News and Events

Market-Tested Techniques for Beating the PCI Deadline

Presented by Sharon Besser, Senior Director, Product Strategy

Join Sharon Besser, Imperva’s Senior Director, Product Strategy, for this timely and educational webinar on the PCI DSS standard. Mr. Besser will illuminate the road to successful PCI Compliance by highlighting many of the roadblocks that traditionally sidetrack organizations. He will also review some of the most dangerous application attack methods while demonstrating how a WAF can mitigate these types of costly threats.

The Most Dangerous Web 2.0 Threats…and How to Stop Them

Presented by Amichai Shulman, Chief Technology Officer

Leading companies, including Google, MySpace, Amazon, and Yahoo, have proven susceptible to Web 2.0 vulnerabilities. As Web 2.0 technologies are being incorporated into more and more sites, it becomes imperative to understand the related security threats. Join Amichai Shulman, Imperva CTO and Director of the Application Defense Center (ADC), as he demonstrates the many sophisticated attacks being exposed through the use of Web 2.0.

Top Seven Security Trends in 2008

Presented by Amichai Shulman, Chief Technology Officer

Join Amichai Shulman, Imperva CTO and Director of the Application Defense Center (ADC) as he demonstrates dangerous security threats such as Google Hacking and JavaScript Hijacking. During his presentation he will look back at 2007 security trends and predict how these trends will influence the security landscape in 2008. From Web 2.0 vulnerabilities to new, specialized attacks, this educational webinar will investigate the incidents that made headlines and impacted corporate bottom lines.

Mr. Shulman provides detailed insight into the most dangerous security risks for organizations in 2008 as well as their causes and potential mitigation techniques. He will reveal ADC research on these security trends and provide live demonstrations of attacks. He will also describe how these trends are impacting compliance regulations and discuss various ways to fortify resources against these threats.

This educational webinar will present the top security issues such as:

• Social networking site vulnerabilities
• SQL injection – CSRF attack “cocktails”
• Google hacking
• Online gaming fraud

Streamlining SOX: Why Audit Standard Five (AS5) Makes Compliance Easier

Presented by Amichai Shulman, Chief Technology Officer

With the recent introduction of Audit Standard 5 (AS5), the opportunity now exists to loosen the Sarbanes-Oxley (SOX) stranglehold and ease your company’s overall compliance headaches. Enroll for this FREE webinar and obtain additional details on AS5 and learn how you can streamline your SOX compliance.

Amichai Shulman, Chief Technology Officer, Imperva, will provide an interactive presentation detailing the world of SOX compliance before-and-after AS5 as well as the steps your organization can take to leverage this new standard to alleviate the pain that accompanies SOX compliance and data governance.

Webinar attendees will learn how to:

• Understand the key SOX changes as outlined by AS5
• Identify examples of privilege abuse and the potential threat for fraud or compromised data accuracy
• Perform a thorough assessment of sensitive data and data usage
• Assess user privileges to uncover excessive privilege distribution
• Recognize additional insider threats to sensitive data and database servers

Case Study: MarketLive Is PCI Certified Using WAF for PCI 6.6

Presented by Barak Engel, Chief Security Officer, MarketLive and Amichai Shulman, Chief Technology Officer, Imperva

Learn how MarketLive, a leader in eCommerce software solutions - took an expert approach and implementation, to achieve their Level 2 certification through an external qualified security assessor (QSA) effectively and efficiently.

Barak Engel, Chief Security Officer, MarketLive, and Amichai Shulman, Chief Technology Officer, Imperva, review how to prepare your organization for PCI compliance, and, if needed by your organization, PCI certification.

Online Identity Theft: Protecting Holiday Shoppers

Presented by Amichai Shulman, Chief Technology Officer

This holiday season, shoppers are expected to spend more money online than ever before. With increasing amounts of money being spent online, identity thieves are taking their practices to a higher level of sophistication. Many online shopping technologies in use today have been around for some time and are vulnerable to the new mechanisms organized identity thieves are employing to commit fraud.

Amichai Shulman, Imperva CTO discussed how to prepare your online presence to ensure the safety of your customers. Amichai describes the latest threats to commercial websites and how to protect against them. Amichai also presented demos and mitigation techniques for the following:

• Cross Site Scripting (XSS)
• Cross Site Request Forgery (CSRF)
• SQL InjectionTESTING....
• Unauthorized Privilege Abuse

Roadmap to PCI Compliance: Navigating the Most Challenging PCI Requirements

Presented by Amichai Shulman, Chief Technology Officer

Learn more about the three most difficult PCI compliance mandates: tracking and monitoring cardholder data, rendering stored cardholder data unreadable, and application security. You'll learn how to effectively address these PCI requirements while simultaneously mitigating security risks. Discover what you should know about the PCI Data Security Standard.

Industry expert Amichai Shulman, Imperva CTO and head of the Application Defense Center (ADC), shared his in-depth knowledge of the PCI standard and how organizations should prepare for a PCI audit. Hear first-hand the steps your organization should take to comply with the PCI standard and protect credit card information.

Behind the Scenes: Data Breach Headlines Examined

Presented by Amichai Shulman, Chief Technology Officer

This Webinar examines trends in how data breaches are costing corporations millions. We will examine several recent high profile breaches and analyze the underlying causes of the breach, including questionable business practices, vulnerabilities and attack techniques. The Webinar will also make specific recommendations on how to avoid these data breaches.

Solving Security and Compliance – Tips and Tricks for Enterprise Applications

Presented by Amichai Shulman, Chief Technology Officer

Insufficient expertise and strained resources cause most IT departments to operate with inadequate audit and security coverage, even for their most critical business applications like SAP and Oracle E-Business Suite. Don't let this happen in your organization. Learn from the experts in the Imperva Application Defense Center (ADC) how to get control of your enterprise applications – and prove it to your auditors.

This session discusses the challenges of enterprise application security and compliance and illustrates these challenges against popular business applications like SAP and Oracle E-Business Suite.

Give 'Em What They Want – Satisfy the Top 5 Database Audit Requirements

Presented by Amichai Shulman, Chief Technology Officer

Corporate auditors require that organizations maintain database audit logs of business critical applications. Learning to meet the five key requirements for passing a database audit can save you time and simplify compliance with multiple regulatory and industry mandates including PCI DSS, SOX, GLBA, and HIPAA. This Webinar provides auditor expectations for database logging, security assessments, controls and policies, monitoring, auditing, and policy enforcement and reporting. A demonstration illustrates the challenges and shows how to meet the top 5 requirements.

SQL Injection – Still the #1 Threat

Presented by Mark Kraynak, Director of Product Marketing

SQL Injection attacks have been around for a while, yet given the variety of attacks under this classification and the fact that many businesses are not adequately protected, SQL Injection attacks are still the #1 way-in for data thieves. According to a panel of experts at the recent Electronic Transaction Association (ETA) conference, 100% of data heists include a SQL Injection attempt – and over 50% of successful attacks are due to SQL Injection.

This educational Webinar provides the latest information on SQL Injection attacks. And demonstrates new, clever ways data hustlers are using your applications and your stored procedures to grab financial and customer data. Some businesses are relying on stored procedures and black lists to defend against SQL Injection attacks – Learn why these tactics provide insufficient database protection.

Database Communication Protocol Attacks

Presented by Amichai Shulman, Chief Technology Officer

Database servers are vulnerable to attack from a new vector – database communication protocols. These proprietary protocols are used to exchange data and commands between client software and database servers. Many pre-date the Internet. Vendors develop the protocols to be backwards compatible, but this compounds their vulnerability to attack.

Amichai Shulman, CTO will delve into database communication protocols and explain how these vulnerabilities continue to proliferate. He will highlight ADC research and testing and demonstrate examples of attacks. He will also present methods you can use to protect your databases and mitigate your risk from this new class of attack.

Taking the Risk Out of Web 2.0

Presented by Amichai Shulman, Chief Technology Officer

Without effective security, Rich Internet Applications (Flash, AJAX), Syndication (RSS, mash-ups), and Collaboration (social networks, Wikis, blogs) can expose your business and your customers to undue risk. In the Webinar, Amichai Shulman presents:

• Attack demonstrations
• In-depth insight into Web 2.0 technologies, and
• Specific defense strategies to secure Web 2.0 frameworks

Best Practices in DB Assessment

Presented by Amichai Shulman, Chief Technology Officer

Risk assessment of database systems is a crucial first step in data security and regulatory compliance. Watch noted expert Amichai Shulman as he shares best practices for database assessment and demonstrates practical assessment techniques and tools that enhance security and satisfy IT auditors.

Database Auditing - What the Auditors Want

Presented by Amichai Shulman, Chief Technology Officer

In today's increasingly regulated environment, corporate auditors are demanding audit logging for mission critical applications, especially SAP, Oracle Financials, and other web-based applications. While the urgency is clear, the specific requirements are often not clear. This webinar lays out the key requirements that auditors have for database auditing and discusses alternative means of meeting those requirements.

Top 10 Database Hacks and How to Stop Them

Presented by Amichai Shulman, Chief Technology Officer

Corporate databases contain the crown jewels of an organization, which means a break-in, by insiders or outsiders, can cost millions in fines, lawsuits, and customer attrition. The good news is there are 10 commonly used methods to attack databases. Defend against these, and your databases will be virtually impenetrable.

Implications of New Payment Card Industry 1.1 Standard

Presented by Amichai Shulman, Chief Technology Officer, Imperva

Evaluate the options and time/cost tradeoffs in becoming PCI 1.1 compliant. Accelerate your PCI 1.1 understanding and begin planning your options for meeting these new requirements.

Industry recognized expert and Director of the Application Defense Center research organization, Amichai Shulman shares his in-depth knowledge of the PCI standard and its new compliance rules. This webinar discusses new specifications for protecting Web-facing credit card applications from application attacks and options for securing stored cardholder data.

Anatomy of a Database Attack

Presented by Amichai Shulman, Chief Technology Officer, Imperva

SQL Injection, platform vulnerabilities, buffer overflows...How do you know whether your database is secure? This presentation will trace the steps involved in breaking into a database including gaining initial access, taking control of the database, and ultimately compromising the sensitive data.

Scaling Web and Database Security for Mission Critical Applications

Presented by Amichai Shulman, Chief Technology Officer, Imperva

Length: 50 minutes

This session examines critical topics in web and database security. Plus, find out how you can provide the virtualization of web and database security applications as a security service layer across the most critical assets of your network -- using a single Unified Threat Management (UTM) architecture.

Top 5 On-line Identity Theft Attacks and How to Stop Them

Presented by Amichai Shulman, Chief Technology Officer

When digital thieves impersonate authorized users, everyone loses. On-line identity theft by insiders and outsiders can cost millions in fraud, fines, lawsuits, and customer attrition. Unfortunately, even sophisticated solutions, such as two-factor authorization, can be fooled by digital identity theft attacks. The good news is there are 5 commonly used methods for on-line identity theft. Defend against these, and you will have greatly increased the security of your on-line web application.

Prove It! Compliance and Data Security in a Regulatory Environment

Presented by Amichai Shulman, Chief Technology Officer

In today's environment, just complying with data security requirements is no longer sufficient. IT departments must also demonstrate in a document-able fashion that they are compliant and that they have taken the necessary steps to safeguard privacy and financial information. This webinar reviews the data security requirements imposed and implied by the leading regulatory mandates such as PCI, HIPAA, and Sarbox. The talk also presents the relative advantages of different approaches to building a security architecture that provides the audit and reporting data needed to comply with regulatory requirements across a wide range of industries.

Database/Web Security and Compliance

Presented by Dan Carcone, Senior Security Engineer

Learn how your peers are meeting the challenges of protecting their sensitive and proprietary data. This Webinar includes case studies of how leading firms are securing customer, patient, and financial data. In addition, the Webinar covers their strategies for meeting internal and external compliance requirements. The presentation concludes with a live question and answer session.

Database Security - Monitoring and Protecting Databases in the Data Center

Presented by Amichai Shulman, Chief Technology Officer

This Webinar on Database Security addresses direct database breaches. The talk will include live demonstrations of sophisticated database attacks, including: SQL injection, privilege abuse, privilege elevation, buffer overflow, and audit evasion. The presentation also covers a variety of prevention techniques and discusses their relative effectiveness. The presentation concludes with a recorded question and answer session.

Data Leakage - Defending the Data Center Against Data Theft Attacks

Presented by Dan Carcone, Senior Security Engineer

This Webinar on Data Leakage addresses how to stop the theft of sensitive information from corporate data centers, such as: credit cards, social security numbers, passwords, financial transactions, and other sensitive information.

Phishing: When Attacks Get Embedded in Legitimate Websites

Presented by Amichai Shulman, Chief Technology Officer

See demonstrations of phishing attacks that direct e-mail recipients to a real page on a legitimate website. This type of phishing is particularly dangerous as many people will trust a link that leads them to the actual website.

Yankee Group - A Practical Approach to Application Security

Presented by Yankee Group analyst Jim Slaby and Internet Security Pioneer Shlomo Kramer

Yankee Group analyst Jim Slaby and Imperva CEO Shlomo Kramer discuss how IT executives can develop a practical approach to application security.