Imperva: Protecting the Data that Drives Business Blog|Login|Chinese German Japanese|Follow @imperva
Hacking and External Threats

Hacking and External Threats

Hacking and External Threats More Internet attacks target Web applications than all other services combined.1 With sharp increases in SQL injection and Cross Site Scripting (XSS) as well as emerging threats such as Cross Site Request Forgery (CSRF) and botnet attacks, hackers have a powerful arsenal to unleash on Web sites. Since Web applications host sensitive and valuable data, application security threats dwarf all other risks.

To combat escalating attacks on Web applications and data, many leading organizations are turning to data security technologies such as Web Application Firewalls (WAFs) and Database Firewalls (DBFs). Mitigating external threats requires stopping known and zero-day attacks, blocking malicious users, preventing data leaks, and patching application vulnerabilities.

Block Known and Zero-Day Attacks

With vulnerabilities continuously detected in Web applications and database platforms, it is essential for organizations to protect themselves against exploitation. By using a combination of research-based attack signatures and automated profiling of normal application and database usage, organizations can create an effective defense against the leading attack vectors.

Stop Malicious Users Before an Attack Can Be Launched

Hacker-controlled computers, or bots, are carrying out an increasing number of Web attacks. Moreover, many criminals use anonymous proxies or TOR servers to conceal their identity. Organizations should identify known malicious sources to block automated attacks and prevent the reconnaissance that could lead to a damaging data breach.

Prevent Sensitive Data Leaks

Organizations should inspect outbound traffic from applications and databases to block leakage of sensitive data such as credit card numbers, application code, and accounting records.

Protect Application Data Stored in Databases

Data security requires a defense in-depth strategy, encompassing where data is stored, how it moves, and who accesses it. Organizations must monitor and secure database access to safeguard application data from database exploits.

Detect and Patch Application Vulnerabilities

Detection of application and database vulnerabilities is an essential step in analyzing the risk of a data breach. Organizations should consider virtual patching of vulnerabilities to eliminate the window of exposure and reduce the cost of emergency fix and test cycles.

1Gartner

Database Security
Product NameCapabilities
SecureSphere Database Firewall
  • Monitor and optionally block unauthorized or abnormal database activity
  • Virtually patch database vulnerabilities
  • Prevent sensitive database data leaks
Web Application Security
Product NameCapabilities
SecureSphere Web Application Firewall
  • Block known and zero-day attacks using white list (profiling) and black list (signatures) security models
  • Virtual patch web application vulnerabilities with scanner integration
  • Prevent sensitive application data leaks
ThreatRadar Reputation Services
  • Stop automated attacks reputation-based defense
  • Detect and block known malicious sources, phishing attacks
ThreatRadar Fraud Prevention Services
  • Maintain brand image and customer loyalty by preventing fraudulent activity
  • Rapidly provision and enforce Web fraud protection


Datasheets
White Papers
Multimedia
Customer Quote
We understand the need of top level security for our customers and ourselves. We chose Imperva SecureSphere because we believe they are the very best. Protecting our customers and keeping the Internet safe is a top priority at GoDaddy.

Bob Parsons
CEO, GoDaddy.com