Blogs

**Important Update for Sectigo Custom Certificate Users**

By Ciaran McAnespy posted 16 days ago
Be the first person to like this.
Hi Community , I want to draw your attention to the recent release note regarding the Sectigo root certificate update . Please review this prior to renewing any certificates to ensure backward compatibility : https://docs.imperva.com/bundle/cloud-application-security/page/release-notes/2025-06-01.htm#SectigoCArootcertificatereplacement . Overview: Sectigo CA root certificate replacement Sectigo CA is replacing its public root certificates as part of an industry-wide modernization effort. If you use a custom ...
1 comment

Manual Mitigation for CVE-2025-31324: SAP NetWeaver Visual Composer Metadata - Unauthenticated File Upload

By Sarah Lamont posted 04-30-2025
Be the first person to like this.
Hi Community, I received the following update from our Threat Research team: A new vulnerability was recently discovered in SAP NetWeaver Visual Composer Metadata, dubbed CVE-2025-31324. Vulnerability Description: SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system. PoC can be found here Cloud WAF customers are al ...
0 comments

2025 Bad Bot Report Highlights!

By Veronica Cooke posted 04-28-2025
Be the first person to like this.
Hi Community, I wanted to share something I think you’ll find valuable. We recently released the 12th edition of our Bad Bot report , and this year’s findings highlight the increase in sophisticated bad bots across the full range of regions and industries. . Explore all the key insights and statistics by downloading the full report here Highlights of this year report In 2025, bad bots now account for 37% of all internet traffic —with the majority built using AI , making them faster, more evasive, and harder to detect. These bots are no longer just scraping content—they are: · Targeting APIs · ...
1 comment

In The Know Podcast: Episode 2 - WAF Gateway

By Sarah Lamont posted 04-04-2025
1 person likes this.
🎙️ Welcome to Ep 2 of the In the Know Podcast: WAF Gateway! 🎙️ Join us as we dive deep into the fascinating world of web application firewalls and the evolving landscape of cybersecurity. In this episode, our expert hosts discuss the launch of Version 15 of the WAF Gateway, now equipped with cutting-edge API security integration and Luna HSM integration! They delve into the crucial benefits of upgrading from fifth to seventh generation hardware, emphasizing the enhanced security features that deliver greater value to customers. Discover why customer engagement is key in the realm of API security packages, and how your feedback can shape the ...
0 comments

Big News: We’re Moving to a Unified Thales Support Portal

By Sarah Lamont posted 04-04-2025
2 people like this.
A Simpler, Stronger Support Experience is on the Way Hi Everyone, In the coming weeks we will be sharing some exciting news that’s been in the works for a while. Starting April 26, 2025 , Imperva customer support will officially move to the Thales Unified Support Portal . This is a major milestone following Imperva’s integration into the Thales Cybersecurity Products (CSP) family. While our commitment to supporting you hasn’t changed, how you engage with us will soon be more efficient, more unified, and more connected than ever before. Why We’re Making This Change We know how important it is to have fast, reliable, and accessible ...
0 comments

New Imperva Support Numbers are Now Live!

By Sarah Lamont posted 03-24-2025
Be the first person to like this.
Hi Community, As promised in this earlier post, our new support telephone numbers are now live. Please be aware that previous Imperva telephone numbers will no longer be active. The link below will provide you with the full extent of the changes: View the Technical Support Telephone Numbers here! In case you missed it, you can find a message about this change from Steve Walden, our Vice President, at the link below: Important Update: New Imperva Support Numbers Many thanks, Sarah #AllImperva
0 comments

Imperva Cloud WAF Podcast - Episode 1

By Michael Wright posted 03-12-2025
Be the first person to like this.
Hi Community, Welcome to the first episode of our Cloud WAF Podcast! In this episode, I talk to Ziv Rika about the latest features of Cloud WAF from Imperva, focusing on three main innovations: AI Explain for security events, sensitive information leakage prevention, and AI bot management. We explore how these features enhance security processes, improve communication between developers and security teams, and address compliance requirements. The conversation highlights the importance of AI in cybersecurity and the need for organizations to adapt to evolving threats. Let me know what you think in the comments below. ...
0 comments

Navigating the New Era of AI Traffic: How to Identify and Block AI Scrapers

By Ziv Rika posted 12-20-2024
1 person likes this.
In the not-so-distant past, webmasters faced challenges from bots like Google’s search spiders, which diligently scanned websites to index content and provide the best search results for users. Fast forward to today, and we are witnessing a new breed of bot: Large Language Models (LLMs) like ChatGPT and Claude. These AI models are not just seeking information; they actively scrape websites to educate themselves, respond to prompts, and enhance their training. As a website owner, the question arises: how do you manage this new form of traffic, and more importantly, how can you reclaim control? The Problem with LLM Scraping LLMs operate similarly ...
0 comments

Understanding the Role of the Origin Server and Ensuring Secure Access

By Omer Shaharabani posted 10-20-2024
1 person likes this.
. An origin server is the endpoint where HTTP requests are ultimately directed to retrieve resources necessary for browsing a site or submitting data to perform actions, such as registering or updating a user's profile. In modern web architectures, particularly those utilizing a Content Delivery Network (CDN), there is a clear distinction between origin servers (which host the original content) and edge servers (which cache and serve content closer to end users). When a site is onboarded to the cWAF, an additional layer is introduced. The WAF is now positioned between the user and the origin server, inspecting incoming traffic for security threats. Every ...
0 comments

New Report: The Economic Impact of API and BOT attacks

By Laura Beaulieu posted 09-24-2024
1 person likes this.
Hi Community I wanted to bring this brand new report to your attention as it has some really valuable information. Ever wondered what the real annual cost of API and BOT insecurity is? We have the answer: Approx. $186 billion Imperva engaged the Marsh McLennan Cyber Risk Intelligence Center to produce this new report on the economic impact of API and BOT attacks. Over 161,000 unique cybersecurity incidents were analysed in this study and here are some of the key insights and t akeaways for you to consider: API and Bot-Related Security Incidents Grow at an Alarming Rate With the rapid adoption of APIs in the modern business ...
0 comments

How Imperva's Managed Certifications Can Mitigate Risks in Certificate Revocation Incidents.

By Luke Richardson posted 08-08-2024
Be the first person to like this.
DigiCert's recent announcement regarding the revocation of certificates due to improper Domain Control Verification (DCV) highlights the critical need for robust certificate management solutions. In an environment where even minor non-compliance can lead to significant disruptions, managed certification services like those offered by Imperva can play a vital role in ensuring continuous compliance and operational stability. The Challenge of Certificate Management DigiCert's incident involved a technical oversight where a required underscore prefix in DNS CNAME records was omitted, leading to the revocation of approximately 0.4% of their certificates. ...
0 comments

Imperva’s 2024 DDoS Threat Landscape Report

By Colleen McCloskey posted 07-30-2024
Be the first person to like this.
Hi Community, I am excited to share with you Imperva’s 2024 DDoS Threat Landscape Report. The report delivers an in-depth analysis of DDoS attack activity during 2023 and 2024. Here are some key takeaways: Increase in DDoS attacks mitigated by Imperva. In the first half of 2024, Imperva successfully mitigated 111% more DDoS attacks compared to the same period the previous year, highlighting the need for robust security measures. Application Layer DDoS attack of 4.7 million Requests Per Second (RPS) . The most notable attack in the first half of 2024 was an Application ...
0 comments

Community Webinar Recordings June/July 2024

By Sarah Lamont posted 07-26-2024
Be the first person to like this.
Hi Community, Just a heads up that you can now find recordings of our recent webinars at the links below. Be sure to log in to the community using your support portal credentials. If you have any follow-up questions or were unable to attend, I encourage you to share your thoughts under the recording or start a new discussion thread. Mitigating Polyfill Supply Chain Attack Advanced Bot Protection: Bad Bot Defense Best Practices Adaptive L7 DDoS Threshold – New feature Spotlight Optimizing Cloud WAF Security: Enriched Security Events UX Deep Dive You can find all webinar recordings here . Having ...
0 comments

Stay Informed! Update Your Safe Senders List.

By Sarah Lamont posted 06-18-2024
1 person likes this.
Hi Community, This is just a brief note to make sure that you don’t miss important communications from Imperva. Imperva is now part of Thales Group. Add @thalesgroup.com to your Safe Senders List to keep receiving emails from us as we begin transitioning our email domain. If you would like to learn more about Thales and Imperva, check out the information below. Thales + Imperva: Creating a Global Leader in Cybersecurity Welcome to Imperva with Steve Walden Why Imperva + Thales
0 comments

Cloud Application Security Release Notes June 16. 2024

By Sarah Lamont posted 06-17-2024
Be the first person to like this.
Hi Community, Did you know that you can subscribe to our release notes to make sure that you receive all updates directly to your email inbox? The se release notes provide information on changes and enhancements in each release. Unless otherwise specified, the changes described here are rolled out throughout the week and may not be immediately available in all accounts. You can also view the customer-facing release notes online here . Cloud Application Security Release Notes June 16. 2024 Heads Up: DNS Protection - Simplified DNS threshold configurations for attacks In the coming weeks we're introducing a simplified ...
0 comments

Imperva’s 11th Annual Bad Bot Report 2024

By Percy Smith posted 05-16-2024
1 person likes this.
Hi Community, In case you missed it, I thought you might be interested in Imperva’s 11th annual Bad Bot Report that we released last month. You can download the full report here . This year's report is based on data from our global network in 2023, including 6 trillion blocked bad bot requests , and focuses on bad bot activity at the OSI model’s layer (layer 7) . These bot use cases are entirely different from volumetric DDoS attacks, which manipulate lower-level network protocols. Highlights of this year’s report Bad Bots account for 32% of automated traffic - a 1.8% increase from 2022 Increase driven ...
0 comments

State of API Security in 2024 report available now!

By Grainne McKeever posted 04-18-2024
1 person likes this.
Hi Community, I am excited to announce the release of the State of API Security in 2024 report , a new report based on our threat research and the first report on API Security published by Imperva. The State of API Security in 2024 Report highlights how APIs and their increased usage are significantly changing the threat landscape. In 2023, the number of API-targeted attacks rose significantly. Attacks targeting the business logic of APIs constituted 27% of attacks in 2023, a growth of 10% since the previous year. Account Takeover (ATO) attacks targeting APIs also increased from 35% in 2022 to 46% in 2023. Based on data from Imperva ...
0 comments

Transitioning to Imperva's HEC Integration for Splunk: A Seamless Approach

By Ziv Rika posted 04-08-2024
1 person likes this.
As organizations continue to enhance their security posture, the need for efficient and effective log management solutions becomes increasingly critical. Imperva recognizes this necessity and is excited to introduce the new HTTP Event Collector (HEC) integration for Splunk, offering a streamlined approach to log delivery and management. Splunk's (HEC) offers a secure and simple integration method for all Imperva log types, including ABP, ATO, and also future ones. HEC complies with near real-time (NRT) delivery methods, with an SLA of less than 5 minutes. This ensures swift analysis and response to security events, enhancing overall security posture. ...
0 comments

Manual Mitigation for HTTP/2 CONTINUATION Flood Vulnerability

By Sarah Lamont posted 04-08-2024
Be the first person to like this.
Hi Community, Our recent blog post highlighted that there is a widely reported HTTP/2 vulnerability that can be used to generate a DDoS. This is primarily of interest to our Cloud WAF customers, although WAF Gateway customers may also wish to know more. The following steps can be used for mitigation: Description Recently, a class of vulnerabilities in HTTP/2 implementations was published, dubbed HTTP/2 CONTINUATION Flood . This attack leverages the CONTINUATION frame that is being sent without setting the END_HEADERS, which in return creates an infinite stream of headers that HTTP/2 server would need to parse and store in memory. ...
0 comments

HTTP/2 CONTINUATION Flood Vulnerability

By Sarah Lamont posted 04-05-2024
1 person likes this.
Nadav Avital, Senior Director, Threat Research HTTP/2 , a widely adopted web communication protocol, organizes data transmission through a binary framing layer, wherein all communication is divided into smaller messages called frames, each identified by a specific type, such as headers, data, and continuation frames. HTTP/2 HEADER frames facilitate the transmission of HTTP headers for requests and responses, employing the HPACK encoding algorithm for compression and efficiency. These frames can be marked with flags like END_HEADERS, indicating completion of header transmission, and END_STREAM, denoting the absence of further request/response body. ...
0 comments