different forms of attacks needing to be considered. A multi-layered approach, such as Imperva Application Security provides protection including a Web Application Firewall (WAF), DDoS protection, Bot management, and RASP and can provide ...
0 comments

Advanced Bot Mitigation: How Imperva Protects Websites, Mobile Apps, and APIs

By Brooks Cunningham posted 03-09-2020
Be the first person to recommend this.
https://unsplash.com/photos/YmgTIrUJCgc Distinguishing between “good” bots and “bad” bots is key to implementing a solid security framework. Automated web traffic is a fundamental part of the Internet. The bots that generate this traffic come from a wide variety of sources, from Google’s harmless web crawling to malicious hackers targeting government voter registration pages. In fact, bots drove almost 40% of all collected Internet traffic in 2018. That means that out of every ten Internet users, only six are actually human beings sitting behind a computer or peering into a smartphone. The vast proliferation of bots is a concerning ...
0 comments

Imperva Product Updates - Chromium SameSite Cookie Attribute Update

By Ira Miga posted 03-03-2020
Be the first person to recommend this.
As of February 2020, Google Chrome and other Chromium-based browsers have stopped sending third-party cookies in cross-site requests unless the cookies are secured and flagged using an IETF standard called SameSite . This article provides an information for Imperva On-Prem WAF customers about the change and how to make sure this functionality is supported. The SameSite cookie attribute gives websites control over how to handle their cookies, specifically by not sending cookies to third-party sites. In allowing our customers to control where cookies are sent, their application will be protected against CSRF since an attacker cannot obtain information ...
3 comments

Impervian Community Spotlight: Cezmi Çal, Certified Ethical Hacker, Barikat Cyber Security

By Christopher Detzel posted 03-02-2020
Be the first person to recommend this.
Cezmi Çal provides world-class security services to clients through one of Turkey’s leading cybersecurity firms. Imperva technology can be found everywhere there are security challenges to mitigate, from small businesses to multi-national government security vendors. Today’s spotlight shines on an information security expert and certified ethical hacker whose company, Barikat, holds NATO-grade security clearances and National Defense Ministry contracts. Barikat Internet Security earned its place as Turkey’s top-ranking security service provider in 2019 . It is through the work of people like expert information security specialist @cezmi ...
0 comments