• Combat Payment Card Fraud
    Consumers depend on you to protect their credit card data. According to OWASP, "carding" and "cashing out" are among the top 20 automated security threats. View our infographic and accompanying blog post to learn:
    • Where you are most vulnerable to credit card fraud
    • How illegal "carding" and "cashing out" kill chains work
    • Why WAFs and threat intelligence are necessary to prevent attacks
  • Combat Credential Stuffing
    Hackers employ armies of bots to stuff stolen user credentials into login pages on your site. With millions of stolen credentials circulating on the dark net, a 1% success rate translates to tens of thousands of compromised accounts. What follows is fraud, financial impact and reputation risk. View our infographic on credential stuffing to learn how you can effectively block these attacks.
  • 5 Reasons to Extend Data Audit and Protection to Mainframes
    With data breaches regularly making headlines, it’s critical that your organization protects sensitive customer and business data from cyber attacks and internal threats. Proactive monitoring deployed across all your database platforms, including mainframes, is the best defense to detect and contain data breaches. Download 5 Reasons to Extend Data Audit and Protection to Mainframes to learn why you should include mainframes in your database audit and security programs.
  • 7 Steps to Protect Your Data Against Insider Threats
    Insider threats pose the greatest risk to data, yet enterprises often do not have visibility into how users interact with sensitive data, a key component of effective security. Download 7 Steps to Protect Your Data Against Insider Threats to discover key actions you need to take to prevent insider-related data breaches. In the checklist, you’ll learn how to develop an effective data security plan and identify potential gaps in your current strategy.
  • Defend Against the Data Miner
    The Data Miner is a quiet thief who finds a way in, spends weeks sampling your data, then ex-filtrates it before you ever know what happened. He’s even breached the NSA. How does he do it?

    The “Defending Against the Data Miner” infographic will help you discover:
    • How the Data Miner easily accesses your data
    • How you stack up against other organizations
    • How to build an active data defense strategy
  • Combat today’s threats with a single platform for app and data security
    70% of insider and privilege misuse took months or years to discover while the number one source of data breaches are web app attacks. It doesn’t matter where your data resides, cyber criminals and compromised users will find a way to access it, unless you take a synergistic approach to application and data security. Download our new infographic, “Combat Today’s Threats with a Single Platform for App and Data Security” to learn why you have to protect data where it lives.
  • HTTP/2: Faster Doesn’t Mean Safer, Attack Surface Growing Exponentially
    Researchers at the Imperva Defense Center have analyzed four high-profile vulnerabilities in HTTP/2, the latest implementation of the Worldwide Web’s underlying protocol. While HTTP/2 promises faster speeds and better performance over HTTP 1.1, its combination of new mechanisms and new implementations also reintroduces some of the known flaws which were present in earlier versions.
  • Black Hat SEO: A detailed analysis of illegal SEO tactics
    Researchers at the Imperva Defense Center have discovered a series of long-running, multi-vector search engine optimization (SEO) campaigns that exploit vulnerabilities in thousands of legitimate websites to increase the SEO results for malicious websites. View this infographic to find out how hackers use illegal SEO tactics to promote malicious websites.
  • A Cybercriminal’s Path to Your Data
    Users and apps pose the biggest risk to your enterprise data. Hackers are financially motivated to gain unauthorized access to your data. View this infographic to find out how to prevent major data breaches from both internal and external threats.
  • The Most Dangerous Cyber Security Threat Might Be Sitting Next to You
    While organizations are buffing up their security layers—which is important—most of the focus is on preventing direct threats that come from outside, while detecting threats from within is neglected. Our research indicates many significant data breaches are ultimately an “inside job.” View this infographic to find out how insiders – be they employees, contractors, business associates or partners – pose the biggest risk to enterprise data.
  • Organized Crime Fingerprints All Over Ransomware
    Imperva Application Defense Center (ADC) peels the layers and shows the involvement of organized crime in the Cryptowall ransomware. The lack of cyber security laws, inaction from law enforcement, and the ability to successfully execute campaigns using anonymous Tor networks is enabling organized cyber criminals to profit from ransomware and grow at a tremendous pace. View the infographic to learn how you can protect yourself from ransomware.
  • 2016 Cyberthreat Defense Report
    We’re losing the war! Today’s security threats bypass enterprise defenses and remain undetected for far too long. View CyberEdge Group’s 2016 Cyberthreat Defense Report infographic and find out how your defense posture stacks up against 1000 IT security decision makers. You will learn how your spend compares to that of other organizations, what defense measures your peers have in place to defend against internal and external threats, and why weaknesses in your strategy could make your organization a “low hanging fruit”.
  • 7 Tips to Protect Your Data from Contractors and Privileged Vendors
    Recent data breach incidents at Target, Anthem, and JP Morgan prove that contractors, privileged vendors, and staff additions from M&As can pose cyber security risks to your enterprise. Even the most well-defined security policies for privileged third-party access can fall short, if key points are overlooked.

    Now is the time to strengthen your security enforcement over contractors and privileged vendors. Read 7 Tips to Protect Your Data from Contractors and Privileged Vendors and learn how you can protect your data from third parties.
  • The Industrialization of Hacking: How to Stop Automated Attacks
    The industrialization of hacking has created a more effective and efficient way for hackers to profit from attacks on business critical applications and assets exposed to the Internet. This era of automated attacks that exploit application vulnerabilities and abuse application functionality has profoundly changed how we must protect these assets. A continuous threat intelligence feed, from a trusted globally crowd-sourced platform, has become vital to defend against such advanced Web-based attacks.
  • The Hidden Cost of Compliance
    Database auditing is an integral part of every organization's compliance protocol, but the built-in auditing tools that come with your database exact a heavy tool on hardware, software, storage, and human resource costs. Organizations using this built-in approach spend vastly more than they realize and often find themselves unable to meet compliance requirements. This infographic explores the hidden costs of native audit tools.
  • DDoS Threat Landscape Report (2013-2014)
    Incapsula’s research demonstrates our findings from last year, with a large portion of the attacks coming from botnets. During 2013, Incapsula witnessed an increase of 240% in attack volume, and it is important to mention that many of them used the Wordpress CMS platform as the bot attack platform.
  • Web Attack Survival in 7 Steps
    With an increasing amount of business being conducted online, the internet has quickly become the frontline in an ongoing battle between companies and an unseen enemy. Industrial espionage, sabotage and cyber terrorism are becoming more frequent, resulting in lost revenue, stolen data, service interruptions and damaged reputations. This infographic illustrates the seven steps you must take to protect your organization from external threats targeting your high-value applications and data assets.
  • 7 Stages of an Advanced Targeted Attack
    The biggest threat to your company’s security is already inside. Hackers use spear phishing and malware to target your trusted employees, and then leverage their stolen credentials to navigate the company network and gain access to your data center. Your organization is only as strong as its weakest link — your trusted employees. This infographic illustrates the seven common stages of an advanced targeted attack and provides an eight-step plan to safeguard your organization from attack.
  • Web Applications Under Attack: How Network Security Solutions Leave You Exposed
    Web applications are a common and profitable target for hackers. In fact, nearly 55% of breached records come from attacks on web applications. The yearly costs of these kinds of attacks are enormous. Although network security solutions are essential for protecting networks, they do not provide the accuracy, the granularity or the breadth of protection required to stop all web attacks. This infographic illustrates how hackers bypass traditional defenses leaving high-value applications and data assets exposed to 60% of the OWASP Top 10 Threats.
  • The Anatomy of an Anonymous Attack
    During 2011, Imperva witnessed an assault by the hacktivist group ‘Anonymous’ that lasted 25 days. Our observations give insightful information on Anonymous, including a detailed analysis of hacking methods, as well as an examination of how social media provides a communications platform for recruitment and attack coordination. Hacktivism has grown dramatically in the past year and has become a priority for security organizations worldwide. Understanding Anonymous’ attack methods will help organizations prepare if they are ever a target.
  • Exploiting RFI 101
    Remote and local file inclusion (RFI/LFI) attacks are a favorite choice for hackers and many security professionals aren’t noticing. RFI and LFI attacks take advantage of vulnerable PHP Web application parameters by including a URL reference to remotely hosted malicious code, enabling remote execution.