Web Application Firewall

Complete Attack Prevention

The SecureSphere Web Application Firewall delivers unmatched protection by leveraging multiple security defenses. These defenses include Dynamic Profiling, HTTP protocol validation, platform attack security, and Correlated Attack Validation.

Eliminates Manual Configuration and Tuning

SecureSphere incorporates Imperva's unique Dynamic Profiling technology, which automatically learns the structure, elements, and expected usage patterns of protected Web applications, while detecting and incorporating valid application changes into the application profile over time. By comparing Web requests to the profile, SecureSphere detects unacceptable behavior and prevents malicious activity with pinpoint precision.

Dynamic Profiling automatically builds an accurate profile with no need for manual configuration or tuning. SecureSphere Web Application Firewall uses this technology to eliminate the need and substantial costs associated with manually creating and updating a typically enormous white list that can contain thousands of URLs, form fields, parameters and cookies.

Defenses That Are Always Up To Date

The Imperva Application Defense Center (ADC), staffed by Imperva's team of application security and compliance experts, and is recognized globally for its data and application security research. The ADC continuously investigates new database and application vulnerabilities reported worldwide, analyzes exploit traffic from a wide range of live Web sites, and conducts primary vulnerability research to identify the latest threats. This research drives continuous updates to SecureSphere's defenses, including signature updates, protocol validation policies, and correlation rules.

SecureSphere customers can choose to add ADC Insight Services for an added layer of protection, gaining access to Imperva's in-depth business applications expertise, pre-built data security compliance reports, and best practices from compliance and security experts.

Stops Protocol Exploits

SecureSphere's built-in HTTP protocol validation prevents protocol exploits including buffer overflow, malicious encoding, HTTP smuggling, and illegal server operations. Flexible policies enable strict adherence to RFC standards while allowing minor variations for specific applications.

Comprehensive Platform and Network Protection

SecureSphere delivers comprehensive protection against known attacks targeting Web server, middleware and platform vulnerabilities, sourcing more than 4,000 signatures from Bugtraq, CVE®, Snort®, the Imperva ADC, and others. SecureSphere also defends against new, zero-day Web worm attacks by detecting and identifying their unique combination of attributes.

SecureSphere's integrated stateful network firewall provides protection from both external and internal unauthorized users, protocols, and network attacks, while meeting best practice security mandates by preventing non-essential protocols from reaching sensitive Web applications.

Defends Web Services

Leveraging Imperva's Dynamic Profiling technology, SecureSphere also profiles legitimate Web Services behavior including XML files, elements, attributes, schema, variables, and SOAP actions, identifying and blocking any attempt to tamper with normal Web services behavior.

Unmatched Accuracy

Imperva's unique Correlated Attack Validation technology accurately identifies even the most complex attacks by correlating violations across security layers, and over time.

By employing multiple sophisticated technologies, SecureSphere Web Application Firewall is able to prevent even the most complex web application attacks .