Community Blogs

Be the first person to recommend this.
Photo found here https://unsplash.com/photos/ZEDvSzgS4FA Internet service providers have good reason to provide their users with DDoS protection services. ISPs with a better track record of mitigating DDoS attacks enjoy a better reputation for security, which improves sales and allows them to charge more. They can then use their increased earnings to invest in better DDoS solutions. The cycle reinforces itself. This, at least, is a simplified version of how things should go. In practice, however, ISPs are rarely able to provide best-in-class security to their users. While DDoS protection is an important value-add for ISP providers, cybersecurity ...
0 comments
Be the first person to recommend this.
Impervian Community Spotlight: Mayur Palanichamy, Database Security Specialist, IHiS Singapore Imperva’s cybersecurity solutions help secure millions of patient data records in Singapore. Singapore’s Integrated Health Information Systems (IHiS) is an IT provider powering the island nation’s digital healthcare strategy and architecture. The multi-award-winning tech agency digitizes, connectors, and analyzes patient data for users in 14 public hospitals. Managing and analyzing patient data to deliver actionable insight for the island’s growing population is not easy. IHiS depends on database security specialists like Mayur to secure patient data ...
0 comments
Be the first person to recommend this.
In this webinar, we will walk you through some key functions of Attack Analytics. This product can be used for both Cloud WAF and WAF Gateway products. Also attached is the PPT slides from the webinar. 👉 Attack_Analytics_-_Webinar_-_Jul20.pdf Some questions that were asked and answered by @Uzi Galili during this webinar are below. Does reputation intelligence have an API? How can you tell if this alarm comes from Cloud WAF or On-Premises? How long does it take for AA to analyze the logs from WAF Gateway and display it? How do you determine if there is an exposed origin server if you haven't added it to protected IPs? ​ ...
0 comments
2 people recommend this.
Using Imperva Data Risk Analytics (DRA) to Identify Data Reconnaissance Efforts A successful data breach can be extremely damaging to any organization. Companies regularly collect data about their customers in the course of doing business, and a failure to properly secure this data against exposure can cause a loss of customer trust and, potentially, lawsuits and the imposition of penalties by regulatory authorities under data protection laws. Imperva Data Risk Analytics (DRA) enables organizations to reduce their exposure to potential data breaches. By monitoring access patterns to databases and the data that they contain, it is possible to detect ...
0 comments
Be the first person to recommend this.
Community Webinar: Five Real-World Cloud WAF Rules In this webinar goes through an in depth look at Imperva’s Cloud WAF Rules. He showed how customers can address specific real-world problems with the diverse set of Cloud WAF Rules available today. Kunal covers unique Cloud WAF’s unique predicates with a live web application and API. Top questions asked during the webinar 1. Is there a way to setup shared Rules that can be enabled for multiple sites without having to create separate rules that do the same thing for multiple websites? 2. Which is processed first...a black listed IP, or a rule that was created to block an IP? Is one method ...
0 comments
Be the first person to recommend this.
Discover how Imperva leads the way when it comes to identifying and classifying threats. Attack signatures are a critical part of what makes Imperva’s cloud WAF and DDoS protection services so valuable. The ability to accurately identify suspicious users and behaviors across a very large surface area is essential to protecting vital data and assets. Attack signatures give Imperva systems the ability to “learn” patterns in traffic and usage leading up to an attack. Security professionals regularly ask Imperva team members to define attack signatures and explain what they consist of. These questions are a common fixture on community blog posts and ...
0 comments
Be the first person to recommend this.
Distributed Denial-of-Service attacks remain one of the most dangerous and expensive threats in the global cybersecurity landscape and DDoS attacks are making headlines again thanks to reports of the largest-ever recorded attack in June 2020 .The attack in question is remarkable for its volumetric capacity and sophistication with 1.44 terabits-per-second and 385 million packets-per-second at its peak. This record-breaking DDoS attack was carried out over nine different types of traffic, rather than usual two or three that security providers are used to seeing. Unfortunately, this attack is part of a troubling trend. Distributed Denial-of-Service attacks ...
0 comments
3 people recommend this.
Doron Tzur takes us through an in-depth look at Imperva’s Cloud WAF GitHub tools, account-level-dashboard and site-protection-viewer , which provide the ability to understand in one click and one glance the current protection stature and usage in account level. Additionally he will walk us through another GitHub tool, multi-ip-rep-retriever , that enhances our Reputation Intelligence service by providing a simplified way of to look up multiple IP addresses instead of one at a time. #CloudWAF(formerlyIncapsula)
0 comments
2 people recommend this.
In this session Eyal Gur, Imperva Product Manager, will talk about recent updates to WAF Gateway, key features to know about, as well as upcoming releases and roadmap items. The PPT from the presentation can be found here 1. New Generation Reverse Proxy – Just released in V14.1 2. Reputation Intelligence – Just released in V14.1 3. Large scale MX – BETA NOW. Release scheduled for V14.3 (Nov) 4. Advanced Bridge - BETA NOW. Release scheduled for V14.3 (Nov) 5. Running on GCP - BETA NOW. Release scheduled for V14.3 (Nov) 6. Attack Analytics for WAF GW 7. Advanced Bot integration – Release scheduled for 2021; Beta will be available towards ...
0 comments
1 person recommends this.
The best way to detect botnet activity is by analyzing attacks on protected websites and applications. Bot mitigation is not a static discipline. Security researchers are constantly looking for evidence of novel bot attacks, and new ways to improve defenses against existing ones. Bot mitigation reports are valuable tools in the quest for constant improvement because they offer a wealth of information about how bots work, what kinds of resources they target, and where they may be located. Security professionals need to routinely analyze and debug their bot mitigation policies using debugging tools to reduce false positives and predict future ...
0 comments
Be the first person to recommend this.
Your Advanced Bot Mitigation Dashboard is full of tools you can use to stop bots in their tracks. Cloud WAF users with Advanced Bot MItigation enabled have a powerful tool at their disposal. After logging into My Portal, you are one click away from leveraging some of the most sophisticated bot protection defenses on the market. Simply launch Advanced Bot Protection and you will be taken directly to your account’s user dashboard. This dashboard is your entry point into managing your bot protection framework. This is where you are going to establish bot policies and review the effectiveness of the mitigation policies you’ve put in place. ...
0 comments
Be the first person to recommend this.
In this webinar we talk about some DDoS risks and case studies. The team went through a technical deep dive into DDoS mitigation. At the end of the webinar we took questions from the audience. #DDoSProtectionforNetworks #DDoSProtectionforWebsites #Webinar
0 comments
Be the first person to recommend this.
Users and security professionals aren’t always on the same page when it comes to defining a “bad bot”. “How do I buy a good bot so I can buy the sneakers I want?” This question, which came up during a recent seminar on Cloud WAF Advanced Bot Protection , points to something incredibly important in the world of bot mitigation. It’s not always easy to tell what distinguishes a “good bot” from a “bad bot”, or what those terms really imply when it comes to using automation tools on the Internet. There are entire capital enterprises built on the use of automation tools to collect, categorize, and analyze data online. Bots are incredibly ...
0 comments
Be the first person to recommend this.
In this video we will talk about bad BOT risks, we go over some case studies and walk you through a technical deep dive into BOT mitigation. #AdvancedBotProtection #CloudWAF(formerlyIncapsula) #video #
0 comments
Be the first person to recommend this.
In this community webinar, Brooks Cunningham Manager, Service Operations, took us on an inside view of: 1. Overview of Cloud WAF reporting 2. Overview of configuring the policies 3. Overview of debugging Chris Detzel: (00:16) Thank you, everyone for attending today's webinar. I'm going to go ahead and share my screen. Like I said before, if you weren't on, I only have two slides, Brooks has no slides, it's all demo and going to... Showing you how to do some cool things. So, my name is Chris Detzel, and I am the community manager here at Imperva. If you can't tell my background, Imperva Community, just got that up and running yesterday. So, I'm ...
0 comments
Be the first person to recommend this.
Imperva’s DAM solutions help secure the data of millions of healthcare patients in Singapore. Singapore’s Integrated Health Information Systems (IHiS) is a multi-award winning tech agency responsible for digitizing, connecting, and analyzing Singapore’s healthcare system for more than 50,000 users. IHiS enables smooth, secure information exchange and analysis between the sovereign city-state’s 14 public hospitals, using the latest techniques to gather actionable insights for the island’s growing population. Managing and analyzing patient data securely is no easy feat. Database security specialist stepped up to the responsibility by leveraging ...
0 comments
Be the first person to recommend this.
https://unsplash.com/photos/y6HpQzW87Vc Learn about the state-of-the-art technologies Imperva uses to detect bots 2014 was the first year bots outnumbered human users online . That number has only increased since then, and is virtually guaranteed to continue. In previous articles, we’ve talked about how Imperva differentiates good bots from bad bots, and what kinds of strategies are effective against various kinds of bad bots. But all of these processes rely on a single, all-important first step – distinguishing between bots and legitimate users. Bots are simply software applications that run scripts on the Internet. Simple bots are ...
0 comments
1 person recommends this.
Version 14.1 for Imperva On-Premises products was released on April 6th 2020 . In this release one of the major changes was the underlying operating system update, which allows Imperva products newer Cloud instances support, security hardening and introducing Next Generation Reverse Proxy, as a new deployment mode for Imperva On-Premises WAF. Imperva On-Premises WAF and DAM products running version 13 and below are based operating system CentOS 6.3. CentOS 6 will reach End of Life by the end of November 2020. New CentOS version allows better security, stability, as well as ability to deliver patches and new features faster. There are some important ...
0 comments
Be the first person to recommend this.
Photo by Pixabay from Pexels Take a look at the Webinar that hosted for Community Members here. Transcript from Ran's Webinar on How to Protect Data and be Compliant When Embracing the Cloud Christopher Detzel ( 00:29 ): Welcome, everybody. Thank you for coming to the community online webinar called How to Protect Data and Be Compliant When Embracing the Cloud. Christopher Detzel ( 00:38 ): I have a special guest today on, Ran Rosin . He's director of product management. So, I will not be presenting today, but I will lay down some of the ground rules. So let me do that first, but definitely welcome. Thank you ...
0 comments
Be the first person to recommend this.
https://unsplash.com/photos/GDP_CXFHiuI Integrating Security as Infrastructure as Code with HashiCorp’s Terraform The DevOps framework is all about removing production bottlenecks through automation and integration. For many enterprises, introducing security gets in the way of DevOps-oriented infrastructural goals. This is especially true of enterprises that make extensive use of cloud-based applications and services. Two out of three enterprise IT specialists say security is their primary concern when it comes to adopting cloud computing strategies. HashiCorp Terraform is a cloud-agnostic deployment and provisioning tool that allows ...
0 comments