Original Message:
Sent: 03-11-2024 04:43
From: Duc Dinh Minh
Subject: Export Blacklist and block list on Imperva
Hi Cezmi,
Could we filter IP Address only?
FW can import blocked IP in URL automatically. If we are in attacks, FW can import Imperva blocked IP to it automatially and protect from the edge.
Example
https://x.x.x.x/api/imperva/blockedip
Reponse:
123.2.2.1
123.4.5.1
123.5.2.1
------------------------------
Duc Dinh Minh
Security Engineer I
M.Tech Holdings Pte Ltd
ho chi minh
Original Message:
Sent: 02-21-2024 07:28
From: Cezmi Cal
Subject: Export Blacklist and block list on Imperva
Hi Duc,
You can get the content of the Threat Radar Lookup Data list by API call. I attached a sample screenshot below. The API request is "https://mxserver:8083/SecureSphere/api/v1/conf/dataSets/ThreatRadar - TOR IPs/data?from=1&to=3". Reference guide is located here https://docs.imperva.com/bundle/v14.7-waf-api-reference-guide/page/61646.htm.
Additionally, if you want to get the list of IP address quarantined by Imperva, you can use the link below.
https://docs.imperva.com/bundle/v14.7-waf-api-reference-guide/page/75968.htm
------------------------------
Cezmi Cal
technical support engineer
Barikat Internet Guvenligi Bilisim Ticaret A.S.
Ankara
Original Message:
Sent: 02-21-2024 04:50
From: Duc Dinh Minh
Subject: Export Blacklist and block list on Imperva
Dear Team,
Can we export blacklist IP, blocked IP from Imperva? we want to export it from IMP and upload it to firewall to block attacks automatically.
It will be good if we can export IPs detected by Threat Radar (Bot, Tor, proxy ...) from Imperva gw and upload to firewall.
I checked API document, we can get blocked source IP from time blocking only.
https://docs.imperva.com/bundle/v14.7-waf-api-reference-guide/page/75968.htm
Share with me if you have reference or document related it.
Thank you.
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Duc Dinh Minh
Security Engineer I
M.Tech Holdings Pte Ltd
ho chi minh
------------------------------