This is a 100% SaaS-based solution for protecting websites (including APIs) from external threats. It is based on a network of secure reverse proxy servers deployed in a globally distributed Content Delivery Network (CDN). Internet traffic directed through the Imperva network is terminated by the proxy, allowing Imperva to inspect every request to the site and identify and block any malicious activities.
To adequately protect APIs, it is necessary to combine typical WAF protection with specialized API Security mechanisms. Only such an approach can guarantee full protection (comprehensive WAAP protection). The API Security product is an additional tool that complements the Cloud WAF platform. The product can analyze both endpoints that are public (via Cloud WAF) and those not visible from the Internet. The latter can be monitored through integration with API gateways or through direct monitoring of network traffic.
Websites using Imperva DDoS Protection are protected from all types of DDoS attacks, including network (layers 3 and 4) and application (layer 7) attacks. The secure HTTP proxy server terminates TCP connections, acting as a buffer between the Internet and the origin server, filtering all kinds of DDoS attacks such as SYN Floods and UDP Floods. Only legitimate TCP sessions are forwarded to the origin server.
This product allows comprehensive application protection through a local component (physical device or virtual machine). It enables a very wide range of customization options and provides full flexibility in how it integrates with the application. It is an excellent solution for larger clients with a SOC who require flexibility in configuring the solution. The product is also ideal for organizations where SaaS-based protection is unacceptable due to regulatory requirements.
This advanced tool is designed to counter the most motivated actors who cause significant business damage to the organization. This product is often combined with API Security to enhance protection against bots that use APIs to conduct business logic attacks such as data extraction from websites, credential stuffing, and credit card theft.
This tool helps speed up the investigation of WAF security alerts. It provides a comprehensive view of attacks and adversaries targeting resources. The Attack Analytics service aggregates and analyzes security alerts, identifying common characteristics and grouping them into meaningful security incidents.
Imperva Account Takeover Protection is part of the Imperva Cloud Application Security suite. It detects and mitigates account takeover attempts, protecting web applications from volumetric and slow ATO attacks. The product focuses on protecting the authentication page of the protected application.
Similar to ATO, it is part of the Imperva Cloud Application Security suite. This functionality protects data from theft through client-side attacks such as Digital Skimming, Formjacking, Supply Chain Attacks, and Magecart. These attacks are used to compromise the security of applications, but instead of stealing from the database, data is stolen directly from clients. All attacks occur outside the company's boundaries, making it significantly more difficult for the company to detect such attacks.
This is a lightweight plugin that protects applications from the inside using LangSec methodology. It embeds during application runtime to monitor and protect the application without requiring any additional infrastructure. RASP is completely autonomous, requires no network connections, and operates in any deployment architecture, whether on-premises, in the cloud, or in containers. It integrates security into the application development and lifecycle process, extending traditional AppSec vulnerability management approaches.
