Blogs

Be the first person to like this.
In my previous blog I looked at un-applied policies, disabled rules, and policies with no alerts. This blog will now look at alerts , one of the most critical functionalities of your WAF Gateway. Many alerts may be generated simultaneously, however, managing these alerts does not need to be overwhelming. In this blog post, I aim to simplify the management of WAF Gateway alerts by laying out the workflow step by step. If you have questions or comments, I'd love to hear them in the comments section below. Alerts are notifications that a violation or group of violations (of security policies) have taken place on monitored traffic. ...
0 comments
1 person likes this.
In this blog post, we'll explore the topic of un-applied policies, disabled rules, and policies with no alerts. We'll discuss how they can affect your system's performance and why it's important to keep an eye on them. So, let's dive in! Un-applied policies Do not get executed They will be downloaded to the gateway, but will not be associated with any service, and will never run, and they will not have any counters risen. Applied policies with disabled rules Create silent alerts They still impact performance as if they were enabled. However no alert is generated and profile learning can occur on that event - assuming there is not also ...
0 comments
1 person likes this.
How to Create Efficient Signatures by Michael Gorelick Knowledge Engineer There are 3 types of signatures: Web, SQL, and Stream signatures. Web and SQL signature support enhanced pattern matching using regular expressions. Note: Stream signatures are basic pattern matching where an exact pattern must match. Stream signatures don’t have rgxp, only “part”, “rmin”, and “rmax” (the latter two being the min and max distance between the “part”s). Stream signatures are applied to stream signature policies, which are enforced at the server group level, and are therefore tested against almost all traffic. The Imperva WAF GW detection ...
0 comments
Be the first person to like this.
Hi Community, I wanted to provide a quick snapshot of Imperva's security landscape. This is a great way for your to visualise your environment and to help you identify where there may be gaps in your training. If you have questions, we'd love to hear from you. Comment below, reach out to training-team@imperva.com or browse our training catalog . #AllImperva #training ​
0 comments
2 people like this.
How to integrate Data Risk Analytics (DRA) with Data Security Fabric (DSF) Data is a core element for every business. There is an increasing demand to integrate systems for a better and more secure data flow. In this article, the training team provide a step by step guide on how to integrate Imperva’s Data Risk Analytics (DRA) with your Data Security Fabric (DSF). This is just one of the items covered in our Imperva training courses. Visit out training catalog or Contact training@imperva.com Integrating DRA with DSF Imperva Data Security Fabric* combines the granularity of Imperva Agent Gateways and Agents with the flexibility of Sonar ...
2 comments
1 person likes this.
This is an upcoming feature in Agent Gateway & MX v14.10 (Q4 2022) In previous version(v14.9 and old versions) when replacing the GW/GW Password, User needs to update the password in all agents after the password has been changed and re-register the agent to the MX because of which there is a data loss (user can have many agents in a single cluster) and it might take hours until the password is updated in all the agents. New capabilities in v14.10 will add a second password to the GW/GW Cluster and update the new password in all agents. It will also remove the old password from GW/GW cluster. This capability will minimize the data loss of each agent, there ...
0 comments
Be the first person to like this.
by Luke Babarinde Principal Architect at Imperva Imagine trying to protect your web application farm, while needing to integrate with all the different web servers' backend stacks on a one-to-one basis. This requires a WAF that understands systems such as Nginx, Apache, IIS, and Tomcat. You will effectively start a project that will never end due to the complexities associated with protecting each backend stack. Moreover, you will be bogged down with logistics; rapidly protecting your applications and integrating one-to-one with your stack is practically impossible. This is not the standard operating procedure with Imperva. Our solution has evolved ...
0 comments
1 person likes this.
Get Ahead with Imperva Community Imperva Community is designed to help you better achieve your goals, by providing a collaborative space to ask questions, share insights and learn from Imperva experts as well as fellow members! Our members love to hear your tips and tricks and are always keen to help others find solutions. We also have self service blogs and regular events from our Imperva experts that give you the opportunity to ask your questions directly to them. A lot of our content is for members only, so you must log in to make sure you aren't missing key updates. Here's what you could be missing: Regular live events ...
0 comments
1 person likes this.
Signatures - Fundamentals of On-Premise WAF - Part 7 Part 5 and 6 of this series looked at Advanced Web Policies and Global Objects . This part will look at Signatures, how to view, disable and filter on signatures. It also explains the basic unit of signature and regular expressions. What are Signatures? Signatures are text strings that identify known attacks. They are organized in dictionaries, each of which is essentially a filter on the signatures database. You can: define new signatures and new dictionaries. enable or disable signatures in an individual dictionary or all dictionaries. apply dictionaries ...
0 comments
Be the first person to like this.
Imperva Data Security Fabric is the first data-centric solution with an integrated, proactive approach to visibility and predictive analytics. Here's Imperva SVP Terry Ray with your first look at this powerhouse product suite. #AllImperva #DataRiskAnalytics(formerlyCounterBreach) #DatabaseActivityMonitoring #jSonar
0 comments
3 people like this.
Imperva Support Portal Enhancement - Effective November 11, 2022 - New FileSharing Solution available through the Customer Portal! Every organization is built on teamwork. The ability to share files, collaborate and communicate seamlessly is critical to all processes in the workplace. In the past, file sharing and collaborating often took a seemingly disproportionate amount of time. However, with the advancement of modern technology, sharing files and collaborating has never been easier. Nowadays it only takes a few clicks to get things done. To provide our customers with a more seamless and enhanced user experience , we’ve integrated a new way ...
3 comments
Be the first person to like this.
We’re extremely proud to announce Imperva has been named a Leader in the 2022 Gartner Ⓡ Magic Quadrant ™ for Web Application and API Protection (WAAP)—making them a Leader nine years in a row! Companies are rapidly building applications and APIs to support innovation and, in doing so, are introducing vulnerabilities that attackers and bot networks can take advantage of. Imperva provides the broad application protection you need in one comprehensive solution — WAF, API, Bot, DDoS, ATO, and CDN — to help you advance your business with secure protection you can trust. Download the report today to: Understand the comprehensive protection you need. ...
0 comments
Be the first person to like this.
Introduction to Imperva RASP Jazmine Reynolds Lead Instructional Designer Hello and welcome to this introduction to RASP from the Imperva Training team! This blog introduces you to our RASP On Demand training course. It will take a high- level look at all of the “Whats” surrounding RASP - What is it? What does it do? And What does it protect against? So, what exactly is this rasp thing? Gartner invented the acronym RASP several years ago - it stands for Runtime application self-protection. The core premise is that software is flaky, with security flaws that malicious actors can exploit to their advantage and our loss. They can essentially ...
0 comments
3 people like this.
Cross System Global Objects Welcome to part 6 of our Fundamentals blog series. In this blog, will be looking at defining the Cross System Global objects, what they help you achieve and how to implement them. Be sure to check out the previous blogs in the series - links are included at the end of this blog. Global Port Groups Global Port Groups are lists of ports used in various locations in On-Prem WAF, including: Service Scans Firewall Policy The Global Ports Group attaches a name to the port number, making it more readable in alerts. IP Groups IP Groups are lists of IP Addresses used for a variety of purposes ...
2 comments
1 person likes this.
Beyond the WAF - 4 key Tools for Complete Application Security Webinar Recording The Imperva Community is delighted to welcome Craig Porter, Imperva AppSec Specialist, and Louis Zisiadis , Customer Success Manager to the webinar series. In this session, the team will look outside of Cloud WAF and discuss the 4 additional tools in Imperva's Application Security Suite and how they can further protect your environment. These include: API Security Advanced Bot Protection Client Side Protection Runtime Protection The team take time to answer audience questions throughout the session, but feel free to add your own below! ...
0 comments
1 person likes this.
Advanced Web Security Policies – Fundamentals of On-Prem WAF Part 5 Introduction A web application firewall (WAF) is a web-based security appliance that helps protect servers and websites from malicious web applications. It is a web application security solution that analyzes the content of the requests, examines their headers and responses, and then makes decisions on whether or not to allow them through. There are several different advanced web policies that you can use to protect your website from being attacked when you're building a web application firewall. In this post, we will examine the different types of policies that can be ...
0 comments
Be the first person to like this.
Imperva Support Case Creation and Portal Updates The Imperva Customer Support Portal brings together some of our key customer tools in one unified customer support portal. It also allowed us to enhance the experience for you, the customer. Here is a quick reminder of some of those enhancements. Case management - You can open, update, and view support cases for all Imperva products and also determine the severity to set the proper sense of urgency and influence response times. SSO access allows you to search and browse a wealth of knowledge resources directly from the portal landing page, including product documentation, ...
0 comments
2 people like this.
Types of Web Security Policies - Fundamentals of On-Prem WAF Part 4 Introduction Having already addressed the SSL Certificates and Ciphers, part 4 of this On-Prem WAF Fundamentals blog series will hone in on policies, looking at the different types available and best practices. This is followed by a step by step guide on defining policies. What is a Policy? To ensure complete application security, Imperva On-Premises WAF policies provide the system with multi-level protection in line with the Imperva On-Premises WAF object hierarchy, as follows: Server Groups > Services > Applications Policies are enabled by ...
0 comments
2 people like this.
Appl ication Hierarchy: Server Group, Service, Application Fundamentals of On-Prem WAF - Part 3 Introduction In the first parts of our series, we discussed the basics of On-Prem WAF, and notably, we stated that the OSI 7-layer model is essential to understanding the concept of computer networking. The 7 layers are the physical layer, the Data link layer, the Network layer, the transport layer, the session layer, the presentation layer, and the application layer. We also looked at the SSL Certificates and Ciphers. This article elaborates on the Application layer focusing on the different hierarchies within the Application layer. We would take ...
0 comments
2 people like this.
SSL certificates and Ciphers Fundamentals of On-Prem WAF - Part 2 Introduction When you're configuring your SSL certificates, it's important to understand which SSL ciphers are supported by your server and web application. The strength and configuration of supported ciphers will vary depending on the version of software deployed by the server and what hardware, operating system and CPU architecture is supporting the service. In this blog, we will discuss some of the important points related to SSL certificates and ciphers. Also, we would give you step by step guide on how to add SSL keys. But before we dive into it, ...
0 comments