Home

Application Defense Center

Application and Database Security Research

The Imperva Application Defense Center (ADC)

is a premier research organization for security analysis, vulnerability discovery, and compliance expertise. ADC research combines extensive lab work with hands-on testing in real world environments to ensure that Imperva's products have the most advanced technology, up-to-date threat protection, and unparalleled compliance automation.

Application and Database Security Research

The ADC research team is among the most talented and experienced in the world. Having discovered dozens of commercial application vulnerabilities and having issued numerous security advisories, the ADC offers exceptional insight into both published and unpublished security threats.

Translating Research into Customer Value

ADC research not only provides an indispensable service to commercial application and database vendors and to security professionals, it also delivers the foundation for many Imperva SecureSphere features and services, including attack signature updates, database vulnerability assessments, and pre-defined compliance reports.

SecureSphere is the industry's only complete business-critical data security and compliance solution that provides full visibility into data usage by the end-user, through the application and into the database. Automated feeds from the security and compliance experts at the Imperva Application Defense Center (ADC) ensure that SecureSphere is always armed with the latest defenses against new threats, and the most recent regulatory compliance best practices.

  • Threat Research
    The ADC provides round-the-clock research into the latest security vulnerabilities and works closely with application and database vendors to address unsolved issues. - ADC security advisories
  • Education
    Want to learn more about today's leading security threats? Check out authoritative, in depth security information from the ADC.

    White papers
    Webinars
    ADC Blog
    Glossary
  • Product Expertise
    ADC research enriches Imperva SecureSphere products.

    ADC Insights
    Scuba by Imperva
Term of the Month
HTTP Verb Tampering

HTTP Verb Tampering is an attack that exploits vulnerabilities in HTTP verb (also known as HTTP method) authentication and access control mechanisms. Many authentication mechanisms only limit access to the most common HTTP methods, thus allowing unauthorized access to restricted resources using other HTTP methods. For example, many Web applications enforce GET and POST access controls, but ignore other HTTP methods such as HEAD. HTTP Verb Tampering enables malicious users to bypass security controls to access or manipulate restricted resources.

View complete definition