Community Blogs

Imperva's jSonar Acquisition- Modern Database Security for any Data System on any Cloud - Community Webinar

By Christopher Detzel posted 3 days ago
1 person recommends this.
Pic found here: https://unsplash.com/photos/MnHQMzC6n-o In webinar to you will learn how Imperva’s recent acquisition of jSonar will modernize data security and add tremendous value to your Imperva deployment. #CloudWAF(formerlyIncapsula) #DatabaseActivityMonitoring #On-PremisesWAF(formerlySecuresphere) #jsonar #Webinar #vid
0 comments

New Cloud WAF GitHub Tools, Part Three: Multi-IP-Rep-Retriever

By Doron Tzur posted 4 days ago
Be the first person to recommend this.
Pic here: https://unsplash.com/photos/MAYEkmn7G6E Simplify IP reputation intelligence with this time-saving UX enhancement. Reputation intelligence is key to Imperva’s Cloud WAF technology. Our ability to gather data on traffic origins and use it to generate insights on user behaviors is a powerful asset. It lets security professionals better understand where traffic is coming from, who is creating it, and what risks may be involved. The cloud architecture of Imperva’s WAF solution allows us to deliver up-to-date information on traffic originators throughout the world. We are constantly improving our database of cyber entities and qualifying ...
0 comments

How to Monitor Access to Sensitive Data Through Applications and APIs - Community Webinar

By Christopher Detzel posted 7 days ago
Be the first person to recommend this.
image found here: https://unsplash.com/photos/JKUTrJ4vK00 In the midst of the largest innovation and modernization efforts in recent history, organizations who both store and process sensitive data are faced the challenge of auditing and monitoring “who” is accessing that data, along with tracking the what, when, where and how of that activity. This includes monitoring direct database access, as well as tracking users accessing this data through applications and APIs. Imperva’s User-to-Data tracking capability with our data security offering can do just that, auditing any and all access to sensitive data from edge to end. Join our briefing ...
0 comments

Client-Side Protection: How Formjacking Attacks Work (and How to Prevent Them)

By Lynn Marks posted 9 days ago
Be the first person to recommend this.
Found Image: https://unsplash.com/photos/vII7qKAk-9A Learn more about the anatomy of client-side data skimming. We’ve already talked about some of the broad methods hackers use to compromise sensitive user data in an e-commerce environment. Some of the most common methods involve compromising the scripts that website administrators implement on their sites when adding client-side services. In order to see how Imperva’s Client-Side Protection tool reliably defends against these types of attacks, we have to look at how hackers in groups like Magecart actually carry them out. These attacks can be quite sophisticated in structure. Compromised ...
0 comments

Operational Best Practices for a Successful Data Activity Monitoring Deployment - Community Webinar

By Christopher Detzel posted 10 days ago
Be the first person to recommend this.
Operational Best Practices Database activity monitoring and auditing has become a critical challenge for organizations due to increasing importance of data integrity and privacy to customers and regulators. Database Activity Monitoring has become a key control for database security and compliance. When properly deployed, the SecureSphere Data Security components can alert on unauthorized access to sensitive data and protect database against a variety of attacks. Join @Craig Burlingame , Director of Technology for another Community webinar. With database application threats increasing in number and sophistication, effective Data Activity ...
0 comments

Enriching Data Streams for Monitoring and Security - Community Webinar

By Christopher Detzel posted 11 days ago
Be the first person to recommend this.
Data Enrichment In this webinar, @Curt Watt and @Richard St. John walks us through what Data Enrichment is and a demo. Nearly all On-Premises deployments have some form of enrichment active and providing benefits to the organization. ​​ In this webinar, we covered What enrichment is 1. How Enrichment Benefits Imperva On-Premises Application Security and On-Premises Data Security deployments 2. How Enrichment is performed and the source data used to enrich monitored communication streams 3. Several Enrichment use-case scenarios and example configurations to meet the scenario goals We had a Live Demo that ...
0 comments

New Cloud WAF GitHub Tools, Part Two: Site-Protection-Viewer

By Doron Tzur posted 12 days ago
Be the first person to recommend this.
https://unsplash.com/photos/Xr1Lwph6eGI Open source tools make security management easy for customers who manage multiple sites. Imperva security products have earned an excellent reputation helping organizations mitigate cybercrime risks and defend against malicious bots. Imperva’s Cloud WAF solution has proven itself to be a powerful tool for managing and customizing protection states for web assets. Although it does its job extraordinarily well, specific use cases can always call for improvements. One of the use cases we commonly encounter is the security professional managing multiple sites in a single Cloud WAF instance. The more ...
0 comments

Client-Side Protection: New JavaScript Exploits Bypass Website Security Policies

By Lynn Marks posted 17 days ago
Be the first person to recommend this.
https://unsplash.com/photos/ex_p4AaBxbs Find out how Imperva employs client-side protection to keep websites safe from novel cyberattacks JavaScript is everywhere. It’s one of the most popular programming languages for web application development. But website developers aren’t just relying on their own code anymore. There is an enormous number of third-party web services that use JavaScript to execute code outside of their clients’ regular web security protocols. This puts them at risk for client-side cyberattacks. Alarmingly, these attacks can be successful even with industry-standard server protection in place. The most famous example ...
0 comments

Enforcing API Schema Specifications in Imperva

By Peter Klimek posted 22 days ago
Be the first person to recommend this.
Space pic... APIs are designed to expose certain functionality to be used by automated programs. An API’s schema serves as a “contract” for how an API’s clients should interact with an API making it a valuable tool to an organization’s customers. Unfortunately, this usefulness also makes it extremely valuable to attackers as well, especially when the underlying API does not appropriately enforce the parameters that are defined in the API schema. With Imperva, it is possible to enforce the terms of this contract, protecting the API against attack. What is an API Schema? An API schema is a design document of an API. It outlines exactly what ...
0 comments

Implementing Defense in Depth with RASP and WAF

By Rajaram Srinivasan posted 25 days ago
Be the first person to recommend this.
The principle of “defense in depth” is borrowed from the military and deals with the fact that no security solution is perfect. While effective security products can detect and block a high percentage of attacks against a system, no single security product can provide protection for all threat vectors. A comprehensive IT security strategy includes risk-appropriate controls implemented where they can provide maximum efficacy, with integrated analytics throughout. With multiple lines of defense, an organization can decrease the probability that these attacks will actually be able to reach and compromise internal systems. Attacks that are overlooked ...
0 comments

New Cloud WAF GitHub Tools, Part One: Account-Level-Dashboard

By Doron Tzur posted 09-29-2020
Be the first person to recommend this.
Image found here: https://unsplash.com/photos/qwtCeJ5cLYs GitHub tools can transform the user experience for efficiency-oriented Imperva customers. All SaaS products must constantly change to meet user demands in a dynamic environment. Imperva’s Cloud WAF solution is no different. In fact, Imperva’s success in this challenging field relies partly on being able to regularly update its reputation intelligence databases and share critical information between its customers. Cloud-based infrastructure is ideally suited for this task because it allows for seamless on-the-fly updating. But the team at Imperva understands that each customer’s ...
0 comments

Securing Your Data -A Data Centric Approach - Webinar

By Christopher Detzel posted 09-28-2020
Be the first person to recommend this.
Data is one of the most valuable assets for contemporary organisations and a growing source of competitive advantage. Over 50% of organisations’ sensitive data is stored in various databases. Learn how to identify and mitigate critical data security risks without compromising the agility of your business. #CloudDataSecurity #DataRiskAnalytics(formerlyCounterBre
0 comments

Securing API's Part 2 Mitigating Input Validation Vulnerabilities Community Webinar

By Christopher Detzel posted 09-25-2020
Be the first person to recommend this.
API Security APIs play a critical role in empowering the digital economy…but since apps are being churned out faster than security teams can secure them, businesses are exposed on a massive -- and growing -- attack field. In the second part of our series on Securing API's, we're going to take a deep dive into understanding and mitigating Input Validation vulnerabilities in API's. This webinar will explore in depth how API's are susceptible to Mass Assignment and Injection attacks, OWASP API Top 10 #6 & #8 respectively. We will walk through the vulnerabilities with code examples, demonstrate live attacks, and finally walk through the mitigations ...
0 comments

Database Activity Monitoring (DAM) Ask Me Anything Imperva Community Webinar

By Christopher Detzel posted 09-24-2020
Be the first person to recommend this.
Photo by Emily Morter on Unsplash In this Ask Me Anything live Webinar, and answer all questions, customers and partners had, around Imperva's Database Activity Monitoring (DAM). Read the list of Q&A on this thread. Database Activity Monitoring (DAM) Ask Me Anything Session Take a look at the Community Resource bundle for DAM products. A list of FAQ's by topic and an easy way to find it. Database Activity Monitoring Q&A ​​​ #DatabaseActivityMonitoring #Webinar
0 comments

Creating Custom Error Responses for APIs

By Peter Klimek posted 09-21-2020
Be the first person to recommend this.
By default, Imperva will send an error response if a request is blocked because it violates an API’s schema However, the default response generated by Imperva may not be appropriate for a couple of different reasons: By default, Imperva expects clients to be communicating using HTML and sends error messages formatted in HTML as well. If an API client is expecting JSON-formatted responses, then it will be incapable of parsing the error message sent by Imperva. Another reason why error responses may need rewriting is that an API’s schema may define a special error response format. If this is the case, it is unlikely that the default Imperva ...
0 comments

Impervian Community Spotlight: Adesola Jolaoso, Database Security Specialist

By Christopher Detzel posted 09-21-2020
1 person recommends this.
Impervian Community Spotlight: Adesola Jolaoso, Database Security Specialist Adesola Jolaoso uses Imperva to protect critical government infrastructure in Africa’s largest economy. Imperva’s cloud-based infrastructure and best-in-class scalability make it a key asset for government institutions around the world. Government agencies need dependable resources that deliver proven results. Today’s Impervian community spotlight focuses specifically on a security professional who is making that happen. Adesola Jolaoso is a database security specialist working for a federal government agency in Nigeria. As Africa’s number-one economy and most populated ...
0 comments

Use the Cloud WAF CLI to Optimize Complex Workflows, Part One

By Joe Moore posted 09-14-2020
Be the first person to recommend this.
Save time on tedious, repetitive tasks using the Cloud WAF command line. The Imperva Cloud WAF interface is intuitive and easy to use. As great as this is, it can make some tasks more tedious and time-consuming than they need to be. Graphical user interfaces usually have to sacrifice some power and efficiency for the sake of user-friendliness. Point-and-click functionality is great when familiarizing yourself with a brand-new software application, but eventually it can get in the way of productivity. Let’s say you have hundreds of files to configure in a specific sequence. With a graphical user interface, you would have to ...
0 comments

Client-Side Protection - How to protect your website from client-side attacks like Formjacking and Magecart -Webinar

By Christopher Detzel posted 09-11-2020
Be the first person to recommend this.
How to protect your website from client-side attacks like Formjacking and Magecart Lynn Marks, Product Manager at Imperva, talks about a new Imperva product called Client-Side Protection. Client-side attacks, launched by groups like Magecart, are exploiting JavaScript services embedded in websites. These services, deployed by developers or the marketing team, are a security blind-spot. What happens when one of the client-side services is compromised? In this webinar you’ll learn the following: - Understand the problem of client-side code. - Witness a simple way to discover all Javascript Services running on a website. - See how security ...
0 comments

Event Log_SQL Injection

By Hung Hoang posted 09-11-2020
Be the first person to recommend this.
Hi all I have a inperva device and a web portal. I understand why inperva block request SQL Injection. How do you do verify event it and what is Violation Attack Signature ? I have check it but can't see violation attack signature ? Example: on F5 i can see violation attack signature? Please help me Thank Hung Hoang
0 comments

Protecting Applications from Within Using Runtime Application Self Protection (RASP) - Community Webinar

By Christopher Detzel posted 09-10-2020
Be the first person to recommend this.
Demo of RASP and Roadmap. In this webinar, @Rajaram Srinivasan , Imperva Product Manager, talked about how RASP, a PCI control and NIST requirement, can mitigate risk and protect your applications as your business move to the cloud. We will help you understand the following: How RASP works as the final layer of defense to protect your applications How you can secure your apps in a cloud native world with fading controls What is the latest in RASP 4.0 version from Imperva Roadmap into the future of Imperva RASP 👇 Also, below is the PPT for the webinar. 👇 RASP_-_Community_Webinar_v2.pdf #RASP #Webinar #vid
0 comments