Imperva

MORE INFORMATION:

https://www.imperva.com/

Anti-DDoS

Imperva DDoS Protection for Networks - Helps organizations protect their environment from DDoS attacks at layers 3 and 4. The cloud-based Imperva solution is fully automated and provides only a 3-second SLA for attack mitigation. The product can be used to protect any online resources such as websites, DNS servers, SMTP servers, and any other IP-based applications. This service leverages Imperva's multi-terabit network bandwidth and packet processing capabilities to absorb and mitigate the largest and most sophisticated DDoS attacks.

Imperva DDoS protection for DNS - Imperva's DNS solutions protect against attacks while also providing query acceleration through caching and load reduction. Imperva can serve as a record host and authoritative DNS, providing final responses to queries while protecting against volumetric attacks. The Imperva secure DNS proxy server terminates TCP and UDP connections, acting as a buffer between the Internet and the original name server, filtering all kinds of DDoS attacks such as SYN Floods and UDP Floods. Only legitimate DNS queries are forwarded to the origin server. Layer 7 DDoS attacks are mitigated by a dedicated engine that can distinguish between legitimate DNS queries and DDoS attempts.

Imperva’s DDoS Protection for individual IPs - Similar to DDoS Protection for Networks, it helps organizations protect their environment from DDoS attacks at layers 3 and 4 for specific IP addresses. The service is suitable for organizations that do not have a Class C network or network equipment with BGP capabilities required to use the Infrastructure Protection service.

Database Security

Imperva Data Risk Analytics (DRA) - Protects data stored in corporate databases from theft and loss caused by compromised, careless, or malicious users. By dynamically learning normal user data access patterns and then identifying inappropriate or improper access actions, Data Risk Analytics proactively alerts IT teams to dangerous behaviors.

Imperva Data Security Fabric (DSF) - This is a collection of technologies that together create a Data Security solution for organizations of any size. Data Security Fabric includes, among others, classic Data Activity Monitoring (DAM) components that rely on agent-based audit data collection, as well as agentless mechanisms that utilize native auditing present in nearly all production databases. Additionally, DSF includes analytical tools and a range of other features that help implement comprehensive projects for monitoring and protecting enterprise data assets. DSF extends beyond structured data (stored in relational/structured databases) and provides the ability to extend protection to unstructured data. Imperva DSF provides proactive control and predictive analytics, enabling security analysts and management personnel to leverage monitoring capabilities, security assessment, risk modeling, and attack detection to avoid harmful data breaches or non-compliance. For example, Imperva DSF identifies behaviors that violate data usage policies, and advanced risk analysis detects indicators of malicious insider activity or compromised user accounts that may bypass data repository access controls and circumvent data encryption.

Imperva Database Activity Monitoring (DAM) / Database Firewall (DBF) - This is part of the DSF platform but can also operate as a standalone product. The solution consists of agents, agent gateways (previously known as DAM/DBF Gateway), and managing components MX/SOM. The Imperva DAM/DBF solution secures sensitive data stored in databases, providing full visibility into data usage, vulnerabilities, and access rights. It allows security, audit, and risk specialists to improve data security and meet compliance requirements.

Web Application Firewall

API Security - To adequately protect APIs, it is necessary to combine typical WAF protection with specialized API Security mechanisms. Only such an approach can guarantee full protection (comprehensive WAAP protection). The API Security product is an additional tool that complements the Cloud WAF platform. The product can analyze both endpoints that are public (via Cloud WAF) and those not visible from the Internet. The latter can be monitored through integration with API gateways or through direct monitoring of network traffic.

Account Takeover Protection - Imperva Account Takeover Protection is part of the Imperva Cloud Application Security suite. It detects and mitigates account takeover attempts, protecting web applications from volumetric and slow ATO attacks. The product focuses on protecting the authentication page of the protected application.

Advanced Bot Protection - This advanced tool is designed to counter the most motivated actors who cause significant business damage to the organization. This product is often combined with API Security to enhance protection against bots that use APIs to conduct business logic attacks such as data extraction from websites, credential stuffing, and credit card theft.

Attack Analytics - This tool helps speed up the investigation of WAF security alerts. It provides a comprehensive view of attacks and adversaries targeting resources. The Attack Analytics service aggregates and analyzes security alerts, identifying common characteristics and grouping them into meaningful security incidents.

Client-Side Protection - Similar to ATO, it is part of the Imperva Cloud Application Security suite. This functionality protects data from theft through client-side attacks such as Digital Skimming, Formjacking, Supply Chain Attacks, and Magecart. These attacks are used to compromise the security of applications, but instead of stealing from the database, data is stolen directly from clients. All attacks occur outside the company's boundaries, making it significantly more difficult for the company to detect such attacks.

Cloud WAF - This is a 100% SaaS-based solution for protecting websites (including APIs) from external threats. It is based on a network of secure reverse proxy servers deployed in a globally distributed Content Delivery Network (CDN). Internet traffic directed through the Imperva network is terminated by the proxy, allowing Imperva to inspect every request to the site and identify and block any malicious activities.

DDoS Protection for Websites and APIs - Websites using Imperva DDoS Protection are protected from all types of DDoS attacks, including network (layers 3 and 4) and application (layer 7) attacks. The secure HTTP proxy server terminates TCP connections, acting as a buffer between the Internet and the origin server, filtering all kinds of DDoS attacks such as SYN Floods and UDP Floods. Only legitimate TCP sessions are forwarded to the origin server.

Runtime Application Self Protection (RASP) - This is a lightweight plugin that protects applications from the inside using LangSec methodology. It embeds during application runtime to monitor and protect the application without requiring any additional infrastructure. RASP is completely autonomous, requires no network connections, and operates in any deployment architecture, whether on-premises, in the cloud, or in containers. It integrates security into the application development and lifecycle process, extending traditional AppSec vulnerability management approaches.

WAF Gateway (on-prem WAF) - This product allows comprehensive application protection through a local component (physical device or virtual machine). It enables a very wide range of customization options and provides full flexibility in how it integrates with the application. It is an excellent solution for larger clients with a SOC who require flexibility in configuring the solution. The product is also ideal for organizations where SaaS-based protection is unacceptable due to regulatory requirements.