Blogs

1 person likes this.
. An origin server is the endpoint where HTTP requests are ultimately directed to retrieve resources necessary for browsing a site or submitting data to perform actions, such as registering or updating a user's profile. In modern web architectures, particularly those utilizing a Content Delivery Network (CDN), there is a clear distinction between origin servers (which host the original content) and edge servers (which cache and serve content closer to end users). When a site is onboarded to the cWAF, an additional layer is introduced. The WAF is now positioned between the user and the origin server, inspecting incoming traffic for security threats. Every ...
0 comments
1 person likes this.
Hi Community I wanted to bring this brand new report to your attention as it has some really valuable information. Ever wondered what the real annual cost of API and BOT insecurity is? We have the answer: Approx. $186 billion Imperva engaged the Marsh McLennan Cyber Risk Intelligence Center to produce this new report on the economic impact of API and BOT attacks. Over 161,000 unique cybersecurity incidents were analysed in this study and here are some of the key insights and t akeaways for you to consider: API and Bot-Related Security Incidents Grow at an Alarming Rate With the rapid adoption of APIs in the modern business ...
0 comments
Be the first person to like this.
DigiCert's recent announcement regarding the revocation of certificates due to improper Domain Control Verification (DCV) highlights the critical need for robust certificate management solutions. In an environment where even minor non-compliance can lead to significant disruptions, managed certification services like those offered by Imperva can play a vital role in ensuring continuous compliance and operational stability. The Challenge of Certificate Management DigiCert's incident involved a technical oversight where a required underscore prefix in DNS CNAME records was omitted, leading to the revocation of approximately 0.4% of their certificates. ...
0 comments
Be the first person to like this.
Hi Community, I am excited to share with you Imperva’s 2024 DDoS Threat Landscape Report. The report delivers an in-depth analysis of DDoS attack activity during 2023 and 2024. Here are some key takeaways: Increase in DDoS attacks mitigated by Imperva. In the first half of 2024, Imperva successfully mitigated 111% more DDoS attacks compared to the same period the previous year, highlighting the need for robust security measures. Application Layer DDoS attack of 4.7 million Requests Per Second (RPS) . The most notable attack in the first half of 2024 was an Application ...
0 comments
Be the first person to like this.
Hi Community, Just a heads up that you can now find recordings of our recent webinars at the links below. Be sure to log in to the community using your support portal credentials. If you have any follow-up questions or were unable to attend, I encourage you to share your thoughts under the recording or start a new discussion thread. Mitigating Polyfill Supply Chain Attack Advanced Bot Protection: Bad Bot Defense Best Practices Adaptive L7 DDoS Threshold – New feature Spotlight Optimizing Cloud WAF Security: Enriched Security Events UX Deep Dive You can find all webinar recordings here . Having ...
0 comments
1 person likes this.
Hi Community, This is just a brief note to make sure that you don’t miss important communications from Imperva. Imperva is now part of Thales Group. Add @thalesgroup.com to your Safe Senders List to keep receiving emails from us as we begin transitioning our email domain. If you would like to learn more about Thales and Imperva, check out the information below. Thales + Imperva: Creating a Global Leader in Cybersecurity Welcome to Imperva with Steve Walden Why Imperva + Thales
0 comments
Be the first person to like this.
Hi Community, Did you know that you can subscribe to our release notes to make sure that you receive all updates directly to your email inbox? The se release notes provide information on changes and enhancements in each release. Unless otherwise specified, the changes described here are rolled out throughout the week and may not be immediately available in all accounts. You can also view the customer-facing release notes online here . Cloud Application Security Release Notes June 16. 2024 Heads Up: DNS Protection - Simplified DNS threshold configurations for attacks In the coming weeks we're introducing a simplified ...
0 comments
1 person likes this.
Hi Community, In case you missed it, I thought you might be interested in Imperva’s 11th annual Bad Bot Report that we released last month. You can download the full report here . This year's report is based on data from our global network in 2023, including 6 trillion blocked bad bot requests , and focuses on bad bot activity at the OSI model’s layer (layer 7) . These bot use cases are entirely different from volumetric DDoS attacks, which manipulate lower-level network protocols. Highlights of this year’s report Bad Bots account for 32% of automated traffic - a 1.8% increase from 2022 Increase driven ...
0 comments
1 person likes this.
Hi Community, I am excited to announce the release of the State of API Security in 2024 report , a new report based on our threat research and the first report on API Security published by Imperva. The State of API Security in 2024 Report highlights how APIs and their increased usage are significantly changing the threat landscape. In 2023, the number of API-targeted attacks rose significantly. Attacks targeting the business logic of APIs constituted 27% of attacks in 2023, a growth of 10% since the previous year. Account Takeover (ATO) attacks targeting APIs also increased from 35% in 2022 to 46% in 2023. Based on data from Imperva ...
0 comments
1 person likes this.
As organizations continue to enhance their security posture, the need for efficient and effective log management solutions becomes increasingly critical. Imperva recognizes this necessity and is excited to introduce the new HTTP Event Collector (HEC) integration for Splunk, offering a streamlined approach to log delivery and management. Splunk's (HEC) offers a secure and simple integration method for all Imperva log types, including ABP, ATO, and also future ones. HEC complies with near real-time (NRT) delivery methods, with an SLA of less than 5 minutes. This ensures swift analysis and response to security events, enhancing overall security posture. ...
0 comments
Be the first person to like this.
Hi Community, Our recent blog post highlighted that there is a widely reported HTTP/2 vulnerability that can be used to generate a DDoS. This is primarily of interest to our Cloud WAF customers, although WAF Gateway customers may also wish to know more. The following steps can be used for mitigation: Description Recently, a class of vulnerabilities in HTTP/2 implementations was published, dubbed HTTP/2 CONTINUATION Flood . This attack leverages the CONTINUATION frame that is being sent without setting the END_HEADERS, which in return creates an infinite stream of headers that HTTP/2 server would need to parse and store in memory. ...
0 comments
1 person likes this.
Nadav Avital, Senior Director, Threat Research HTTP/2 , a widely adopted web communication protocol, organizes data transmission through a binary framing layer, wherein all communication is divided into smaller messages called frames, each identified by a specific type, such as headers, data, and continuation frames. HTTP/2 HEADER frames facilitate the transmission of HTTP headers for requests and responses, employing the HPACK encoding algorithm for compression and efficiency. These frames can be marked with flags like END_HEADERS, indicating completion of header transmission, and END_STREAM, denoting the absence of further request/response body. ...
0 comments
2 people like this.
Hi Community I’m sure you are already aware but on December 1, 2023, Thales closed its acquisition of Imperva. We are excited about the possibilities ahead of us. Thales and Imperva have a shared value of putting the customer first and will lead with that customer obsession to provide the highest level of service to our customers. You can find more information here . We will continue to provide updates as we move through the integration process. For now, check out the video below for a very brief welcome message from Steve Walden , Global VP of Client Services at Thales. #AccountTakeOver ...
0 comments

Happy Holidays!

1 person likes this.
Hi Community, I just wanted to take a moment to wish Happy Holidays to all who celebrate. I will be taking some time to rest and get ready for a super busy 2024. I can't wait. For those who will continue to be busy over the coming days and weeks, I hope you continue to find the answers you need here on Community. If not, feel free to open a support ticket. 2024 will kick off with some great live events, including a session for our customers in and around the APAC region. Be sure to sign up here . Thank you all for supporting Community during 2023. Happy Holidays and a prosperous New Year! #AllImperva
0 comments
Be the first person to like this.
Catch up on this great session with Rob Jammes , Director, Professional Services, and John Dougherty , Principal Security Consultant, Professional Services for this in depth look at API security and how Imperva can help you solve the mystery of Hidden APIs. The team looks at the challenges faced by Stan, an intrepid security engineer, discovering an active mystery during a web attack. Watch this session to ensure that you have the the skills and tools required to discover and manage hidden APIs... The team approaches this session by looking at the challenges faced by an intrepid security engineer discovering an active mystery ...
0 comments
Be the first person to like this.
Earlier this year Imperva announced its partnership with Kong , for enhanced API management. We were delighted to welcome leaders from Imperva and Kong to discuss how to enhance your API Management strategy with a range of API Security options. Catch up on this webinar with Mark Sivill , Senior Solutions Engineer at Kong and Luke Babarinde , Global Solutions Architect at Imperva to learn how you can discover, manage and protect your APIs without slowing down the speed of your business. This webinar will provide insights and practical guidance on how to strengthen your API strategy. Be sure to watch to the end to hear the team answer audience questions. ...
0 comments
2 people like this.
I am delighted to introduce our newest Community Champion, @Luis Elola . Luis has been a member of community for just over one year. In this time, he has shared his extensive knowledge and asked questions that have added great value to our community. "The Imperva Community provides me with opportunities to socialize with cybersecurity colleagues, share experiences and learn from the ideas of others, taking my own knowledge to the next level of advising cybersecurity services and solutions, this in direct benefit to our clients and partners". Luis is based in Santiago, Chile and has been a Cybersecurity Product & Advisor Manager at ...
0 comments
Be the first person to like this.
APIsec Endpoint will only be available under the policy section if Automatic Integration is enabled before the endpoint is discovered and baselined. If Automatic Integration is enabled after endpoint is discovered and baselined, then endpoint will not be visible under the policy section and therefore the endpoint will not be protected by APIsec security policy. How to make APIsec endpoint appear in APIsec policy section. Disable the Automatic Integration and Save the configuration. Then enable the Automatic Integration and Save the configuration. After above steps, you should see the endpoint under APIsec policy and therefore it is ...
0 comments
Be the first person to like this.
APIsec Endpoints will get only discovered when all the below conditions are met In the API response, http status code should be between 2xx and 3xx. If http status code contains 1xx, 4xx or 5xx, then APIsec endpoints will not be discovered. If the Response body or Content-length of API response is <10000 bytes. Currently this is hard coded limit and cant be changed If Content-type indicates that response is an API response. Content-type for valid API response would be application/json, application/xml When all the above 3 conditions are matched, only then the API endpoints will be discovered. If API call satisfy all the above 3 criteria and ...
0 comments
Be the first person to like this.
Today, I’d like to talk about SYN cookies and how they can help protect your network from SYN and TCP floods, which are very harmful cyberattacks, cyberattacks on the Network layer 3/4. Have you ever experienced a situation where your network was bombarded with a lot of SYN and TCP flood attacks, causing problems like false alarms or making it hard to connect to your servers during these attacks? Don’t worry!! Our SYN cookies feature , which can be enabled by request, can come to the rescue. It’s designed to deal with these attacks effectively while keeping false alarms to a minimum. Let’s simplify what SYN cookies are: SYN cookies are often employed ...
0 comments