Community Blogs

2 people like this.
How to integrate Data Risk Analytics (DRA) with Data Security Fabric (DSF) Data is a core element for every business. There is an increasing demand to integrate systems for a better and more secure data flow. In this article, the training team provide a step by step guide on how to integrate Imperva’s Data Risk Analytics (DRA) with your Data Security Fabric (DSF). This is just one of the items covered in our Imperva training courses. Visit out training catalog or Contact training@imperva.com Integrating DRA with DSF Imperva Data Security Fabric* combines the granularity of Imperva Agent Gateways and Agents with the flexibility of Sonar ...
2 comments
1 person likes this.
This is an upcoming feature in Agent Gateway & MX v14.10 (Q4 2022) In previous version(v14.9 and old versions) when replacing the GW/GW Password, User needs to update the password in all agents after the password has been changed and re-register the agent to the MX because of which there is a data loss (user can have many agents in a single cluster) and it might take hours until the password is updated in all the agents. New capabilities in v14.10 will add a second password to the GW/GW Cluster and update the new password in all agents. It will also remove the old password from GW/GW cluster. This capability will minimize the data loss of each agent, there ...
0 comments
Be the first person to like this.
by Luke Babarinde Principal Architect at Imperva Imagine trying to protect your web application farm, while needing to integrate with all the different web servers' backend stacks on a one-to-one basis. This requires a WAF that understands systems such as Nginx, Apache, IIS, and Tomcat. You will effectively start a project that will never end due to the complexities associated with protecting each backend stack. Moreover, you will be bogged down with logistics; rapidly protecting your applications and integrating one-to-one with your stack is practically impossible. This is not the standard operating procedure with Imperva. Our solution has evolved ...
0 comments
1 person likes this.
Get Ahead with Imperva Community Imperva Community is designed to help you better achieve your goals, by providing a collaborative space to ask questions, share insights and learn from Imperva experts as well as fellow members! Our members love to hear your tips and tricks and are always keen to help others find solutions. We also have self service blogs and regular events from our Imperva experts that give you the opportunity to ask your questions directly to them. A lot of our content is for members only, so you must log in to make sure you aren't missing key updates. Here's what you could be missing: Regular live events ...
0 comments
1 person likes this.
Signatures - Fundamentals of On-Premise WAF - Part 7 Part 5 and 6 of this series looked at Advanced Web Policies and Global Objects . This part will look at Signatures, how to view, disable and filter on signatures. It also explains the basic unit of signature and regular expressions. What are Signatures? Signatures are text strings that identify known attacks. They are organized in dictionaries, each of which is essentially a filter on the signatures database. You can: define new signatures and new dictionaries. enable or disable signatures in an individual dictionary or all dictionaries. apply dictionaries ...
0 comments
Be the first person to like this.
Imperva Data Security Fabric is the first data-centric solution with an integrated, proactive approach to visibility and predictive analytics. Here's Imperva SVP Terry Ray with your first look at this powerhouse product suite. #AllImperva #DataRiskAnalytics(formerlyCounterBreach) #DatabaseActivityMonitoring #jSonar
0 comments
3 people like this.
Imperva Support Portal Enhancement - Effective November 11, 2022 - New FileSharing Solution available through the Customer Portal! Every organization is built on teamwork. The ability to share files, collaborate and communicate seamlessly is critical to all processes in the workplace. In the past, file sharing and collaborating often took a seemingly disproportionate amount of time. However, with the advancement of modern technology, sharing files and collaborating has never been easier. Nowadays it only takes a few clicks to get things done. To provide our customers with a more seamless and enhanced user experience , we’ve integrated a new way ...
3 comments
Be the first person to like this.
We’re extremely proud to announce Imperva has been named a Leader in the 2022 Gartner Ⓡ Magic Quadrant ™ for Web Application and API Protection (WAAP)—making them a Leader nine years in a row! Companies are rapidly building applications and APIs to support innovation and, in doing so, are introducing vulnerabilities that attackers and bot networks can take advantage of. Imperva provides the broad application protection you need in one comprehensive solution — WAF, API, Bot, DDoS, ATO, and CDN — to help you advance your business with secure protection you can trust. Download the report today to: Understand the comprehensive protection you need. ...
0 comments
Be the first person to like this.
Introduction to Imperva RASP Jazmine Reynolds Lead Instructional Designer Hello and welcome to this introduction to RASP from the Imperva Training team! This blog introduces you to our RASP On Demand training course. It will take a high- level look at all of the “Whats” surrounding RASP - What is it? What does it do? And What does it protect against? So, what exactly is this rasp thing? Gartner invented the acronym RASP several years ago - it stands for Runtime application self-protection. The core premise is that software is flaky, with security flaws that malicious actors can exploit to their advantage and our loss. They can essentially ...
0 comments
3 people like this.
Cross System Global Objects Welcome to part 6 of our Fundamentals blog series. In this blog, will be looking at defining the Cross System Global objects, what they help you achieve and how to implement them. Be sure to check out the previous blogs in the series - links are included at the end of this blog. Global Port Groups Global Port Groups are lists of ports used in various locations in On-Prem WAF, including: Service Scans Firewall Policy The Global Ports Group attaches a name to the port number, making it more readable in alerts. IP Groups IP Groups are lists of IP Addresses used for a variety of purposes ...
2 comments
1 person likes this.
Beyond the WAF - 4 key Tools for Complete Application Security Webinar Recording The Imperva Community is delighted to welcome Craig Porter, Imperva AppSec Specialist, and Louis Zisiadis , Customer Success Manager to the webinar series. In this session, the team will look outside of Cloud WAF and discuss the 4 additional tools in Imperva's Application Security Suite and how they can further protect your environment. These include: API Security Advanced Bot Protection Client Side Protection Runtime Protection The team take time to answer audience questions throughout the session, but feel free to add your own below! ...
0 comments
1 person likes this.
Advanced Web Security Policies – Fundamentals of On-Prem WAF Part 5 Introduction A web application firewall (WAF) is a web-based security appliance that helps protect servers and websites from malicious web applications. It is a web application security solution that analyzes the content of the requests, examines their headers and responses, and then makes decisions on whether or not to allow them through. There are several different advanced web policies that you can use to protect your website from being attacked when you're building a web application firewall. In this post, we will examine the different types of policies that can be ...
0 comments
Be the first person to like this.
Imperva Support Case Creation and Portal Updates The Imperva Customer Support Portal brings together some of our key customer tools in one unified customer support portal. It also allowed us to enhance the experience for you, the customer. Here is a quick reminder of some of those enhancements. Case management - You can open, update, and view support cases for all Imperva products and also determine the severity to set the proper sense of urgency and influence response times. SSO access allows you to search and browse a wealth of knowledge resources directly from the portal landing page, including product documentation, ...
0 comments
2 people like this.
Types of Web Security Policies - Fundamentals of On-Prem WAF Part 4 Introduction Having already addressed the SSL Certificates and Ciphers, part 4 of this On-Prem WAF Fundamentals blog series will hone in on policies, looking at the different types available and best practices. This is followed by a step by step guide on defining policies. What is a Policy? To ensure complete application security, Imperva On-Premises WAF policies provide the system with multi-level protection in line with the Imperva On-Premises WAF object hierarchy, as follows: Server Groups > Services > Applications Policies are enabled by ...
0 comments
2 people like this.
Appl ication Hierarchy: Server Group, Service, Application Fundamentals of On-Prem WAF - Part 3 Introduction In the first parts of our series, we discussed the basics of On-Prem WAF, and notably, we stated that the OSI 7-layer model is essential to understanding the concept of computer networking. The 7 layers are the physical layer, the Data link layer, the Network layer, the transport layer, the session layer, the presentation layer, and the application layer. We also looked at the SSL Certificates and Ciphers. This article elaborates on the Application layer focusing on the different hierarchies within the Application layer. We would take ...
0 comments
2 people like this.
SSL certificates and Ciphers Fundamentals of On-Prem WAF - Part 2 Introduction When you're configuring your SSL certificates, it's important to understand which SSL ciphers are supported by your server and web application. The strength and configuration of supported ciphers will vary depending on the version of software deployed by the server and what hardware, operating system and CPU architecture is supporting the service. In this blog, we will discuss some of the important points related to SSL certificates and ciphers. Also, we would give you step by step guide on how to add SSL keys. But before we dive into it, ...
0 comments
5 people like this.
Fundamentals of On-Premise WAF - Blog Series Part1: Multi-Layer Protection - the basis of On-Premise WAF Ira Miga Knowledge Engineer At Imperva, we appreciate that a lot of our users are required to communicate internally the workings of our products and the value they bring to the organization. With this in mind, we're excited to announce a new blog series on On-Premise WAF! I will go "back to basics" with a focus on On-Premise WAF in a series of informational blogs. In this first blog, I'll go over the multi-layer protection with On-Premise WAF and why it's so important for organizations. On-Premise WAF is an important tool that helps protect ...
2 comments
Be the first person to like this.
Manual Mitigation for CVE-2022-30525 Nathan Orr Security Analyst Threat Research Vulnerability in Zyxel Firewalls, assigned CVE-2022-30525: Zyxel Command Injection Vulnerability. Vulnerability Description : A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions ...
0 comments
Be the first person to like this.
Ahead of our Data Security Roadmap 2022 webinar , I wanted to share the recent blog from Dan Neault, Imperva's SVP and GM for Data Security, to give a little insight into our Data Security Fabric. If you have any questions, comment below! We can even address them during the live session on Wednesday April 27 . Why Customers Asked us for a Data Security Fabric (Even When They Didn’t Know to ask for it by Name) Dan Neault, Imperva's SVP and GM for Data Security Our journey to the data security fabric started a while back when we built the industry’s first data security platform based on what customers said they needed and working with customers ...
1 comment
1 person likes this.
How to Truly Protect against Account Take Over (ATO) - Webinar recording - with Lynn Marks and Santosh Nallu The Imperva Community is delighted to welcome Lynn Marks, Imperva Product Manager, and Sanosh Nulla, to discuss Account Takeover (ATO) and how you can truly protect your organization against it. During this webinar, Lynn discusses ATO, how it occurs and why it is a prevalent issue for the full range of industries. She looks at the impact of ATO and how you can mitigate organizational risk with Imperva's Account TakeOver Protection. Make sure you watch to the end as Lynn and Santosh address the audience questions. #AccountTakeOver ...
0 comments

Please log in to community to view our video content