BlueCross BLueShield
General electric
Bot management

How it works

We’ve built a database containing millions of browser and bot signature variants. Using advanced profiling techniques and transparent challenges, our bot classification engine eliminates threats that can overwhelm servers and steal content, while allowing legitimate traffic to pass through

Our extensive database allows us to accurately identify hacker activity, classify good vs. bad bots, and fast-track legitimate users.

The Imperva database powers both our WAF gateways and cloud WAF and is constantly expanding through preemptive research by our security team.

When a new bot variant is encountered, we profile it according to:

  • HTTP/S header content
  • IP and ASN information
  • Reputation, behavioral patterns and technology fingerprints

If a new bot displays suspicious behavior, a series of transparent challenges, such as holding a cookie and parsing JavaScript are issued. Imperva avoids the routine use of CAPTCHA to ensure minimal interruptions for legitimate users.

Precise DDoS mitigation


To combat bad bots, our classification engine identifies and distinguishes between bad bots and clients. It looks at reputation, user agent, and request headers, and uses JavaScript and cookie challenges to identify and separate real people from good and bad bots.

Putting you in control

Putting you in control

With the Imperva Cloud WAF, you can create custom security rules and propagate them worldwide in a matter of minutes. This allows effortless whitelisting and blacklisting of specific bots or visitors displaying distinct characteristics.

Real-time view of bot traffic

Real-time view of bot traffic

Real-time dashboards offer a live view of all incoming traffic right down to the request level. Coupled with the ability to shape security rules on-the-go, this gives you complete control over who, or what, accesses your domain.

Consistenly updated signature pool

Consistenly updated signature pool

A dedicated security team collects traffic signals from across our global network to discover new bot variants and quickly update bot signatures.

WAF policies

Integrated with WAF policies

Policies apply classification results to stop traffic originating from malicious bots. Bot identification results can be incorporated into custom policies to provide an additional level of context and control to any WAF policy.

Related Content

Key Resources

five ways imperva waf

Five Ways Imperva Beats WAF Competition

White Paper
Read paper ›
Stop Bad Bots

Good Bots In. Bad Bots Out.

Read blog ›