Community Blogs

The Imperva Community welcomed , Imperva Customer Success Manager , to discuss how to integrate Data Risk Analytics (DRA) into your eco-system using API and Syslog. Modern eco-systems are very complex and have multiple products that interact with each other to increase productivity through automation and devops processes. In this technical session you will see several examples of how customers integrate DRA using Syslog and APIs. You will understand how to configure DRA and see an example of how DRA API was used to enhance the DRA capabilities. Got a question? Ask it below or start a new thread by posting it here . ​ #DataRiskAnalytics ...

Yesterday it was published that the official PHP Git repository was hacked and a RCE Backdoor was committed into the PHP base code. PHP is one of the popular server-side programming languages to power over 79% of the websites on the Internet, thus making this vulnerability a very critical one. More information on the disclosed vulnerability can be found here: https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/ Vulnerability Description: The official PHP Git repository was hacked and a RCE Backdoor was committed into the PHP base code. Cloud WAF customers and On-Prem customers that have ...

Join us for this month’s Advanced Bot Protection AMA (Ask Me Anything) community webinar where we are joined by @Jim Burtoft (prm) , Sr. Sales Engineer and @John Cosgrove , Sr. Product Manager. During this AMA the team share their unique insights on working behind the scenes at Imperva, sharing some of their ABP best practices and tips to securing workloads, and a little of what’s coming on the horizon. This webinar is mostly an open forum where we field your ABP questions live. Do you have another question? Ask it below or start a new discussion here . #AdvancedBotProtection #AllImperva #Webinar

The Imperva Community welcomes @Allegra Dan , Imperva Product Manager , to introduce some of the upcoming features on CloudWAF. What's new in CloudWAF? During this session, Allegra provides an overview of the latest feature releases in Imperva's CloudWAF, including a demonstration of the upcoming enhancements to the User Interface - navigation revamp and features, as well as the new SaaS Analytics. Allegra answers many attendee questions throughout the session and will address any additional questions in an upcoming Q&A blog. Watch this space for the next webinar in the series! #AllImperva #CloudWAF(formerlyIncapsula) ​

A recent vulnerability found in F5 BIG IP , assigned CVE-2021-22986. The vulnerability allows unauthenticated remote attackers to execute arbitrary code on vulnerable BIG-IP devices. Vulnerability Description: On March 10th F5 published a security advisory with 21 CVEs. The most critical one (CVE-2021-22986) can be exploited for unauthenticated remote code execution attacks. In the past week, several security researchers have reverse engineered the Java software patch published by BIG-IP and posted tweets and blogs with detailed POCs. We observed multiple exploitation attempts against our customers in the last 4 days. Cloud WAF customers and ...

After further information has become available we have revised our manual mitigation advisory and updated the post: A recent vulnerability found in Microsoft Exchange Server, assigned CVE-2021-26855. The vulnerability allows the server to be induced into performing unintended actions (Server Side Request Forgery aka SSRF). By sending a specially crafted request to the application, the server can be used to conduct host-based attacks. Vulnerability name: CVE-2021-26855: Microsoft Exchange Server HAFNIUM SSRF Vulnerability description: Microsoft Exchange Server contains a flaw related to request handling between a user and a server, where the ...

A recent vulnerability found in VMware vCenter server, assigned CVE-2021-21972. The vulnerability allows non-authorized clients to execute arbitrary commands and send requests on behalf of the targeted server via file upload. Vulnerability Description: You can read more about it in blogpost published by PT SWARM in the following link: https://swarm.ptsecurity.com/unauth-rce-vmware/ Cloud WAF customers and On-Prem customers that have “SecureSphere Emergency Feed” (THR feeds) are already protected OOTB. Below are manual mitigation steps to address VMware vCenter Exploitation (for On-Prem customers): Create a new manual dictionary ...

In this webinar @Gil Osovsky (csp) , Customer Success Manager, and Hemmy Yona, Sr Engineering Manager Edge Services, give an overview of Imperva’s Edge Security solutions including an in-depth look at our leading DDoS Protection and an introduction to our latest Edge Security enhancement – Managed DNS. The session looks at how the increase in online traffic threatens your network and applications; why recovery time from a DDoS attack is much longer than the attack itself and how DNS Protection secures your domains at the Edge for uninterrupted operations. We welcome your comments and questions below or, if you would like to start a new discussion, ...

**Updated 5th March 2021** A recent zero-day disclosure was published for Accellion FTA as part of an attack campaign where cyber criminals exploit Accellion FTA for data theft and Extortion. Vulnerability Description: You can read more about it in the original disclosure blogpost published by FireEye in the following link: https://www.fireeye.com/blog/threat-research/2021/02/accellion-fta-exploited-for-data-theft-and-extortion.html Cloud WAF customers and On-Prem customers that have “SecureSphere Emergency Feed” (THR feeds) are already protected OOTB. Below are manual mitigation steps to address Accellion FTA Exploitation (for On-Prem ...

Never Miss Another Critical Update! The Imperva Community welcomes Itai Gal, Imperva Product Manager , to introduce Imperva’s new Mobile Security App in the latest community webinar. In this session, Itai discusses the pain points of remote security management and how the new Mobile Security App addresses these issues. You’ll get the first look at our new Mobile App demo, with onboarding walk-through and key feature callouts. As always, we close out the session with Q&A—if you have any additional questions for our presenters, you can post them right here on the community. #AllImperva #Webinar

Imperva Customer (Support) Portal 2021 – Your Video Guide! Chief Customer Officer, Nanhi Singh, introduces Imperva’s new Customer Support Portal! We are excited to announce that we will be launching the new Imperva Customer Portal on February 13, 2021 at 9:00pm PST . This one-stop, unified customer (support) portal will combine our four existing portals into one, providing you with visibility into support cases for all of your Imperva products. Not only will you see improvements in user experience and functionality, but there will also be resources and information provided to you so that you can spend less time behind the scenes with us ...

The Imperva Community welcomes @Eyal Gur , Imperva Product Manager , back to the webinar series to talk about recent updates to WAF Gateway and the 2021 roadmap. In this session, Eyal will walkthrough the new features our customers and partners need to know about. We will save some time for Q&A. You can ask your questions in the Zoom chat, and I also recommend you ask your question on the Community now or after the presentation. Ask it here . #On-PremisesWAF(formerlySecuresphere) #Webinar #video

Recently a new vulnerability was discovered related to SolarWinds Orion API. Vulnerability description: The SolarWinds Orion Platform is a suite of infrastructure and system monitoring and management products. The SolarWinds Orion API is embedded into the Orion Core and is used to interface with all SolarWinds Orion Platform products. API authentication can be bypassed by including specific parameters in the Request.PathInfo portion of a URI request, which could allow an attacker to execute unauthenticated API commands. In particular, if an attacker appends a PathInfo parameter of WebResource.adx, ScriptResource.adx, i18n.ashx, or Skipi18n to a ...