Imperva Blog|Login|中文Deutsch日本語

White Papers

Selected Tag: Hacking | Show All

Download White Paper

The Future of Web Security: 10 Things Every Web Application Firewall Should Provide


Web application firewalls have become the central platform for protecting applications against all online threats including technical Web attacks, business logic attacks, and online fraud. Web application firewalls understand Web usage and validate input to stop dangerous attacks like SQL injection, XSS, and directory traversal. They block scanners and virtually patch vulnerabilities. And they rapidly evolve to prevent new attacks and to keep critical applications safe. Because Web application firewalls are strategic, every organization must carefully evaluate the products' security, management, and deployment capabilities. This paper explains in detail the 10 features that every Web application firewall should provide.

Languages: English | Español

Tags: Web Application Firewall, Industrialized Hacking, Automated Attacks, Business Logic Attacks, ThreatRadar, Web Application Security


Download White Paper

The Industrialization of Hacking


Today, hacking is $1T industry -- up from a few billion just three years ago. In 2007, professional hacking represented a multibillion-dollar industry. At present, this same industry posts -- in stolen data, IP and financial gain -- more than one trillion in value. What explains this rapid growth? Industrialization. Just as the Industrial Revolution advanced methods and accelerated assembly from single to mass production in the 19th century, today's cyber crime industry has similarly transformed and automated itself to achieve scalability and increase profits.

The industrialization of hacking coincides with a critical shift in what's considered today's prized commodity: data.

Tags: Cyber Crime, Data Security, Hacking, Automated Attacks


Download White Paper

Blame it on the Media(Bot) -- Using Google Advertising Mechanism for Web Application Attacks


The research summarized in this paper is aimed at demonstrating how search engines can be manipulated to serve as attack tools. We were able to show that the AdWords and AdSense services from Google can indeed be used to launch attacks against unsuspecting web applications. Attacks types we were able to demonstrate include buffer overflows, SQL injections and CSRFs.

Tags: ADC, Google Hacking, Web Application Attacks, Buffer Overflow, SQL Injection, CSRF, Web Application Security

Selected Tag: Hacking | Show All


Term of the Month