Community Blogs

Recently a new vulnerability was discovered related to SolarWinds Orion API. Vulnerability description: The SolarWinds Orion Platform is a suite of infrastructure and system monitoring and management products. The SolarWinds Orion API is embedded into the Orion Core and is used to interface with all SolarWinds Orion Platform products. API authentication can be bypassed by including specific parameters in the Request.PathInfo portion of a URI request, which could allow an attacker to execute unauthenticated API commands. In particular, if an attacker appends a PathInfo parameter of WebResource.adx, ScriptResource.adx, i18n.ashx, or Skipi18n to a ...

On December 8th 2020 FireEye shared details about a cyber attack it experienced to help to protect the community. These details include a prioritized list of CVEs that should be addressed to limit the effectiveness of Fireye’s Red Team tools. The threat research group examined the list and found that all of the web application CVEs are protected by Imperva WAF. CVE WAF Protection CVE-2019-11510 – pre-auth arbitrary file reading from Pulse Secure SSL VPNs - CVSS 10.0 Generic path traversal rules CVE-2018-13379 – pre-auth arbitrary file reading from Fortinet Fortigate SSL VPN - CVSS 9.8 Generic ...

Shamiel Bikha brings more than two decades’ experience to cybersecurity team management and upskilling. Cybersecurity professionals are the most important part of any security framework. Even the most sophisticated cybersecurity solution on the market can become a liability if it is improperly deployed or poorly understood. Enterprises continue to invest heavily in recruiting and training to make sure their approach to security is optimized against the latest threats. As the security landscape changes, security professionals have to adapt to keep up. That’s where Shamiel Bikha’s security consultancy comes in. Shamiel applies more than twenty ...

In this blog, you will find 10 quick steps allowing you to configure basic Reverse Proxy mode using Imperva WAF for HTTP and HTTPS traffic and also a video with a walkthrough of the configuration process. What is a proxy? What is the difference between Reverse and Forward proxy? Proxy is a server that acts as a gateway between the web server and the internet. It is separating the end-users from the website they are trying to reach. A forward proxy is usually positioned at the network edge and regulates outbound traffic. It can, for example, block employees from visiting certain websites or improve user experience by caching external site content. ...

In a fitting grand finale to what has been a most challenging year, we are presenting Imperva’s “Oracles of Delphi”, CTO Kunal Anand and SVP of Data Security Ron Bennatan, to deliver perspectives and advice to the Community on all things cybersecurity. From market concerns and observations to deep-dive technical questions and informed predictions about what 2021 has to offer, Kunal and Ron will field any and all questions to help you get a jump on next year. Find the post of questions here: Ask Me Anything - 2020 Tournament of Champions #CloudWAF(formerlyIncapsula) #On-PremisesWAF(formerlySecuresphere) #Webinar #video

Roadmap Organizations are modernizing their databases more and more. Agility, changes in organizational responsibilities, adoption of data lakes, DBaaS and No-SQL DBs are the main reasons that customers struggle to audit and protect their data. This can lead to lack of visibility of data risk, loss of control and an increased attack surface. In this webinar, we will discuss the main focus areas in the roadmap of Database Activity Monitoring, elaborate on how Imperva can continue protecting your DBs in those new scenarios. Kobi Katzir, Principal Product Manager, will show the recent changes in DAM and present what is planned for in the next 12 months. ...

Photo found here: https://unsplash.com/photos/xekxE_VR0Ec Imperva Client-Side Protection gives users ample data about JavaScript executable connections. Find out what risky connections look like. Imperva’s Client-Side Protection solution offers unprecedented visibility into outgoing JavaScript connections in a scalable, manageable way. Security professionals can analyze the data it provides to identify and mitigate dangerous formjacking attacks. We’ve already identified some of the characteristics of these attacks in previous posts. Now we can identify some of the red flags that security professionals should be looking for when using Client-Side ...

find pic here: https://unsplash.com/photos/NIJuEQw0RKg Introduction to Audit Policies Audit policies in Imperva DAm enable an organization to monitor access attempts and activity on sensitive data or other data of interest. These policies can be designed to enable an organization to comply with the requirements of data protection regulations, such as the Payment Card Industry Data Security Standard (PCI DSS) or the California Consumer Privacy Act (CCPA), and to perform the monitoring necessary for cybersecurity and breach protection. Think of audit policies like a DVR (digital video recorder). You may have 400 channels on your satellite or cable ...

pic found here: https://unsplash.com/photos/fPkvU7RDmCo Have you moved to the cloud? Are you moving to the cloud? Are you wondering what is involved in visualizing Imperva RASP logs in the cloud? You have come to the right place. I have been working in the Microsoft Azure cloud environment for the past year, including Microsoft Application Insights. I have found Azure easy to understand and quick to configure, so I have been eager to explore setting up Sentinel, Azure’s SIEM, for visualizing Imperva RASP logs. Imperva RASP blocks exploits against your web applications, microservices, and API’s. Imperva RASP protects the entire application runtime and any ...

pic found here: https://unsplash.com/photos/oMpAz-DN-9I Join the next Imperva Community Webinar as @Kunal Anand, Chief Technology Officer and @Lior Atzmon, Head of Product Design take us through a brand new experience that pulls together security, performance, reliability, and other metrics across our entire portfolio. At Imperva, we work on category-defining products across edge, application, and data security. Our customers depend on our products to protect critical workloads and sensitive data…but they also want an easy way to pull all of the analytics together. Earlier this year, our Product Design team conceived of Project Universe – a brand ...

This document will provide the necessary steps to enable logging of Imperva WAF Gateway Security Alerts to the Azure Sentinel solution. Create the Action Interface The first step of the process is to define a new Action Interface. This is accomplished by navigating to Admin -> System Definitions –> Action Interfaces. 1. Create a new action interface by clicking the red plus sign on the middle of the screen. Name it something that will make it easy to understand what it is for and select “Gateway Security System Log from the pull-down menu. 2. Now expand your newly created action interface and uncheck the boxes next to the protocol, ...