Imperva Cyber Community

Expand all | Collapse all

Application Security Ask Me Anything Session

  • 1.  Application Security Ask Me Anything Session

    Community Manager
    Posted 10-21-2020 12:10

    Hello Imperva Community –

    We are looking forward to our Ask Me Anything (AMA) session on Thursday, October 29th, 2020 from 10:00 – 11:00 AM CT featuring @Abhishek Gupta, Sr. Technical Account Manager, @Jaired Anderson, Principal Consultant, and @Peter Klimek, Director of Technology within the Office of the CTO. 

    Our experts will be answering any and all of your AppSec questions - including insights on working behind the scenes at Imperva, including discussing how Imperva finds and manages new threats, sharing best practices and tips to securing workloads, and what's coming on the horizon (that we can share).  

    Event Instructions:

    1. If you are able to attend the event live, RSVP here and join our webinar session!
    2. Reply directly to this thread with your questions and an expert will reply to all questions received starting at 10:00 AM CT next Thursday.
    3. Use @mentions when responding to a specific expert.

    Please reach out to me, your community manager, with questions or for help at communitymanager@imperva.com.

    If you are unable to make it during the time of the event, post your question to this thread and we will be sure it receives an expert response next Thursday! Make sure to check back here following the session to see all of the amazing questions asked by your peers and the responses from our experts.
    ​​​​
    #AdvancedBotProtection
    #APISecurity
    #AttackAnalytics
    #CloudWAF(formerlyIncapsula)
    #All Imperva

    ------------------------------
    Christopher Detzel
    Community Manager
    Imperva
    ------------------------------


  • 2.  RE: Application Security Ask Me Anything Session

    Imperva Employee
    Posted 10-26-2020 08:40
    @Christopher Detzel

    I have a question from several Imperva customers:

    We want to export a list of events from Cloud WAF for internal review but we don't have a SIEM - is there any other method or exporting for example to Excel? If not, could this be considered? This will help me relay the value of your technology to my leadership team.​​ 

    ------------------------------
    Michael Franklin
    ------------------------------



  • 3.  RE: Application Security Ask Me Anything Session

    Imperva Employee
    Posted 10-30-2020 07:59
    @Michael Franklin, Good question. 

    The team is actually working on a much better reporting tool which is expected to come in Q1 2020. At this point, we understand that the need is to report to different teams coordinate and communicate. 

    We do a good job by using the portal. But when it comes to have data outside. There are some formats available today. I do want to stress the SIEM is the best solution because you can create logs from other sources and can make a more meaningful insights from it.

    However, from the portal itself. You can definitely do what it comes with the attack analytics and it does give you information. They have beautiful insights, which is much helpful in fine tuning advanced configuration which is much intelligence. How do you match your, your configuration that is where the answers come for insights. 

    Second thing you can take an attack index and create a PDF outcome. Now we understand and I want to be more open, there is a need for scheduling certain reports. There are a weekly reports for account that comes from the system. They have very good insights, but they are weekly and not on demand. The UI reporting that we are talking about is coming in Q1. 

    You can use the API to get data there is incaps CLI AND SOME GitHub tools available. These are very helpful to get data outside the portal. This is very helpful when you want to report ad hoc see original talking ad hoc. You can do it anytime you want. So just use an API and use the AP automation.


    Also, you can create your own reporting using using API. So if you have any tool that takes API and get ingest the data to report,  it's it's there for you. So  the option with API are limitless.



    ------------------------------
    Abhishek Gupta
    Customer Success team
    Imperva
    ------------------------------



  • 4.  RE: Application Security Ask Me Anything Session

    Imperva Employee
    Posted 10-30-2020 08:18
    @Michael Franklin

    As soon as we can get the data outside the system, the better because that just opens up a world of opportunity. Sending the data to S3 through the SIEM integration. We love that because effectively. It just makes everything very open and you can use any other query engine that you want to be able to query it. 

    One thing that we are seeing a much more commonly use people dumping the data into S3 and then using tools like AWS Athena, to be able to actually go and query the data directly. This means you don't actually have to send it to a SIEM. But at the same time, I will also say there's pretty much no reason not to have a SIEM at this point, considering you can go and stand up an instance of elastic search for free.

    Very inexpensively, or even just pay some for something like elastic cloud or there is plenty of other services that have very low cost entry types of services and frankly the value that we see from having it integrating all of the other solutions. It's worth the time to be able to do it. 



    ------------------------------
    Peter Klimek
    Principal Architect
    Imperva
    ------------------------------



  • 5.  RE: Application Security Ask Me Anything Session

    Imperva Employee
    Posted 10-27-2020 06:42
    @Christopher Detzel

    I have some customers asking about DDoS mitigation and Cloud WAF: 

    In Cloud WAF, there is DDoS mitigation out of the box but can you explain the Advanced DDoS setting and how to manage the threshold request per second threshold effectively to achieve the best results?

    ------------------------------
    Patrick McCrudden
    Customer Success Manager
    Imperva
    ------------------------------


  • 6.  RE: Application Security Ask Me Anything Session

    Community Manager
    Posted 10-27-2020 08:23
    One question I have seen some from WAF Gateway customers is below: 

    What are some best practices for deploying WAF Gateway in AWS?

    ------------------------------
    Christopher Detzel
    Community Manager
    Imperva
    ------------------------------



  • 7.  RE: Application Security Ask Me Anything Session

    Community Manager
    Posted 10-28-2020 07:23
    Another question I think should be ask, just because it is an interesting question is below: 

    What enhancements do we expect to see in the platform in the near future?

    ------------------------------
    Christopher Detzel
    Community Manager
    Imperva
    ------------------------------


  • 8.  RE: Application Security Ask Me Anything Session

    Posted 10-29-2020 10:03
    Will there be any developments in this type of WebSocket policy in the future?

    Does the 14 version of WAF have any major functions planned to be launched?

    ------------------------------
    CJ Kuo
    Ciphertech
    Taipei
    ------------------------------