Vulnerability Assessment

Imperva has partnered with leading vulnerability assessment vendors to virtually patch Web application vulnerabilities. By integrating with vulnerability assessment scanners, the Imperva SecureSphere Web Application Firewall can reduce the window of exposure and the disruption of emergency fix and test cycles.


  • imperva certified solution



    HP Fortify is the global leader in application security testing and management solutions. HP Fortify combines comprehensive static and dynamic testing technologies (across most languages), with timely security intelligence from the HP Security Research team.

    HP WebInspect, an HP Fortify solution, exports the results of its vulnerability scans to Imperva SecureSphere Web Application Firewall, enabling organizations to virtually patch the vulnerabilities. This prevents attackers from exploiting the vulnerabilities, and helps keep the organization in compliance, until developers deliver a permanent fix.


    For more information, please visit: www8.hp.com/us/en/software-solutions/application-security/index.html

  • imperva certified solution


    Imperva is an Advanced Partner in the IBM PartnerWorld Program. SecureSphere from Imperva has been optimized to protect IBM DB2 infrastructure software. Imperva's involvement with PartnerWorld enables comprehensive go-to-market sales support and technical resources that are specifically tailored to the security market and specific vertical industries that are essential to Imperva's success. SecureSphere is compatible with DB2 and Informix and provides joint customers with an effective audit, monitoring and security solution.

    In addition, Imperva has partnered with IBM as part of the Ready for IBM Security Intelligence program. Imperva has achieved certified interoperability with IBM Security QRadar SIEM using QRadar's Log Event Extended Format (LEEF) standard. SecureSphere's market-leading data security solutions provides QRadar with a rich source of contextual data that can be correlated with other data sources and used by QRadar's out-of-the-box rules and reports. IBM Security QRadar and Imperva combine to enable customers to reach their enterprise compliance and security goals, and reduce the risk and severity of security breaches.


    For more information, please visit: www.ibm.com

  • imperva certified solution


    Imperva is a partner of Qualys and integrates SecureSphere Web Application Firewall (WAF) with Qualys' QualysGuard® Web Application Scanning. This integration helps enterprises to deploy a comprehensive security solution where Web Application vulnerabilities discovered via QualysGuard can be immediately remediated with Imperva's WAF Virtual Patching, without the need for development intervention.

    Imperva is also a Qualys PCI Connect Partner. Customers can upload Imperva's WAF configuration directly into their Qualys PCI Self-Assessment Questionnaires to show proof of protection for their e-merchant web sites.


    For more information, please visit: www.qualys.com

  • imperva certified solution


    WhiteHat Security is the leading provider of website risk management solutions that protect critical data, ensure compliance and narrow the window of risk. WhiteHat Sentinel, the company's flagship product family, is the most accurate, complete and cost-effective website vulnerability management solution available. Built on a SaaS (Software-as-a-Service) or Cloud-based technology platform, the WhiteHat Sentinel family all combine advanced proprietary scanning technology with expert website security analysis, to enable customers to identify, prioritize, manage and remediate vulnerabilities as they occur. Unique to WhiteHat Security, every vulnerability discovered by any WhiteHat Sentinel Service is verified and prioritized, virtually eliminating false positives and radically simplifying remediation.

    Imperva SecureSphere Web Application Firewall (WAF) pulls vulnerability scan results from WhiteHat Sentinel for rapid remediation and blocking of web attacks. This integration provides a complete and automated way for organizations to simplify the management of the Web application security lifecycle.

    For more details, listen to The Web Attack Defense Playbook: An End-User Case Study for SuccessFactors' perspective on the benefits on this integrated solution or read our Solution Brief.


    For more information, please visit: www.whitehatsec.com


  • Acunetix was founded in 2004 to combat the alarming rise in web attacks. Its flagship product, Acunetix Web Vulnerability Scanner (WVS), is the result of several years of work by a team of highly experienced security developers. Leading International companies and organizations such as NASA, the US Air Force, The Pentagon, PricewaterhouseCoopers and Sony use Acunetix WVS to protect their websites and web applications. Acunetix WVS has won numerous awards including the WindowSecurity.com Web Application Security award for four times in succession. Acunetix is a privately held European company with offices in the UK, Cyprus and Malta.


    For more information, please visit: www.acunetix.com


  • Beyond Security's automated security testing technologies discover security weaknesses in corporate networks including databases, file servers and web applications. We can automate your vulnerability assessment, manage your mitigation processes and help meet all your compliance requirements at a fraction of your current manpower investment.

    AVDS (Automated Vulnerability Detection System) is available as a network appliance or hosted solution and delivers layer 3-7 testing with the lowest false positive rate in the industry. AVDS reports Web application vulnerabilities to the SecureSphere Web Application Firewall for instant patching of vulnerabilities, dramatically reducing your window of exposure to attack.


    For more information, please visit: www.beyondsecurity.com


  • Denim Group is the leading secure software development firm. The company builds custom large-scale software development projects across multiple platforms, languages and applications. Denim Group offers an innovative blend of secure software development, testing and training capabilities that protect a company's biggest asset, its data. Denim Group customers span an international client base of commercial and public sector organizations across the financial services, banking, insurance, healthcare and defense industries.

    As experts in the field of remediation, Denim Group created ThreadFix, a software vulnerability aggregation and management system that imports the results from software security testing, providing a centralized view of defects across development projects. The system correlates testing results and simplifies feeds to software issue trackers. ThreadFix auto-generates application firewall rules to block application attacks while remediation efforts occur, and empowers managers with vulnerability trending reports that demonstrate software security progress over time.


    For more information, please visit: www.denimgroup.com


  • NT OBJECTives is an innovative provider of comprehensive application security solutions designed to help organizations discover threats, analyze risk and protect their web applications against attack. Its unique technology provides automated and accurate application vulnerability assessment regardless of site complexity along with the ability to help companies secure their web applications either by repairing application code or by custom configuring their security infrastructure to block the attacks. NTOSpider creates a custom report for each application that can be imported into SecureSphere to protect applications from being exploited by these attacks.


    For more information, please visit: www.ntobjectives.com


  • Rapid7 web vulnerability scanning integrates seamlessly with the SecureSphere Web Application Firewall (WAF). Through this integration you can ensure web application vulnerabilities are provided to Imperva’s WAF for virtual patching, timely mitigation of web attacks and operational efficiency.

    Rapid7’s security solutions deliver visibility and insight that help you make informed decisions, create credible action plans, and monitor progress. They simplify risk management by uniquely combining contextual threat analysis with fast, comprehensive data collection across your users, assets, services and networks, whether on premise, mobile or cloud-based.


    For more information, please visit: www.rapid7.com


  • Trend Micro, a global leader in security software for 25 years, strives to make the world safe for exchanging digital information. The company's solutions for consumers, businesses and governments provide layered data security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro Web App Security is a new service that allows organizations to continuously detect vulnerabilities and protect their web applications without the cost and effort of traditional approaches.

    Trend Micro Web App Security's intelligent application scanning capabilities minimize the time needed to respond to security threats with continuous scanning, expert hands-on business logic testing, and expert false positive removal, empowering organizations to focus on addressing discovered threats. The native integration with the Imperva SecureSphere Web App Firewall (WAF) enables organizations to instantly translate discovered application vulnerabilities and trigger action through built-in rule creation and export. With this powerful combination, organizations have the ability to continuously detect vulnerabilities with Trend Micro Web App Security and automatically protect sensitive applications with Imperva SecureSphere.


    For more information, please visit: was.trendmicro.com


  • Veracode secures the world's software. We help companies and governments address the acute threat posed by hackers who are targeting software vulnerabilities to gain access to critical data. Veracode provides an automated, policy-driven application risk management platform to secure web applications, mobile and third-party applications across the software supply chain. Veracode works with the world's largest corporations and their software providers, representing a variety of Global 2000 brands.


    For more information, please visit: www.veracode.com