• eBook: Cyber Security is the Board’s Business

    Board members have a fiduciary responsibility to establish and govern business policies and practices that drive a company’s financial performance and growth. But do they have a comprehensive view of the company’s defense posture to assure they are a conscientious steward of the business?

    In this eBook, Board members will discover why they need to be concerned about cyber security and how to get more involved.
  • 2016 Magic Quadrant for Web Application Firewalls

    Gartner, Inc. has released the 2016 Magic Quadrant for Web Application Firewalls. Imperva has been positioned as the ONLY Leader on this Magic Quadrant for the third consecutive year. Read this report for Gartner’s analysis of the Web Application Firewalls market.
  • Cyber Security Board Oversight: Taking Ownership of Cyber Security Risks

    Enterprise-level cyber security solutions require more than just technology and employee training; they require the top-down involvement of everyone within the organization, including the Board of Directors. Getting buy-in from a Board of Directors is not always easy, however.

    In this eBook, CEOs and CIOs will discover new ways to educate their Board of Directors and get them onboard with their cyber security.
  • Combat today’s threats with a single platform for app and data security

    Read Combat Today’s Threats with a Single Platform for App and Data Security and learn how to protect web applications and sensitive data across the enterprise and in the cloud. Employing a practical approach, this paper guides you through four simple steps to discover, assess, protect and monitor access to sensitive data.
  • Five Ways Imperva Surpasses the Competition for Web Application Security

    Web application firewalls have become an essential component of the modern organization's security infrastructure, providing scalable high-fidelity protection of business-critical web applications from a broad spectrum of cyber threats. As with any must-have enterprise security solution, there is considerable variation in available offerings. This white paper examines five ways that the industry leading Imperva SecureSphere Web Application Firewall surpasses the competition, to help IT security and application defense teams navigate the evaluation process.
  • 2016 Cyberthreat Defense Report

    We’re losing the war! Today’s security threats bypass enterprise defenses and remain undetected for far too long. Read CyberEdge Group’s 2016 Cyberthreat Defense Report and find out how your defense posture stacks up against 1000 IT security decision makers. You will learn how your spend compares to that of other organizations, what defense measures your peers have in place to defend against internal and external threats, and why weaknesses in your strategy could make your organization a “low hanging fruit”.
  • Top 5 Solution Requirements for Account Takeover Protection

    Account takeover attacks are a significant problem for Internet facing Web applications that have become the backbone of the modern business. According to the 2015 Verizon Data Breach Investigations Report, over 50% of the Web application attacks came from the use of stolen credentials. Left unchecked, the costs can be enormous, and ranging from loss of confidential data, customer trust, and brand reputation to significant operational disruptions and financial damages.

    This paper provides five essential requirements that IT security teams can use to evaluate candidate solutions for account takeover protection. It also explains how Imperva SecureSphere Web Application Firewall with ThreatRadar Account Takeover Protection addresses each requirement.
  • Delivering Cyber Security Confidence for the Modern Enterprise

    Traditional network and endpoint security alone are not enough to keep pace with the rapid evolution and growing sophistication of cyber threats, user mobility, and the changes cloud computing is bringing to enterprise security. Read the eBook to discover a new approach to cyber security that’s focused on protecting business-critical data and applications wherever they are located, in the cloud or on-premises.
  • Securing and Monitoring Access to Office 365

    Microsoft provides basic security features for Office 365, but it’s ultimately up to the customer to protect Office 365 admin and user accounts from external threats and malicious insiders. This paper looks at the challenges of securing access to Office 365 and what you can do to protect your data.
  • Securing Administrator Access for the Amazon Web Services Management Console

    AWS provides the foundational security infrastructure for its customers, but the ultimate responsibility to secure the application running on AWS lies with the customer. This paper looks at the importance and challenges of securing access to the AWS console and what you can do to protect your data.
  • The Cloud App Visibility Blind Spot

    Traditional security controls weren’t designed with the cloud in mind. Read this white paper to learn about the challenges created by “Shadow IT” and what you can do to mitigate those risks and safely enable the use of cloud apps in your organization.
  • IaaS Reference Architectures: for AWS

    Data center, IT and Operations Architects can now secure their web applications whether those are on-premise, in a virtual environment or in the most popular public cloud, Amazon Web Services (AWS). This Blueprint document provides guidance on architecting security for cloud-based web applications using the leading WAF solution in the market today, Imperva SecureSphere, along with other Imperva security solutions for Amazon Web Services (AWS).
  • DDoS Response Playbook

    This handbook provides you with a practical guide for planning and executing a DDoS response plan. It outlines pragmatic steps and best practices for choosing and setting up the right mitigation solution for your organization, how to authoritatively respond to an attack, and conduct a thorough post-attack analysis for developing follow-up defense strategies.
  • Interview with Executive Allan Tessler: Corporate Directors Must Be Involved in Cyber Security

    A corporate board needs to be responsible for ensuring that an organization’s intellectual assets as well as customer information are protected. Customer data is one of the primary sets of information that needs to be safeguarded from hacking and invasion because of the potential mal-use of that information. Read this short Q&A to learn why it’s important for corporate directors to understand cyber security risks.
  • Protecting Against Vulnerabilities in SharePoint Add-ons

    Microsoft SharePoint is a widely adopted data-sharing and collaboration platform which is often extended using third-party software. When the data in SharePoint is sensitive and regulated, the security of the platform - as well as the software extensions - must be a top concern for organizations. This paper will discuss the threats introduced when using third-party SharePoint plug-ins and Web Parts, evaluate the effectiveness of traditional security solutions in respect to these threats, and provide recommendations for hardening SharePoint systems.
  • Web Attack Survival Guide

    The Web Attack Survival Guide is your secret weapon for surviving attacks from hacktivists and cybercriminals. This guide provides step-by-step instructions to help you prepare for and stop web attacks, from hardening your applications, to blocking advanced attacks like SQL injection and DDoS, to performing a post-mortem after the attack is over. Armed with this guide, you can confidently face impending web attacks with a well-thought out strategy.
  • Mitigating the OWASP Top 10 2013 with Imperva SecureSphere

    The Open Web Application Security Project (OWASP) Top Ten is widely recognized as one of the leading standards for identifying critical web application security risks. This paper analyzes the latest 2013 release of the OWASP Top Ten most critical web application security risks and outlines how SecureSphere Web Application Firewall (WAF) addresses and mitigates each OWASP Top Ten threat.
  • What Next Gen Firewalls Miss: 6 Requirements to Protect Web Applications

    Web application attacks threaten nearly every organization with an online presence. While some security vendors contend that their next generation firewalls can stop Web attacks, these products lack essential Web security features, leaving customers exposed to attack. This paper lays out the six key requirements needed to protect Web applications and it shows how Web application firewalls alone can effectively satisfy these requirements.
  • [eBook] 10 Things Every Web Application Firewall Should Provide

    Securing Web applications against cybercriminals, hacktivists, and state-sponsored hackers is a never-ending effort. Why? Because hackers evade traditional network security defenses to take down Websites and to steal data; malicious users probe websites around-the-clock looking for vulnerabilities; and, automation tools such as off-the-shelf attack toolkits and botnets make it easy to execute large-scale attacks. Web application firewalls have become the central platform for protecting applications against all online threats. This eBook explains in detail the 10 features that every Web application firewall should provide.
  • The Future of Web Security: 10 Things Every Web Application Firewall Should Provide

    Web application firewalls have become the central platform for protecting applications against all online threats including technical Web attacks, business logic attacks, and online fraud. Web application firewalls understand Web usage and validate input to stop dangerous attacks like SQL injection, XSS, and directory traversal. They block scanners and virtually patch vulnerabilities. And they rapidly evolve to prevent new attacks and to keep critical applications safe. Because Web application firewalls are strategic, every organization must carefully evaluate the products' security, management, and deployment capabilities. This paper explains in detail the 10 features that every Web application firewall should provide.
  • [eBook] How to Protect Your Website From Hackers

    Hackers continuously attack Websites in order to steal sensitive data and disrupt access. To address the threat from hackers, the PCI Data Security Standard mandates that merchants fortify their Web applications against attack. This eBook describes today's Web security risks and introduces new cloud-based solutions that protect Websites from hackers and meet PCI compliance requirements.
  • Botnets at the Gate

    Stopping Botnets and Distributed Denial of Service Attacks
    Botnets have infiltrated millions of users' computers and wrecked incalculable damage. This white paper lifts the veil on botnets and on the cyber-criminals behind them. It analyzes the history, growth, and economics behind botnets. It then investigates one of the most common attacks executed by botnets: the Distributed Denial of Service (DDoS) attack.
  • Anatomy of an XSS Campaign

    The Imperva Defense Center observed the full anatomy of a cross-site scripting (XSS) campaign, showing why it's so easy to conduct a muscular phishing campaign in just under an hour.