Media Contact:

Clinton Karr
(415) 432-2441
Clinton.Karr@lewispulse.com

Anti-automation Solutions Help Prevent Computer-assisted Tools and Crowd Sourcing from Bypassing Anti-Spam Services

Redwood Shores, Calif., June 18, 2012 – Imperva, Inc. (NYSE:  IMPV), a pioneer and leader of a new category of data security solutions for high-value business data in the data center, today released its June Hacker Intelligence report, “A CAPTCHA in the Rye,” which examines CAPTCHA security concerns. Computer-assisted tools and crowd sourcing can easily bypass traditional anti-spam solutions, forcing CAPTCHAs to evolve to address these techniques.

The report can be downloaded here.

A CAPTCHA, or a Completely Automated Public Turing test to tell Computers and Humans Apart, is a common security measure used to distinguish human users from automated browsing applications, helping to prevent automated tools from abusing online services. Hackers have developed numerous methods to bypass CAPTCHAs, such as computer-assisted tools and crowd sourcing, forcing CAPTCHA providers to constantly monitor and innovate their services.

“CAPTCHA security, like many other security segments, is a battle of innovation between hackers and security professionals,” said Amichai Shulman, CTO, Imperva. “CAPTCHA security must be balanced against a positive user experience, but can readily be improved by deploying anti-automation solutions to help prevent hackers from employing anti-CAPTCHA tools.”

“A CAPTCHA in the Rye” provides contextual analysis and real-world case studies focused on CAPTCHA solutions, including:

Methods for Bypassing CAPTCHA – Imperva highlights two main approaches hackers take to solve CAPTCHAs: Computer-assisted tools based on Optical Character Recognition or Machine Learning technologies and crowdsourcing CAPTCHA solving to third-party agents.

Emerging CAPTCHA Technology – Novel approaches to CAPTCHA implementation include delivering more difficult CAPTCHAs to suspicious users, integrating simple riddles and contextual semantics, all of which are more difficult for automated tools to solve.

Lessons Learned from Real World Deployments – Imperva analyzed a series of case studies focused on bypassing CAPTCHAs to identify common trends, such as incomplete browser headers and high rate requests per minute.

Imperva advises anti-automation solutions to bolster CAPTCHA defenses with traffic-based automation detection, behavioral analysis, content analysis and blacklists.

To download the full report, please visit: [link to report]

Get up to date security news at the Imperva Data Security blog: http://www.blog.imperva.com/

About Imperva

Imperva is a pioneer and leader of a new category of data security solutions for high-value business data in the data center. With more than 1,800 end-user customers and thousands of organizations protected through cloud-based deployments, Imperva’s customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere identifies and secures high-value data across file systems, web applications and databases. For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

We’re hiring!  Help us protect the world’s data:  http://www.imperva.com/go/jobs

© 2012 Imperva, Inc. All rights reserved. Imperva, the Imperva logo and SecureSphere are trademarks of Imperva, Inc.