Imperva Cyber Community

communities_1.jpg
 View Only
Expand all | Collapse all

Ask Me Anything - 2020 Tournament of Champions

  • 1.  Ask Me Anything - 2020 Tournament of Champions

    Posted 11-10-2020 15:26
    On December 3rd, 11:30 a.m. CT, we will be hosting a Ask Me Anything - 2020 Tournament of Champions. 

    In a fitting grand finale to what has been a most challenging year, we are presenting Imperva's "Oracles of Delphi", CTO @Kunal Anand and SVP of Data Security @Ron Bennatan, to deliver perspectives and advice to the Community on all things cybersecurity.  From market concerns and observations to deep-dive technical questions and informed predictions about what 2021 has to offer, Kunal and Ron will field any and all questions to help you get a jump on next year. 

    To maintain the "spirit of giving" theme, the Imperva community will raffle off three W&P "Cook from Home" kits. Submit your questions to our superstar panel in advance of the live webinar and you are automatically eligible to win. We dare you to try and stump the executives! 


    I hope you've got questions, because we've got answers...from two of cybersecurity's hardest hitters. I look forward to seeing you there.

    Here is how it works: 
    1.   Reply to this post with your questions and your name will be submitted to the drawing. 
    2.   Attend the webinar to hear the answers to the questions. RSVP here.  

    ​​

    #CloudWAF(formerlyIncapsula)
    #DatabaseActivityMonitoring
    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Christopher Detzel
    Community Manager
    Imperva
    ------------------------------


  • 2.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-11-2020 08:18
    With the never seemingly ending leaky S3 buckets of data leaks, do we ever see an end to this and if Amazon themselves are doing enough to alert users & companies to this rather than relying on 3rd party tooling and audits to find them?

    ------------------------------
    Simon Gunton
    Technical Lead - Business Operations
    Rentalcars.com
    ------------------------------



  • 3.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-19-2020 17:40
    Popular 3rd party tools are always having security issues and a large amount of hacker traffic looking for weaknesses on their network. Also with COVID, you can start expecting a shortage of EXPERIENCED software engineers to be able to deep dive trouble shoot.

    ------------------------------
    Owen Rubel
    WA
    ------------------------------



  • 4.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-13-2020 08:42
    Hi

    My question is more related to this:


    Is there something to replace these products from Imperva? We have customer with FAM and FFW.


    Best regards


    ------------------------------
    Freddy Brito
    Daitek S.A.
    CABA AGU
    ------------------------------



  • 5.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-14-2020 01:57
    Imperva WAF bridge/sniffing mode can intercept and get the required traffic like other Reverse or Routing mode?

    ------------------------------
    Tulga Bat
    Ulaanbaatar
    ------------------------------



  • 6.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-19-2020 14:56
    What is Cloud Jacking and what are the best prevention techniques to deal with it?

    Thanks!

    Mark

    ------------------------------
    Mark Kreyenhagen
    Western and Southern Financial Group
    Cincinnati OH
    ------------------------------



  • 7.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-19-2020 16:15
    Edited by Owen Rubel 11-19-2020 17:54
    PREAMBLE: To quote wikipedia : 'Synchronization is the coordination of events to operate a system in unison. For example, the conductor of an orchestra keeps the orchestra synchronized or in time. Systems that operate with all parts in synchrony are said to be synchronous or in sync-and those that are not are asynchronous.'

    An example of this action is a 'master' database synchronizes its state with 'slave' databases using replication through a 'heartbeat'; it duplicates changes over to the slave databases so they are constantly in sync with the master database.

    API's are a distributed architecture wherein the 'central version of truth' for all endpoints resides where the request/response meet ... at the API Application (on the API Server); The OpenApi spec lead earlier this year was caught trying to say OpenApi is the 'central version of truth' (see img) when OpenApi docs are generated FROM the API application (see OpenApi Generator)
    State documents like OpenAPI, RAML, API Blueprint are STATIC DUPLICATIONS OF STATE found in the API Application. As per this statement from the lead on the OPENAPI Spec:



    Thus it is POSSIBLE that they might 'sync' but not necessarily true... for multiple reasons:

    - these documents can be changed/edited by hand and often are and are encouraged to be; this can cause conflict
    - they are pushed from the gateway TOWARD the  Api Server thus forcing an edited version of state upon the CENTRAL VERSION OF TRUTH; this can cause conflict.
    - manual edits are rife for error; again, this can cause conflict.

    So my question is the following: How does one synchronize state in a distributed API architecture and maintain a secure environment (ie checking for request data per ROLE per endpoint and response data per ROLE per endpoint - see API3:2019 — Excessive data exposure)? Also, how would we sync on the fly without taking server/gateway/MQ offline?


    ------------------------------
    Owen Rubel
    WA
    ------------------------------



  • 8.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-19-2020 21:53
    How to identify and monitor any data breach or API security attack on Apple products such as iPhone, MacBook, iPad and so on...?
    How many % attack do you expect to arise in 2021 on these devices?

    ------------------------------
    Malvika Shah
    NY
    ------------------------------



  • 9.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 11-20-2020 03:02
    If we are using Flex Protect Data on premise and we have set up a lot of policies, rules reports. Can we still use the same policies, rules and reports if we move our Database to the cloud?

    ------------------------------
    Tchavdar Nikolov
    ACT Sofia
    Sofia
    ------------------------------



  • 10.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 12-02-2020 12:30
    ​With the continuation of turning almost any device into an IOT device, in what ways should companies and security minded individuals work to ensure that their data is protected from the multitude of potential entry points for attack located in many of these items?



    ------------------------------
    Nicholas Boucher
    Boeing Company
    Albuquerque NM
    ------------------------------



  • 11.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 12-02-2020 14:05
    Why can't you find a non-cloud based geo-fencing solution for mobile devices (iPhone, iPad, etc.)?  Everything seems cloud based which don't work when the network connection is turned off (i.e. airplane mode).

    ------------------------------
    Jeff Bunce
    TSMC
    Campbell CA
    ------------------------------



  • 12.  RE: Ask Me Anything - 2020 Tournament of Champions

     
    Posted 12-03-2020 05:26
    In this product line of DAM, there are on-premise, cloud-data-security, and virtual devices that can be opened on AWS.
    The recent issues even mentioned jSonar how to integrate these products, or distinguish the differences to help customers make the best plan.

    ------------------------------
    CJ Kuo
    Ciphertech
    Taipei
    ------------------------------



  • 13.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 12-03-2020 07:29
    How can I create a report having number of hits per day for all polices? How can I sort on x-axis graph?

    ------------------------------
    Rok Ponikvar
    ------------------------------



  • 14.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 12-03-2020 10:33
    We use a SOM to Manage our MX's.  I go from the SOM and drill down into the MX's. When I create reports it lists it as SOM user instead of my user name.   If I log into the MX directly it displays my name on a created report just fine.  Is there a way when I drill down from the SOM to an MX to have this display my user name instead of SOM user on reports?

    ------------------------------
    Matthew Hogan
    Verisk
    ------------------------------



  • 15.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 12-03-2020 12:48
    We currently use a SOM to apply the same policies and global objects to multiple MXs.  The roadmap for DAM is increasing the capacity of the MX and eliminating the SOM.  We may not be able to use the increased capacity as MXs may need to be regionally located.  Can policies and global objects be exported from one MX and imported into another?


  • 16.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 12-03-2020 12:48

    Why do are aws services setup as separate networks? why cant they be used as a service in YOUR OWN VPC?



    ------------------------------
    Owen Rubel
    WA
    ------------------------------



  • 17.  RE: Ask Me Anything - 2020 Tournament of Champions

    Posted 12-03-2020 12:51
    what features and capabilities does cloud provide that bare metal would not? (per your statement on video) :)

    ------------------------------
    Owen Rubel
    WA
    ------------------------------