FOSTER CITY, CA – September 16, 2004 – Imperva, Inc., a leading provider of application security solutions, today announced that Yankee Group, the global leader in communications & networking research and consulting, included the company in the “Winners” category, along with three other Web application gateway vendors, in a report entitled “Application Gateways Secure Business Communications.” The report, by Eric Ogren, Senior Analyst, Security Solutions & Services at the Yankee Group, highlights Imperva’s approach to protecting web and database applications as a key differentiator for its SecureSphere line of products.

“Imperva takes a holistic view of application security in protecting internal and external access to Web interfaces, application servers and database servers. Imperva examines all communications to the application environment, making decisions based on type of access and the risk of inadvertent disclosure of proprietary information,” said Eric Ogren in the August 2004 report. “Imperva’s solution excels at securing entire application environments.”

”Earning a place on the winner’s block with Yankee Group is confirmation of market traction for us,” said Shlomo Kramer, CEO of Imperva Inc. “Our unique approach to automatically securing the entire application layer from the inside out has met with substantial demand from enterprises who want total application security with minimal ongoing management.”

SecureSphere’s Total Application Security is based on Dynamic Profiling™, which creates a baseline of expected behavior to enable detection and blocking of attempted security breaches. Because application environments are highly dynamic, persistent learning technologies constantly update profiles to reflect recent changes without requiring manual tuning.

SecureSphere’s Dynamic Web Firewall protects the application’s external Web interface based upon the Web elements of the Dynamic Profile. These Web elements include legitimate URLs, HTTP methods, parameters, cookies, response codes and hidden fields, among others. Based upon this understanding of normal user interactions with the Web server, the Dynamic Web Firewall is able to prevent attacks targeting all of the most pervasive application vulnerabilities.

SecureSphere’s Dynamic Database Firewall relies on the database elements of the Dynamic Profile to detect unusual database queries of any kind. Database elements include legitimate SQL queries, valid IP addresses per SQL query, valid user names per SQL query, and more. The database firewall prevents direct unauthorized queries from internal sources. SecureSphere’s Correlated Attack Validation algorithms can correlate database firewall violations with Web firewall violations to deliver overall system accuracy that is not possible by Web or Database firewalls working independently.

About The Yankee Group
The Yankee Group is the global leader in communications & networking research and consulting. The company helps businesses understand the opportunities, risks and competitive pressures of developing, deploying and consuming products and services that drive communication or information exchange. Now in its fourth decade, the Yankee Group is based in Boston with offices throughout North America and Europe.

About Imperva
Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com

# # #

Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact
Marc Gendron
(781) 237-0341
marc@mqpr.net