Imperva Application Security

We provide multi-layered protection to make applications and websites always available, always user-friendly, and always secure.

Attack Analytics

Attack Analytics

Mitigate and respond to real security threats quickly and decisively with actionable intelligence across all your layers of defense.

  • Automatically correlate and extract meaningful narratives from thousands of security events, using machine learning
  • Reduce risk by combating alert fatigue
  • See attacks from the edge to the heart of the network, incorporating behavioral attack data from every customer we protect

web application firewall@2x

Web Application Firewall (WAF)

Cloud WAF and WAF Gateway allow legitimate traffic through and keep bad traffic out. Whether your applications and APIs are hosted in the cloud or on-premises – protect them at the edge with an enterprise-class WAF.

  • Out-of-the-box option deploy in blocking mode with little to no tuning and near-zero false positives
  • Automatic OWASP threat protection backed by a team of security experts
  • Highly configurable to allow tight security for your specific applications
  • Machine learning dynamically profiles application structure and usage, blocking anomalies and illegal traffic

DDoS Protection

DDoS Protection

Maintain uptime no matter what. Prevent any type of DDoS attack – of any size – from blocking access to your website & network infrastructure.

  • Best-in-the-industry 3-second mitigation SLA
  • Automatic detection and mitigation
  • Available in always-on or on-demand mode
  • 44 global scrubbing centers, 6+ Tbps of scrubbing capacity at 65 billion Packets-Per-Second (PPS)

Runtime Application Self-Protection

Runtime Application Self-Protection

Secure your applications with a single plugin that protects both legacy and modern applications against previously-known and zero-day attacks.

  • Push code into production fast with security embedded
  • Autonomous protection blocks real-time attacks without added latency
  • Works in any type of deployment architecture including on-premises, in the cloud, and in containers

api security

API Security

Enable your DevOps and Security teams the flexibility to quickly publish their APIs with the added visibility required to secure all your endpoints.

  • Automatic positive security model generation with each OpenAPI Specification file
  • Simplified management of protection for both websites and APIs
  • Seamless integration with leading API Management vendors

bot management

Advanced Bot Protection

Protect your websites, mobile applications, and APIs from automated threats without affecting the flow of business-critical traffic.

  • Accurately detect and stop web scraping, online fraud attempts, account takeover, credential stuffing, vulnerability scanning, and more
  • Detects and blocks the most sophisticated bots
  • Real-time bad bot behavior across our network correlates with the largest known violators database
  • Pinpoint anomalies with biometric data validation and rate limits based on device fingerprints
  • Vigilant service from the most experienced bot experts in the world

CDN

Application Delivery

Improve website performance and reduce bandwidth costs with a developer-friendly CDN. Cache static resources at the edge while accelerating dynamic websites and APIs.

  • Fast onboarding with a simple DNS change
  • Offload origin bandwidth via automatic content profiling
  • Layer 7 cloud load balancing with redirect and rewrite rules

Imperva Application Security

We provide multi-layered protection to make applications and websites always available, always user-friendly, and always secure.

Data Risk Analytics

Data Risk Analytics

Discover risky data activity and prevent a data breach before any damage happens. Investigate more data threats faster. Reduce risk with a proactive security approach and actionable insights.

  • Distills billions of audit events into a manageable number of security insights
  • Provides granular risk context into how data is being used by whom with machine learning and behavior analytics
  • Explains incidents in plain language to accelerate investigation and reduce risk

cloud security

Cloud Data Security

A DBaaS security and compliance monitoring SaaS platform that keeps data secure and audit-ready, Imperva Cloud Data Security is cloud-native, giving you non-intrusive AWS RDS visibility without impeding DevOps pipelines.

  • Out-of-the-box security and compliance
  • Automated discovery, classification, detection, reporting, and security insights
  • Non-blocking, onboards in minutes

Data Monitoring and Protection

Data Monitoring and Protection

No one accesses your data without you knowing about it. Audit all data activity, including local privileged users and applications. Get immediate detection and split-second response to threats.

  • Stops threats in real-time with pre-built or custom security policies that block unauthorized activity
  • Automatically captures detailed audit trail showing who accessed what data, when and what was done to the data for compliance and forensics
  • Enables consistent oversight across a wide range of environments – databases, big data, clouds, mainframes and more

Data Discovery and Classification

Discovery and Classification

Know what sensitive data you have, and where it lives. Reduce risks to security and compliance by discovering new, forgotten, or rogue databases. Identify data stores in scope for compliance.

  • Automates discovery of databases on-premises or in the cloud
  • Identifies sensitive, regulated data for compliance mandates (e.g. PCI, HIPAA, GDPR)
  • Examines database content and metadata for pre-defined and custom data types

Database Vulnerability Assessments

Database Vulnerability Assessments

Find security gaps that attackers can exploit. Scan databases for vulnerabilities and misconfigurations. Get recommendations on remedial actions.

  • Identifies vulnerabilities and misconfigurations for databases on-premises or in the cloud
  • Leverages over 1,500 pre-defined assessments, based on CIS and DISA STIG benchmarks

Data Masking

Data Masking

De-identify sensitive data in non-production environments. Safely unlock the power of your data. Mitigate data breach risks. Comply with data privacy and protection regulations.

  • Replaces sensitive data with fictional, but realistic values using multiple transformation techniques
  • Maintains data utility with referential integrity and statistical accuracy
  • Delivers enterprise-class scalability and performance by masking large volumes of data quickly and easily
  • Supports a broad range of data stores

File Security

File Security

Stop ransomware in its tracks. Protect sensitive files from cybercriminals and malicious insiders.

  • Uses policy-based monitoring and deception technology
  • Detects ransomware-infected users and blocks them from connecting to file shares in real-time
  • Pinpoints risky file access activity by leveraging data risk analytics
  • Blocks or quarantines risky users