Protect Critical Web Applications and Data

The SecureSphere Web Application Firewall (WAF) protects applications from current and future security threats by combining multiple security engines into a cohesive Web defense. Certified by ICSA Labs, SecureSphere provides ironclad protection against the OWASP Top Ten, including SQL Injection, XSS and CSRF, and it addresses PCI 6.6.

The SecureSphere WAF offers organizations drop-in deployment, automated, adaptable security, and low operational overhead, providing your business with a practical and highly secure solution that ensures your Web applications and data are safe. As the market leading Web Application Firewall, more organizations rely on Imperva to monitor and protect their critical Web applications than any other vendor.

Automated Learning of Applications and User Behavior

A Web application firewall must understand application structure, elements and expected user behavior in order to accurately detect attacks. Imperva's patent-pending Dynamic Profiling technology automates this process by profiling all application elements and building a baseline or “white list” of acceptable user behavior. It also automatically incorporates valid application changes into the application profile over time. Dynamic Profiling eliminates the need to manually configure—and update—application URLs, parameters, cookies, and methods.

Research-Driven Security Policies

Powered by the Imperva Application Defense Center (ADC), an international security research organization, SecureSphere offers the most complete set of application signatures and policies available. The ADC investigates vulnerabilities reported by Bugtraq, CVE®, Snort®, and underground forums and performs primary research to deliver the most up-to-date and comprehensive Web attack protection available.

Adaptable Protection from Large Scale, Automated Attacks

ThreatRadar, an industry-first reputation-based Web security service, is an optional add-on to SecureSphere WAF. ThreatRadar mitigates automated, large-scale attacks by integrating credible information on known attack sources into SecureSphere defenses. ThreatRadar can quickly and accurately block traffic from malicious sources before an attack is attempted.

Virtual Patching Through Vulnerability Scanner Integration

For immediate patching of application vulnerabilities, SecureSphere can import assessment results from WhiteHat, IBM, Cenzic, NT OBJECTives, Qualys, and others and create custom policies to block known vulnerabilities. Virtual patching reduces the window of exposure and the cost of emergency fix and test cycles.

Network and Platform Attack Protection

SecureSphere protects Web applications and underlying infrastructure by detecting application, Web services, server, and network attacks. With over 6,500 signatures that are continuously updated by the Imperva ADC, SecureSphere fortifies all application layers against online threats. HTTP protocol validation prevents protocol exploits and evasion techniques. Flexible, rapidly-updated defenses allow SecureSphere to protect Web 2.0 applications and XML without requiring any application changes.

Granular Correlation Policies Reduce False Positives

SecureSphere distinguishes attacks from unusual, but legitimate, behavior, by correlating Web requests across security layers and over time. This Correlated Attack Validation examines multiple attributes such as HTTP protocol conformance, profile violations, signatures, special characters, and user reputation, to accurately alert on or block attacks with the lowest rate of false positives in the industry.

Customizable Reports for Compliance and Forensics

SecureSphere's rich graphical reporting capabilities enable customers to easily understand security status and meet regulatory compliance requirements. SecureSphere provides both pre-defined and fully-customizable reports. Reports can be viewed on demand or emailed on a daily, weekly or monthly basis. A real-time dashboard provides a high level view of system status and security events.

Alerts are easily searched, sorted, and directly linked to corresponding security rules. SecureSphere's monitoring and reporting framework provides instant visibility into security, compliance, and content delivery concerns.

Zero Impact Deployment and Ultra High Performance

SecureSphere provides the most flexible deployment options of any WAF in the industry, including a unique drop-in deployment that require no changes to existing applications or network. SecureSphere delivers multi-Gigabit throughput and tens of thousands of transactions per second while maintaining sub-millisecond latency.

SecureSphere SE WAF for Medium Enterprises

The SecureSphere Standard Edition (SE) Web Application Firewall offers accurate protection, proven performance, and ease-of-use at an attractive price point for medium enterprises. The SecureSphere SE WAF delivers the same best-in-class security, but without vulnerability assessment or SIEM integration and without database security extensibility. For medium enterprises with limited IT resources, the Standard Edition model provides a practical, highly secure solution at an affordable price.

The Trusted Choice for Web Security

As the market-leading Web application firewall, more organizations rely on Imperva to monitor and protect their critical Web applications than any other vendor. Imperva SecureSphere provides your business with a practical and highly secure solution to ensure that your Web applications and data are safe.

Web Application Firewall Specifications