Protect Critical Web Applications and Data

The SecureSphere Web Application Firewall (WAF) protects applications from current and future security threats by combining multiple security engines into a cohesive Web defense. Certified by ICSA Labs, SecureSphere provides ironclad protection against the OWASP Top Ten, including SQL Injection, XSS and CSRF, and it addresses PCI 6.6.

The SecureSphere WAF offers organizations drop-in deployment, automated, adaptable security, and low operational overhead, providing your business with a practical and highly secure solution that ensures your Web applications and data are safe. As the market leading Web Application Firewall, more organizations rely on Imperva to monitor and protect their critical Web applications than any other vendor.

Automated Learning of Applications and User Behavior

A Web application firewall must understand application structure, elements and expected user behavior in order to accurately detect attacks. Imperva's patented Dynamic Profiling technology automates this process by profiling all application elements and building a baseline or “white list” of acceptable user behavior. It also automatically incorporates valid application changes into the application profile over time. Dynamic Profiling eliminates the need to manually configure—and update—application URLs, parameters, cookies, and methods.

Research-Driven Security Policies

Powered by the Imperva Application Defense Center (ADC), an international security research organization, SecureSphere offers the most complete set of application signatures and policies available. The ADC investigates vulnerabilities reported by Bugtraq, CVE®, Snort®, and underground forums and performs primary research to deliver the most up-to-date and comprehensive Web attack protection available.

Ironclad Defense Against Malicious Users

ThreatRadar Reputation Services, an industry-first reputation-based Web security service, identifies and stops known attack sources. ThreatRadar Reputation Services mitigates automated, large-scale attacks by integrating credible information about attacking IP addresses, bots, and anonymizing services into SecureSphere WAF defenses. Threat Radar Reputation Services delivers the following security feeds in near real-time:

• Malicious IP addresses that recently attacked other Websites
• Anonymous proxy addresses
• Tor networks
• Phishing URLs
• IP geolocation data

ThreatRadar Community Defense, an industry-leading innovation for ThreatRadar Reputation Services, delivers crowd-sourced threat intelligence to SecureSphere Web Application Firewalls. Community Defense gathers attack data from SecureSphere deployments around the world and validates and distributes this data in near-real time to protect the entire community against emerging threats.

Bot and Automated Attack Protection

The SecureSphere Web Application Firewall combines multiple defenses together to stop the automated attacks like site-scraping, application DDoS, comment spam, and automated SQL injection attacks. Automated attack defenses include:

• ThreatRadar Reputation Services which identifies and stops known attack sources
• Anti-automation technology which detects automated clients, bots, and scripts based on Web browser capabilities
• Site scraping, application DDoS, and Google hacking security policies which are specifically designed to stop automated attacks based on rate limiting and known attack attributes.

In addition to automated attack protection provided by SecureSphere, Imperva offers the Imperva Incapsula Service which mitigates DDoS attacks that exceed Internet bandwidth limits.

Web Fraud Prevention

Web-based fraud costs organizations with an online presence hundreds of millions of dollars each year, damages reputation and reduces customer loyalty. ThreatRadar Fraud Prevention enables organizations to rapidly provision fraud detection solutions without needing to update Web applications. By integrating with leading fraud security vendors, SecureSphere can identify and stop fraudulent transactions. With ThreatRadar Fraud Prevention, organizations can also centrally manage WAF and fraud policies together.

Virtual Patching Through Vulnerability Scanner Integration

For immediate patching of application vulnerabilities, SecureSphere can import assessment results from WhiteHat, IBM, Cenzic, HP, NT OBJECTives, Qualys, and others and create custom policies to block known vulnerabilities. Virtual patching reduces the window of exposure and the cost of emergency fix and test cycles.

Platform and XML Attack Protection

SecureSphere protects Web applications and underlying infrastructure by detecting application, Web services, server, and network attacks. With over 8,000 signatures that are continuously updated by the Imperva ADC, SecureSphere fortifies all application layers against online threats. HTTP protocol validation prevents protocol exploits and evasion techniques. Flexible, rapidly-updated defenses allow SecureSphere to protect Web 2.0 applications and XML without requiring any application changes.

Granular Correlation Policies Reduce False Positives

SecureSphere distinguishes attacks from unusual, but legitimate, behavior, by correlating Web requests across security layers and over time. This Correlated Attack Validation technology examines multiple attributes such as HTTP protocol conformance, profile violations, signatures, special characters, and user reputation, to accurately alert on or block attacks with the lowest rate of false positives in the industry.

Customizable Reports for Compliance and Forensics

SecureSphere's rich graphical reporting capabilities enable customers to easily understand security status and meet regulatory compliance requirements. SecureSphere provides both pre-defined and fully-customizable reports. Reports can be viewed on demand or emailed on a daily, weekly or monthly basis. A real-time dashboard provides a high level view of system status and security events.

Alerts are easily searched, sorted, and directly linked to corresponding security rules. SecureSphere's monitoring and reporting framework provides instant visibility into security, compliance, and content delivery concerns.

Zero Impact Deployment and Ultra High Performance

SecureSphere provides the most flexible deployment options of any Web Application Firewall in the industry, including a unique drop-in deployment that requires no changes to existing applications or network. SecureSphere delivers multi-Gigabit throughput and tens of thousands of transactions per second while maintaining sub-millisecond latency.

The Trusted Choice for Web Security

As the market-leading Web application firewall provider, more organizations rely on Imperva to monitor and protect their critical Web applications than any other vendor. Imperva SecureSphere provides your business with a practical and highly secure solution to ensure that your Web applications and data are safe.

Web Application Firewall Specifications