• O’Reilly: Web Application Firewalls

    This definitive book will help you to get up to speed on the latest developments in the space to better understand how you can incorporate and integrate WAF with your existing and planned technology deployments, including cloud, on-premises and hybrid topologies.

  • Q4 2017 Global DDoS Threat Landscape

    In Q4 2017, the bitcoin industry continued to draw significant attack traffic, this time making it onto the most attacked industry list according to number of attacks and number of targets. While there was a drop in the number of network layer attacks this quarter, which fell by 50 percent, application layer assaults nearly doubled. At the same time, there was a spike in both network and application attack persistence.

  • 2018 Cyberthreat Defense Report

    17 countries. 19 industries. 1200 qualified IT security employees. Since it's inaugural launch in 2014, the Cyberthreat Defense Report (CDR) has taken a vendor-agnostic view of how enterprises perceive cyber threats and how they leverage third-party products and services to overcome them.

  • Protect Your Applications Against OWASP Top 10 Risks

    The application security landscape is changing, and the new 2017 Open Web Application Security Project (OWASP) top ten risks are here. Learn how your security teams can use best-of-breed solutions to protect against OWASP Top 10 threats.

  • Web Attack Survival Guide

    The Web Attack Survival Guide is your secret weapon for surviving attacks from hacktivists and cybercriminals. This guide provides step-by-step instructions to help you prepare for and stop web attacks, from hardening your applications, to blocking advanced attacks like SQL injection and DDoS, to performing a post-mortem after the attack is over. Armed with this guide, you can confidently face impending web attacks with a well-thought out strategy.

  • How to Select the Right Web Application Firewall: 10 Key Requirements to Consider

    A web application firewall is not a one-size-fits-all option. This guide provides IT security staff with an overview of the threats to web applications and items to consider when selecting a web application firewall. It also details minimum feature and functionality requirements, and provides an at-a-glance checklist for evaluating web application firewalls.

  • 2017 Cyberthreat Defense Report

    CyberEdge Group's fourth annual Cyberthreat Defense Report provides a penetrating look at how IT security professionals perceive cyberthreats and plan to defend against them. Based on a survey of 1,100 IT security decision makers and practitioners conducted in November 2016, the report delivers countless insights IT security teams can use to better understand how their perceptions, priorities, and security postures stack up against those of their peers.

  • eBook: Cyber Security is the Board’s Business

    Board members have a fiduciary responsibility to establish and govern business policies and practices that drive a company’s financial performance and growth. But do they have a comprehensive view of the company’s defense posture to assure they are a conscientious steward of the business?

    In this eBook, Board members will discover why they need to be concerned about cyber security and how to get more involved.

  • 2016 Magic Quadrant for Web Application Firewalls

    Gartner, Inc. has released the 2016 Magic Quadrant for Web Application Firewalls. Imperva has been positioned as the ONLY Leader on this Magic Quadrant for the third consecutive year. Read this report for Gartner’s analysis of the Web Application Firewalls market.

  • Cyber Security Board Oversight: Taking Ownership of Cyber Security Risks

    Enterprise-level cyber security solutions require more than just technology and employee training; they require the top-down involvement of everyone within the organization, including the Board of Directors. Getting buy-in from a Board of Directors is not always easy, however.

    In this eBook, CEOs and CIOs will discover new ways to educate their Board of Directors and get them onboard with their cyber security.

  • Combat today’s threats with a single platform for app and data security

    Read Combat Today’s Threats with a Single Platform for App and Data Security and learn how to protect web applications and sensitive data across the enterprise and in the cloud. Employing a practical approach, this paper guides you through four simple steps to discover, assess, protect and monitor access to sensitive data.

  • Five Ways Imperva Surpasses the Competition for Web Application Security

    Web application firewalls have become an essential component of the modern organization's security infrastructure, providing scalable high-fidelity protection of business-critical web applications from a broad spectrum of cyber threats. As with any must-have enterprise security solution, there is considerable variation in available offerings. This white paper examines five ways that the industry leading Imperva SecureSphere Web Application Firewall surpasses the competition, to help IT security and application defense teams navigate the evaluation process.

  • Top 5 Solution Requirements for Account Takeover Protection

    Account takeover attacks are a significant problem for Internet facing Web applications that have become the backbone of the modern business. According to the 2015 Verizon Data Breach Investigations Report, over 50% of the Web application attacks came from the use of stolen credentials. Left unchecked, the costs can be enormous, and ranging from loss of confidential data, customer trust, and brand reputation to significant operational disruptions and financial damages.

    This paper provides five essential requirements that IT security teams can use to evaluate candidate solutions for account takeover protection. It also explains how Imperva SecureSphere Web Application Firewall with ThreatRadar Account Takeover Protection addresses each requirement.

  • Delivering Cyber Security Confidence for the Modern Enterprise

    Traditional network and endpoint security alone are not enough to keep pace with the rapid evolution and growing sophistication of cyber threats, user mobility, and the changes cloud computing is bringing to enterprise security. Read the eBook to discover a new approach to cyber security that’s focused on protecting business-critical data and applications wherever they are located, in the cloud or on-premises.

  • DDoS Response Playbook

    This handbook provides you with a practical guide for planning and executing a DDoS response plan. It outlines pragmatic steps and best practices for choosing and setting up the right mitigation solution for your organization, how to authoritatively respond to an attack, and conduct a thorough post-attack analysis for developing follow-up defense strategies.

  • Interview with Executive Allan Tessler: Corporate Directors Must Be Involved in Cyber Security

    A corporate board needs to be responsible for ensuring that an organization’s intellectual assets as well as customer information are protected. Customer data is one of the primary sets of information that needs to be safeguarded from hacking and invasion because of the potential mal-use of that information. Read this short Q&A to learn why it’s important for corporate directors to understand cyber security risks.

  • Protecting Against Vulnerabilities in SharePoint Add-ons

    Microsoft SharePoint is a widely adopted data-sharing and collaboration platform which is often extended using third-party software. When the data in SharePoint is sensitive and regulated, the security of the platform - as well as the software extensions - must be a top concern for organizations. This paper will discuss the threats introduced when using third-party SharePoint plug-ins and Web Parts, evaluate the effectiveness of traditional security solutions in respect to these threats, and provide recommendations for hardening SharePoint systems.

  • Mitigating the OWASP Top 10 2013 with Imperva SecureSphere

    The Open Web Application Security Project (OWASP) Top Ten is widely recognized as one of the leading standards for identifying critical web application security risks. This paper analyzes the latest 2013 release of the OWASP Top Ten most critical web application security risks and outlines how SecureSphere Web Application Firewall (WAF) addresses and mitigates each OWASP Top Ten threat.

  • What Next Gen Firewalls Miss: 6 Requirements to Protect Web Applications

    Web application attacks threaten nearly every organization with an online presence. While some security vendors contend that their next generation firewalls can stop Web attacks, these products lack essential Web security features, leaving customers exposed to attack. This paper lays out the six key requirements needed to protect Web applications and it shows how Web application firewalls alone can effectively satisfy these requirements.

  • [eBook] 10 Things Every Web Application Firewall Should Provide

    Securing Web applications against cybercriminals, hacktivists, and state-sponsored hackers is a never-ending effort. Why? Because hackers evade traditional network security defenses to take down Websites and to steal data; malicious users probe websites around-the-clock looking for vulnerabilities; and, automation tools such as off-the-shelf attack toolkits and botnets make it easy to execute large-scale attacks. Web application firewalls have become the central platform for protecting applications against all online threats. This eBook explains in detail the 10 features that every Web application firewall should provide.

  • The Future of Web Security: 10 Things Every Web Application Firewall Should Provide

    Web application firewalls have become the central platform for protecting applications against all online threats including technical Web attacks, business logic attacks, and online fraud. Web application firewalls understand Web usage and validate input to stop dangerous attacks like SQL injection, XSS, and directory traversal. They block scanners and virtually patch vulnerabilities. And they rapidly evolve to prevent new attacks and to keep critical applications safe. Because Web application firewalls are strategic, every organization must carefully evaluate the products' security, management, and deployment capabilities. This paper explains in detail the 10 features that every Web application firewall should provide.

  • [eBook] How to Protect Your Website From Hackers

    Hackers continuously attack Websites in order to steal sensitive data and disrupt access. To address the threat from hackers, the PCI Data Security Standard mandates that merchants fortify their Web applications against attack. This eBook describes today's Web security risks and introduces new cloud-based solutions that protect Websites from hackers and meet PCI compliance requirements.

  • Botnets at the Gate

    Stopping Botnets and Distributed Denial of Service Attacks
    Botnets have infiltrated millions of users' computers and wrecked incalculable damage. This white paper lifts the veil on botnets and on the cyber-criminals behind them. It analyzes the history, growth, and economics behind botnets. It then investigates one of the most common attacks executed by botnets: the Distributed Denial of Service (DDoS) attack.

  • Anatomy of an XSS Campaign

    The Imperva Defense Center observed the full anatomy of a cross-site scripting (XSS) campaign, showing why it's so easy to conduct a muscular phishing campaign in just under an hour.