• Technical Deep Dive: Imperva Web Application Firewall - How to Protect Web Applications from Advanced Attacks

    Presented by Narayan Makaram, Dir. Product Marketing, Imperva | Aaron Willis, Sr. Security Engineer, Imperva

    November 10, 2016 10:00 AM PT

    The use of web-based applications to conduct business online has grown exponentially in the last decade. However, the vulnerabilities in these applications are creating significant business risks and exposures to business critical data. Join us for a 30-minute live product demonstration and Q&A with a security expert for an inside look at how SecureSphere can be used to automatically identify potential attack vectors on your web applications using unique application profiling techniques to correlate user and application behavior, and streamline forensics analysis and virtual patching mitigation actions to demonstrate compliance.

  • Technical Deep Dive: Imperva DDoS Protection - How to Defeat Botnets and Prevent Downtime

    Presented by Sina Siar, Solutions Manager, Imperva | Nabeel Hasan Saeed, Product Marketing Manager, Imperva

    Website downtime from DDoS attacks can cost you thousands or even millions of dollars an hour due to lost revenue and brand damage. Join us for a 30-minute live product demonstration and Q&A with a security expert for an inside look at how Incapsula protects your website from DDoS attacks. During this session we’ll explore the user interface, explain how to easily identify and block web security threats, how to use our global content delivery network (CDN) for instant performance enhancement, and how to gain valuable insights into your website's traffic using real-time monitoring. We’ll also review some of the more advanced features of the service like cloud-based load balancing.

  • Top Cyber Security Trends for 2016

    Presented by Amichai Shulman, CTO and co-founder, Imperva

    With mega-breaches like Anthem, OPM, IRS, Ashley Madison, UCLA Health and TalkTalk all within the past 12 months, chances are your data has been targeted. What does this mean for 2016? Join Imperva CTO and co-founder, Amichai Shulman, as he reveals the top trends that will impact cyber security practices across the globe.

    Watch this webinar and learn:

    • Why cyber attacks continue to increase in sophistication, magnitude and velocity
    • What trends will have the largest and smallest impact on cyber security in 2016
    • Why cloud-based apps and the Internet of Things have transformed cyber security
    • How you can protect your organization from attacks from the inside

  • Database Surveillance and Protection: 3 Ways to Stop Hackers

    Data thieves are opportunistic, looking for unprotected databases in the forgotten digital corners of your company. They are content to steal any data that lies within easy reach.

    Large companies are especially vulnerable. With hundreds or even thousands of databases spread throughout business units and across multiple geographies, it is only a matter of time until your unprotected data is accessed and stolen.

    Fortunately, it doesn’t have to be complicated, tedious or expensive to protect all of your sensitive data with a database monitoring solution. The right database monitoring solution can also provide visibility into data usage and simplify compliance audits.

    Join us for this webinar to learn:

    • Benefits of database monitoring over native audit tools
    • Factors to consider before investing in database audit and protection
    • 3 specific ways to leverage database monitoring for improved security

  • The State of Application Security: Hackers On Steroids

    Presented by Itsik Mantin, Director of Security Research, Imperva

    Organizations of all sizes face a universal security threat from today’s organized hacking industry. Why? Hackers have decreased costs and expanded their reach with tools and technologies that allow for automated attacks against Web applications.

    This webinar will detail key insights from the Imperva Defense Center annual Web Application Attack Report. Attend this webinar for an in-depth view of the threat landscape for the year. We will:

    • Discuss hacking trends and shifts
    • Provide breach analysis by geography, industry, and attack type
    • Detail next steps for improved security controls and risk management processes

  • Database Monitoring: First and Last Line of Defense

    Presented by Cheryl O’Neill, Director of Product Marketing, Imperva

    In the battle to defend your data you have an edge over the hacker that can prevent or minimize the damage of a database breach. You have the advantage of operating within your own environment and can deploy automated surveillance capabilities to watch sensitive data. When a hacker breaches the firewall or compromises a privileged user they are beyond the reach of most security measures. Only a data centric solution that directly monitors data access will be able to spot and stop the abnormal activity.

    Join us to learn how SecureSphere data protection solutions can help you improve your security profile and protect your company against a database breach.

  • Why Network and Endpoint Security Isn’t Enough

    Presented by Cheryl O'Neill, Dir. Product Marketing, Database Security, Imperva | Narayan Makaram, Dir. Product Marketing, Web Application Security, Imperva

    The rise in high-profile breaches demonstrates that traditional security defenses are no longer enough. Endpoint and network security cannot defend against sophisticated attacks or compromised insiders.

    View this webinar and learn:

    • Why traditional security measures fail to stop web attacks and data breaches
    • How modernized best practices safeguard against web application attacks
    • What strategies enable scalable data protection and simplified audits

  • How to Balance Ecommerce Security with Performance

    Presented by Nabeel Hasan Saeed, Product Marketing Manager, Imperva Incapsula | Ryan McElrath, Chief Technology Officer, American Eagle | Armando Roggio, Senior Editor, Practical Ecommerce

    Cyber criminals’ ability to attack and penetrate ecommerce sites has never been more sophisticated. The threats merchants face today include automated bot access, malware injections, DDoS attacks, and many more. How can you protect your ecommerce site? Can all threats be prevented? And how will prevention measures affect your site’s performance and the experience of your customers?

    Attend this webinar and learn:

    • What threats ecommerce providers face
    • Why traditional protection measures affect website performance
    • How to protect your website without compromising performance

  • Proven Strategies for Streamlining Cloud App Access and Security

    Presented by Norv Leong, Senior Director, Product Marketing for Imperva Skyfence, Imperva and William Greenlee, Technical Alliance Manager, Centrify

    As apps like Salesforce, Office 365, Google for Work, and ServiceNow become the norm, securing access to and maintaining compliance of the data accessed by these cloud apps is a necessity.

    Join experts from Imperva and Centrify as they share best practices on enabling the safe and productive use of cloud apps. Attend and learn how to:

    • Provide secure single sign-on and user-friendly multi-factor authentication
    • Secure and monitor SaaS access from login to logout
    • Detect and block cyber threats such as account takeovers
    • Simplify, centralize and automate access management – across apps and devices

  • Stop Account Takeover Attacks, Right in their Tracks

    Presented by Narayan Makaram, Director Product Marketing, Web Application Security, Imperva

    During every hour of every day, cyber criminals silently bypass traditional perimeter controls. They use millions of stolen user credentials to takeover Web application accounts, access sensitive applications, steal confidential data, and conduct fraudulent transactions. According to the latest Verizon DBIR report, over 50% of Web application attacks launched by organized crime in 2014 involved stolen credentials.

    View this webinar to learn why real-time threat intelligence is the key to preventing Web account takeover attacks. We will discuss:

    • The anatomy of an account takeover attack
    • Best practices to protect Web applications
    • The need for real-time threat intelligence

  • Securing Office 365 through Cloud Access Security Brokers

    Presented by Norv Leong, Senior Director, Product Marketing for Imperva Skyfence, Imperva

    Microsoft Office 365 is quickly establishing itself as the go-to productivity suite used in organizations today. However, even Microsoft maintains that Office 365 security is a shared responsibility between itself and the customer. Office 365 provides some capabilities natively, but at the end of the day, Microsoft does not take responsibility for managing mobile access, enforcing access policies, and meeting compliance requirements.

    Watch this informative webinar where you’ll learn how to define, develop, and execute an Office 365 security plan while meeting all of your compliance obligations.

  • BrightTalk Incident Response and Data Protection Summit: Sophisticated Incident Response Requires Sophisticated Activity Monitoring

    Presented by Mike Sanders, Principal SE and Team Lead, Imperva | Bryan Orme, Principal, GuidePoint Security

    Are you prepared for a data breach? Are you confident you will find a breach in a timely manner? Facts are over 70% of businesses report a security breach and 75% of breaches are undetected for days or even months. Once discovered, incident response teams are under extreme pressure to close the breach, figure out what happened, what was lost, and calculate the risk. Organizations need a sophisticated incident response plan.

    Attend this webinar and learn how to:

    • Discover sensitive data, risk, and vulnerabilities
    • Detect and block cyber security events
    • Investigate incidents and automate remediation
    • Demonstrate consistent policy application across all sensitive data

  • Database Security, Better Audits, Lower Costs

    Presented by Terry Ray, Chief Product Strategist, Imperva | Cheryl O’Neill, Director Product Marketing, Database Security, Imperva

    The complexity of implementing and maintaining IBM Guardium or a native audit solution within an enterprise environment can quickly run into trouble. Escalating costs, manularity, and gaps in coverage put your company at risk of a failed audit or data breach. This webinar will share the experiences of Imperva customers who have moved from native audit or Guardium to Imperva SecureSphere for database audit and protection (DAP).

    Attendees will leave with an understanding of:

    • Security and compliance factors that organizations should consider
    • The methods of deployment within an enterprise environment
    • The monetary and human costs associated with each DAP architecture

  • BrightTalk Hackers and Threats Summit: Extend Enterprise Application-level Security to Your AWS Environment

    Presented by Chris Grove, Director of Solution Architecture, Imperva | Matt Yanchyshyn, Senior, Manager of Solutions Architecture, AWS

    When organizations shift to a public cloud environment, security and compliance must remain top of mind. While Amazon Web Services (AWS) provides robust infrastructure-level protections, today’s attackers target the applications themselves.

    This webinar will:

    • Discuss inherent AWS security capabilities
    • Review attack types that target the applications and why traditional security approaches can’t stop them
    • Illustrate how Imperva SecureSphere for AWS stops these attacks and enables you to use the security infrastructure in the cloud and on-premise

  • Securing Access and Protecting Your Data in Office 365

    Presented by Orin Thomas, Contributing Editor, Windows IT Pro | Norv Leong, Senior Director of Product Marketing, Imperva Skyfence

    The rapid adoption of Office 365 has turned the spotlight on securing access and protecting sensitive corporate data that’s residing in the cloud. Coupled with the proliferation of mobile devices and BYOD in general, IT organizations that adopt Office 365 are now having to cope with a new breed of security challenges different from those they faced with a strictly on-premises deployment.

    In this webinar, you'll learn:

    • How to monitor access to ensure Office 365 services are limited to authorized users and approved devices
    • How to protect against threats, such as Office 365 account hijacks
    • How to protect against the leakage of sensitive data through Outlook, OneDrive for Business, and SharePoint Online

    • Play Video
  • BrightTalk Hackers and Threats Summit: An Inside Look at a Sophisticated, Multi-vector DDoS Attack

    Presented by Orion Cassetto, Director Product Marketing, Imperva Incapsula

    This webinar will explore the current DDoS attack landscape, it will cover the basics of DDoS attacks, current trends including the most recent results from the newly published 2015 Imperva Incapsula DDoS Report. We will also discuss a detailed analysis of one of today’s modern, multi-vector DDoS attacks. While dissecting this DDoS attack, the talk will explore the anatomy and timeline of the attack, as well as the steps used to mitigate each phase of the assault. This session will close with a review of the aspects of effective DDoS protection solutions used to combat these sophisticated denial of service attacks.

  • Remediate before it's too late - Stop intruders from exploiting holes in your web apps.

    Presented by Illena Armstrong, VP, Editorial, SC Magazine and Mark Kraynak, Chief Product Officer, Imperva

    With mega breaches coming one right after another, many industry players have registered both disbelief and awe at the sheer numbers of individual credentials stolen. For instance, last year Russian hackers called CyberVor were able to pilfer 4.5 billion unique records, the majority of which were credentials such as IDs and passwords. Reportedly, the thieves took advantage of pre-existing holes in website code to launch SQL injection attacks to prompt web apps to execute malicious commands. In this instance, about 400,000 sites were vulnerable to the assault. But this is just one type of offensive cybercriminals enlist by exploiting well-known and sometimes long-standing vulnerabilities in applications on which companies rely -- even though there are readily available mitigations for them. So what can organizations do to take care of the myriad holes on which online thieves seem to rely? We review some of the more common attacks used by cybercriminal rings, and identify the techniques and over-arching best practices to block them.

    • Play Video
  • How a Low Risk Cloud App Can Become a Big Threat

    Presented by Norv Leong, Sr. Director Product Marketing, Imperva Skyfence

    Can you identify which ex-employees have access to your cloud data? Would you like to benchmark your cloud app security settings against best practices or compliance standards like PCI, HIPAA and others?

    Most organizations are aware of the dangers presented by unauthorized, high-risk cloud apps. But what about your authorized apps like Office 365, Salesforce, Google Apps and Amazon Web Services? Your specific users and implementations are invaluable in assessing the true risk for your company. Listen to this on-demand webinar and learn about contextual risk factors and approaches that can:

    • Enable you to see how your cloud environment stacks up against industry best practices
    • Mitigate threats from previously authorized users
    • Identify ex-employees and unauthorized users with access to your cloud apps
    • Simplify risk remediation and policy administration

    • Play Video
  • 5 Cyber Security Predictions for 2015

    Presented by Anthony Bettencourt, President & CEO, Imperva | Mark Kraynak, Chief Product Officer, Imperva

    We’ve combined the data collected from our products with the insights gathered from our customers to come up with some meaningful commentary and helpful guidance for 2015. Check out our predictions for the year ahead and make sure you’re ready.

    • Play Video
  • Top Five Security Must-Haves for Office 365

    Presented by Shan Zhou, Senior Director, Security Engineering, Skyfence | Frank Cabri, VP Marketing, Skyfence

    Whether you’ve already deployed Office 365 or have plans to, security considerations around moving your business-critical apps to the cloud are paramount. From Exchange, Yammer, and SharePoint to OneDrive and the Administrator Portal, monitoring activity and securing access is critical to mitigating threats and protecting confidential data.

    Join Skyfence, an Imperva company, for an educational webinar on Office 365 to:

    • Understand access control issues and their impact for employees, mobile workers and contractors
    • Learn about new account-centric attacks that are targeting Office 365 and other cloud apps
    • Discuss strategies for reducing excessive permissions for administrators
    • Hear about privacy laws around cloud data
    • Learn how to discover and manage the trend toward unauthorized file sharing and Shadow IT apps

  • The Anatomy of Comment Spam

    Presented by Shelly Hershkovitz, Security Research Engineer, Imperva

    Comment spammers are most often motivated by search engine optimization for the purposes of advertisement, click fraud, and malware distribution. By spamming multiple targets over a long period of time, spammers are able to gain profit, and do harm.

    Comment spam attacks can cripple a website, impacting uptime, and compromise the user experience. Quickly identifying the source of an attack can greatly limit the attack’s effectiveness and minimize its impact on your website. This webinar will:

    • Present an attack from both points of views – the attacker's and the victim’s
    • Identify tools utilized by comment spam attackers
    • Discuss mitigation techniques to stop comment spam in its early stages

  • Hacking Encounters of the 3rd Kind

    Presented by Barry Shteiman, Director of Security Strategy, Imperva

    As the software world evolves, more and more companies rely on 3rd party applications and software components as part of their infrastructure. However, this approach does not come without risks.

    The implementation of 3rd party applications has its advantages, chief among them shortened development time frames and increased software maturity. Despite these obvious benefits, organizations must remain aware of potential security implications. This webinar will:

    • Explain how 3rd party software vulnerabilities might lead to a data breach
    • Deliver examples of incidents and how they occur
    • Discuss the effectiveness of patching

  • Preparing for the Imminent Terabit DDoS Attack

    Presented by Orion Cassetto, Sr. Product Marketing Manager, Incapsula

    With the rapid growth of volumetric DDoS threats, even the largest networks, equipped with carrier grade hardware and with huge amounts of bandwidth at their disposal, are at risk of being taken down by a large DDoS attack.

    Volumetric DDoS threats are leading many financial institutions, service providers, and other large organizations on a search for solutions that can scale DDoS protection beyond their existing network capabilities, and into the Terabit level. Attend this webinar to learn about:

    • Expected trends in the evolving DDoS landscape over the next 12-36 months
    • Important considerations when selecting your DDoS protection technology
    • How to prepare your organization to detect and respond to a DDoS attack

  • Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities

    Presented by Terry Ray, VP of Global Security Engineering, Imperva

    As noted in the 2014 Verizon Data Breach report, “Web applications remain the proverbial punching bag of the internet.” Today’s hackers ruthlessly target Common Vulnerabilities and Exposures (CVEs) to launch multi-site attacks that take control of Web servers and allow their perpetrators to flee with valuable data assets.

    HeartBleed stands as the most notorious example of a known vulnerability attack, but with a CVE database running in the thousands, attackers have ample opportunity to profit from unsecure Web applications.

    Join us to learn more about the vulnerability landscape and the steps your organization can take to protect yourself against these known vulnerabilities. This webinar will:

    • Discuss the latest data breach stats to identify where the most dangerous attacks are coming from
    • Explore the attack perpetrators and reveal how they’re being successful
    • Present the anatomy of a HeartBleed attack
    • Provide mitigation techniques to protect against known vulnerabilities

    • Play Video
  • CUSRF | It's Pronounced "See You Surf" and It's Dangerous

    Presented by Amichai Shulman, CTO, Imperva

    Cross USer Request Forgery (CUSRF: pronounced "See You Surf") is a new and emerging type of Cross-Site Request Forgery (CSRF) attack that affects users of collaboration platforms and applications, such as LinkedIn and Google Docs.

    CUSRF exploits vulnerabilities in social networks to reveal a victim's true identity. Due to special technical characteristics of CUSRF attacks, most traditional counter-measures are irrelevant to the attack's mitigation. This webinar will:

    • Give a brief intro of CSRF
    • Examine the anatomy of a CUSRF attack, with examples
    • Discuss mitigation techniques for both consumers and platform providers

    • Play Video
  • How to Stop Web Application Attacks

    Presented by Tim Wilson, Editor, Dark Reading | Barry Shteiman, Director of Security Strategy, Imperva | Robert Hansen, Director of Product Management, WhiteHat Security

    Like the doors and windows in a building, your Web applications are the most visible points of entry for cyber attackers to target.

    Learn how to better understand how attackers find weaknesses in your Web applications, and how you can stop them. What methods do they use to crack those applications? How do they identify vulnerabilities, and what are the latest exploits they use to penetrate Web applications and steal the data behind them? This webinar will show you how to:

    • Identify potential attacks on your Web applications
    • Recognize vulnerabilities in your Web applications
    • Remediate websites and Web applications that have been compromised

    • Play Video
  • Top Security Trends for 2014

    Presented by Amichai Shulman, CTO, Imperva

    The Imperva Defense Center, a dedicated research organization, constantly monitors attackers - and their attack methods - to isolate the most relevant attack campaigns. Based on this research data, the Imperva Defense Center has identified the top trends poised to have the most significant impact on the security landscape in 2014. 

    Join Imperva CTO and head of the Imperva Defense Center, Amichai Shulman as he presents the security trends that will resonate across the globe in the upcoming year. Below is a sneak peak of top security trends:

    • Return of Compromised Web Servers: attackers are now infiltrating networks via external facing servers
    • Rise of Cloud Platform Breaches: long a concern, large-scale attacks in the Cloud are fast becoming a real problem
    • Spread of 3rd Party Application Vulnerabilities: these application attacks are growing in size, scope, and volume

    • Play Video
  • Hiding in Plain Sight: The Danger of Known Vulnerabilities

    Presented by Tal Be'ery, Web Security Team Leader, Imperva

    While a lot of attention is devoted to the mitigation of previously unknown attack methods ("0 days"), many of today's high-profile breaches are caused by "Known Vulnerabilities" in the application's components, also referred to as "vulnerabilities in third-party components." Attackers are quickly moving to exploit applications built with vulnerable components and are inflicting serious data loss and/or hijacking entire servers in the process.

    The rising popularity of third-party components in application development enables attackers to quickly and repeatedly locate and exploit vulnerabilities in application components - making these attacks widespread and extremely hazardous. This webinar will:

    • Explore the recent growth of "Known Vulnerabilities" and examine the scope of the problem
    • Examine how attackers are able to quickly "weaponize" these vulnerabilities for immediate profit
    • Reveal techniques for limiting the damage resulting from "Known Vulnerabilities" exploitation

    • Play Video
  • Detect and Remediate Advanced Targeted Attacks

    Presented by Ruby Sharma, Technical Alliance Manager, FireEye & Raphael Reich, Sr. Director Product Marketing, Imperva

    Despite huge investments in anti-virus software, next-gen firewalls, and IPS platforms, companies are still getting hacked. The new generation of advanced targeted attacks bypasses traditional defenses and put sensitive data at risk. It takes just minutes from the time an organization is compromised to the exfiltration of sensitive data.

    What's needed is a security solution that can detect and block data center threats while allowing easy, appropriate access to the assets essential to running your business. Join Imperva and FireEye for a webinar addressing data center security requirements and solutions. We'll discuss how to:

    • Protect data and applications from modern, advanced attacks
    • Enable business to continue while remediation takes place
    • Provide Incident Response teams with actionable forensic information
    • Support a risk-based approach to malware remediation

    • Play Video
  • Protecting Against Vulnerabilities in SharePoint Add-ons

    Presented by Carrie McDaniel, SharePoint Security, Imperva

    As the pace of Microsoft SharePoint adoption continues, most organizations are turning to third party add-ons to support demands for functionality. It's for these reasons that experts compare SharePoint without add-ons to an iPhone without apps. Third party add-ons, however, arrive pre-packaged with unique security risks -- vulnerabilities that IT cannot directly fix.

    Join Imperva's Carrie McDaniel to learn how organizations can offset vulnerabilities found in SharePoint add-ons by applying a multi-layered defense strategy. This webinar will:

    • Identify risks associated with using SharePoint plug-ins and web parts developed by third parties
    • Describe how hackers target and exploit third-party code using attacks such as SQL injection
    • Introduce a three-layered approach to securing SharePoint

    • Play Video
  • A Blueprint for Web Attack Survival

    Presented by Kasey Cross, Imperva | Nick Silver, WhiteHat Security

    Is your organization prepared to face a large-scale attack from hacktivists or cybercriminals? This webinar provides a step-by-step plan to protect web applications using proven strategies from application security consultants that have been on the front lines of attack.

    Join security experts from Imperva and WhiteHat Security to see what steps your organization can take to implement a comprehensive strategy for repelling web attacks. This webinar will:

    • Describe the modern attack methods and tools used by hacktivists and cybercriminals
    • Explain the processes and technologies you can use to safeguard your website
    • Help you prioritize security efforts and identify security tips and tricks you might have overlooked

    • Play Video
  • PHP SuperGlobals - Supersized Trouble

    Presented by Tal Be'ery, Web Security Team Leader, Imperva

    Used in over 80% of all websites, PHP is the most popular Web application development platform in the world. The widespread use of PHP, however, makes it an attractive target for malicious hackers. By focusing attacks on vulnerabilities found in popular third party components, such as PHP, hackers are able to expand their reach to countless unsuspecting websites.

    • Play Video
  • Lessons Learned From the Yahoo! Hack

    Presented by Amichai Shulman, CTO, Imperva

    In December 2012, Yahoo! Inc. suffered a high profile data breach at the hands of a lone hacker. Using SQL injection attacks, the hacker gained full access for the server of the affected domain. Alarmingly, the exploited vulnerability likely belonged to a third party application that was neither coded nor hosted by Yahoo!.

    Yahoo! was responsible for the third party application's security, yet it only had limited control of the code. Join Imperva's Amichai Shulman as he discusses the key lessons learned from the Yahoo! breach. This webinar will:

    • Analyze the tools and methodology employed by the attacker to bypass security
    • Explore the dangers of hosting third party code inherited from partners, vendors, or via acquisitions
    • Provide procedural and technical steps for securing third party code

    • Play Video
  • Top Security Trends for 2013

    Presented by Mark Kraynak, SVP WW Marketing, Imperva

    Looking at the security landscape for 2013, we predict that previous security investments made by larger, well-funded organizations will serve as a partial deterrent to hackers. However, those same hackers, armed with sophisticated malware and cloaked in a dangerous anonymity provided by the Cloud, will turn their collective eyes to a new, more vulnerable target: small companies.

    Join Imperva Senior Vice President Mark Kraynak as he reveals the four super-sized security trends that will impact business security practices across the globe in 2013. Below is a sneak peak at each trend:

    • Government Malware Goes Commercial: tactics historically tied to "state sponsored" attacks move to the mainstream
    • Black Clouds on the Horizon: profit-driven hackers leverage the Cloud to unleash fraud and business logic attacks
    • Security Strength in Numbers: business and government will combine individual protection data to create collaborative defenses
    • APT Targets the Little Guy: cyber criminals employ traditional, enterprise-size APT methods to pillage smaller businesses

    • Play Video
  • Deconstructing Application DoS Attacks

    Presented by Tal Be'ery, Web Security Team Leader, Imperva

    As one of the most discussed topics on hacker forums, denial of service (DoS) attacks continue to move up the stack from the network to the application level. Since many anti-DoS solutions focus on the lower layers, hackers are targeting specific Web servers, such as IIS or Apache, or applications, such as SharePoint, in order to reduce the likelihood of attack detection. Join Imperva's Tal Be'ery as he discusses the latest trends, techniques, and technologies deployed by hackers and provides security professionals with specific steps to mitigate this threat. This webinar will:

    • Summarize the general characteristics of application DoS attacks
    • Discuss how and why hacktivists utilize distributed denial of service (DDoS)
    • Highlight real-world incidents from OpColumbia, OpBahrain, and OpRussin
    • Examine how black-hat hackers conduct attacks with white-hat testing tools

    • Play Video
  • A CAPTCHA in the Rye

    Presented by Tal Be'ery, Web Security Team Leader, Imperva

    In J.D. Salinger's The Catcher in the Rye, main character Holden Caulfield is a confused teenager who views anyone he meets, or knows, as a "phony." This attitude, among other factors, contributes to Holden's dysfunctional nature. How are today's hackers blurring the line between real and "phony" and compromising CAPTCHA security in the process?

    A CAPTCHA, or Completely Automated Public Turing test to tell Computers and Humans Apart, is a common security measure used to distinguish between humans and a "phony." However, with hackers now deploying numerous methods to bypass CAPTCHAs, the line between real and phony isn't clear and security professionals are forced to present CAPTCHAs sub optimally. This webinar will:

    • Review the use of CAPTCHAs as a security mechanism against malicious automation
    • Examine the threat human-based CAPTCHA solving services pose to Web security
    • Analyze four case studies of CAPTCHA bypassing in the wild
    • Provide recommendations to improve the efficiency of existing CAPTCHA mechanisms by integrating with other automation detection measures

    • Play Video
  • Automated Hacking Tools - Meet the New Rock Stars in the Cyber Underground

    Presented by Amichai Shulman, CTO, Imperva

    Research attributes nearly half of a typical website's traffic to automated bots. This puts the odds of falling victim to a cyber attack at 100%. With the press of one key, an unskilled, inexperienced hacker can attack hundreds of applications within minutes. Automation tools, such as SQLMap and Havij, open new avenues for amateur and professional hackers to evade security defenses. How will your team prepare for, and stop, malicious, automated site traffic and defend against zero-day attacks? This webinar will:

    • Highlight observed trends in the automation of SQLi and RFI attacks
    • Reveal the warning signs of an automated attack
    • Suggest identification methods and proven countermeasures to stop attacks

    • Play Video
  • How to Prevent Remote & Local File Inclusion Attacks

    Presented by Tal Be'ery, Web Security Research Team Leader, Imperva

    Did you know remote and local file inclusion (RFI/LFI) was among the four most prevalent Web application attacks in 2011? Why is RFI/LFI so attractive to hackers? Quite simply, with RFI/LFI a hacker can take over a Web server.

    RFI and LFI attacks primarily affect Web applications written in the PHP programming language. PHP is the most popular server-side programming language. In fact, PHP is used by 77.2% of today's Web sites. Are you aware of the underlying technology that powers your website? For example, if you install WordPress, PHP code will end up on your server making it vulnerable to an RFI/LFI attack. This webinar will discuss:

    • How hackers use RFI/LFI, including how one vulnerability compromised 1.2M WordPress blogs
    • The anatomy of an RFI/LFI attack and how hackers avoid traditional detection techniques
    • How to successfully mitigate RFI/LFI attacks

    • Play Video