Imperva Blog|Login|中文Deutsch日本語

Vulnerability Assessment

Imperva has partnered with leading vulnerability assessment vendors to instantly patch Web application vulnerabilities. By integrating with vulnerability assessment scanners, the Imperva SecureSphere Web Application Firewall can reduce the window of exposure and the disruption of emergency fix and test cycles. Organizations can use the integrated solutions to monitor application abuse, stop application attacks, and address PCI DSS requirement 6.6.

The SecureSphere Web Application Firewall integrates with the following vulnerability assessment services or products. Organizations that use assessment solutions from PartnerSphere Technology Alliance vendors can trust that their solutions have been tested with SecureSphere to virtually patch application vulnerabilities.


WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. Built on a SaaS (Software-as-a-Service) or Cloud-based technology platform, the WhiteHat Sentinel family all combine advanced proprietary scanning technology with expert website security analysis, to enable customers to identify, prioritize, manage and remediate vulnerabilities as they occur. Unique to WhiteHat Security, every vulnerability discovered by any WhiteHat Sentinel Service is verified and prioritized, virtually eliminating false positives and radically simplifying remediation.

Imperva SecureSphere Web Application Firewall (WAF) pulls vulnerability scan results from WhiteHat Sentinel for rapid remediation and blocking of web attacks. This integration provides a complete and automated way for organizations to simplify the management of the Web application security lifecycle.

For more details, listen to The Web Attack Defense Playbook: An End-User Case Study for SuccessFactors' perspective on the benefits on this integrated solution or read our Solution Brief.

For more information, please visit:

Learn More: Solution Brief


Acunetix was founded in 2004 to combat the alarming rise in web attacks. Its flagship product, Acunetix Web Vulnerability Scanner (WVS), is the result of several years of work by a team of highly experienced security developers. Leading International companies and organisations such as NASA, the US Air Force, The Pentagon, PricewaterhouseCoopers and Sony use Acunetix WVS to protect their websites and web applications. Acunetix WVS has won numerous awards including the Web Application Security award for four times in succession. Acunetix is a privately held European company with offices in the UK, Cyprus and Malta.

For more information, please visit:
Beyond Security
Beyond Security's automated security testing technologies discover security weaknesses in corporate networks including databases, file servers and web applications. We can automate your vulnerability assessment, manage your mitigation processes and help meet all your compliance requirements at a fraction of your current manpower investment.

AVDS (Automated Vulnerability Detection System) is available as a network appliance or hosted solution and delivers layer 3-7 testing with the lowest false positive rate in the industry. AVDS reports Web application vulnerabilities to the SecureSphere Web Application Firewall for instant patching of vulnerabilities, dramatically reducing your window of exposure to attack.

For more information, please visit:
Cenzic Hailstorm protects Web applications against hacker attacks. Cenzic offers both traditional enterprise software and Software as a Service (SaaS) solutions that help customers discover Web applications, detect vulnerabilities, facilitate remediation, and manage risk.

Cenzic and Imperva have partnered to offer a joint solution that detects and virtually patches Web application vulnerabilities. The integration enables Cenzic customers to seamlessly export Cenzic Hailstorm assessment results into the Imperva SecureSphere Web Application Firewall to immediately block discovered vulnerabilities.

For more information, please visit:

Learn More: Solution Brief | Case Study
Denim Group
Denim Group is the leading secure software development firm. The company builds custom large-scale software development projects across multiple platforms, languages and applications. Denim Group offers an innovative blend of secure software development, testing and training capabilities that protect a company's biggest asset, its data. Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries.

As experts in the field of remediation, Denim Group created ThreadFix, a software vulnerability aggregation and management system that imports the results from software security testing, providing a centralized view of defects across development projects. The system correlates testing results and simplifies feeds to software issue trackers. ThreadFix auto-generates application firewall rules to block application attacks while remediation efforts occur, and empowers managers with vulnerability trending reports that demonstrate software security progress over time.

For more information, please visit:
Imperva is a HP Business Partner. HP is the world's largest IT company, providing infrastructure and business offerings for consumers as well as businesses of all sizes.

Imperva has developed solutions that support or integrate with multiple HP products. The Imperva SecureSphere database agents support the HP-UX operating system. Imperva SecureSphere can also interoperate with multiple HP software solutions for network monitoring and management, and application vulnerability remediation.

For more information, please visit:
Imperva is an Advanced Partner in the IBM PartnerWorld Program. SecureSphere from Imperva has been optimized to protect IBM DB2 infrastructure software. Imperva's involvement with PartnerWorld enables comprehensive go-to-market sales support and technical resources that are specifically tailored to the security market and specific vertical industries that are essential to Imperva's success. SecureSphere is compatible with DB2 and Informix and provides joint customers with an effective audit, monitoring and security solution.

For more information, please visit:
NT OBJECTives is an innovative provider of comprehensive application security solutions designed to help organizations discover threats, analyze risk and protect their web applications against attack. Its unique technology provides automated and accurate application vulnerability assessment regardless of site complexity along with the ability to help companies secure their web applications either by repairing application code or by custom configuring their security infrastructure to block the attacks. NTOSpider creates a custom report for each application that can be imported into SecureSphere to protect applications from being exploited by these attacks.

For more information, please visit:
Imperva is a partner of Qualys and integrates SecureSphere Web Application Firewall (WAF) with Qualys' QualysGuard® Web Application Scanning. This integration helps enterprises to deploy a comprehensive security solution where Web Application vulnerabilities discovered via QualysGuard can be immediately remediated with Imperva's WAF Virtual Patching, without the need for development intervention.

Imperva is also a Qualys PCI Connect Partner. Customers can upload Imperva's WAF configuration directly into their Qualys PCI Self Assessment Questionnaires to show proof of protection for their e-merchant web sites.

For more information, please visit:

Learn More: Solution Brief
Trend Micro
Trend Micro, a global leader in security software for 25 years, strives to make the world safe for exchanging digital information. The company's solutions for consumers, businesses and governments provide layered data security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro Web App Security is a new service that allows organizations to continuously detect vulnerabilities and protect their web applications without the cost and effort of traditional approaches.

Trend Micro Web App Security's intelligent application scanning capabilities minimize the time needed to respond to security threats with continuous scanning, expert hands-on business logic testing, and expert false positive removal, empowering organizations to focus on addressing discovered threats. The native integration with the Imperva SecureSphere Web App Firewall (WAF) enables organizations to instantly translate discovered application vulnerabilities and trigger action through built-in rule creation and export. With this powerful combination, organizations have the ability to continuously detect vulnerabilities with Trend Micro Web App Security and automatically protect sensitive applications with Imperva SecureSphere.

For more information, please visit:

Learn More: Solution Brief
Veracode secures the world's software. We help companies and governments address the acute threat posed by hackers who are targeting software vulnerabilities to gain access to critical data. Veracode provides an automated, policy-driven application risk management platform to secure web applications, mobile and third-party applications across the software supply chain. Veracode works with the world's largest corporations and their software providers, representing a variety of Global 2000 brands.

For more information, please visit:

Learn More: Solution Brief