Web Application Firewall (WAF)

Web Application Firewall

Web attacks deny services and steal sensitive data. Imperva SecureSphere Web Application Firewall (WAF) analyzes and inspects requests coming in to websites, mobile apps and APIs and stops these attacks.

Protect websites, mobile apps and APIs

Protect websites, mobile apps and APIs

SecureSphere WAF inspects and analyzes all requests to your websites, mobile applications and APIs and protects them from attacks aimed at exploiting vulnerabilities and automated attacks.

Block with confidence

Block with confidence

SecureSphere WAF uses patented dynamic application profiling to learn all aspects of a web application’s normal behavior, including: directories, URLs, parameters, and acceptable user inputs. Detects and blocks attacks with exceptional accuracy and blocks only bad traffic.

Auto scale at your pace

API Security

SecureSphere WAF deployed in front of API resources protects core applications by validating and monitoring API traffic, and leveraging SecureSphere features like Profiling and Content Inspection to identify and protect against malicious activity. The SecureSphere API Security feature set includes the following:

  • Profiling and Protecting API Protocols
  • API Content Inspection
  • Blocking Malicious Bot Activity and DDoS
  • Enforcing API Encryption
  • Enforcing Specific API Versions
  • Tracking API Users
Virtual patching for immediate remediation

Virtual patching for immediate remediation

SecureSphere WAF performs “virtual patching” for applications via vulnerability scanner integration. When a vulnerability is discovered, virtual patching actively protects applications instead of waiting for code to be modified. This reduces the window of exposure and lowers the costs of emergency fix cycles.

How Imperva SecureSphere WAF Works

Profiles apps with machine learning

Machine learning creates a positive security model of the application’s profile to avoid false-positives. SecureSphere dynamically learns normal application behavior and distinguishes it from the abnormalities of an attack.

Learn about Dynamic Application Profiling: What It Is and Why You Want Your WAF to Have It. Read blog

Offers Correlated attack validation

Offers Correlated attack validation

Distinguishes attacks from unusual, but legitimate, behavior by correlating web requests across security layers, over time. Correlated attack validation examines protocol conformance, signatures, special characters, and user reputation to accurately alert or block attacks with the lowest rate of false positives.

Provides extensive reporting

Provides extensive reporting

Imperva WAF offers rich graphical reporting capabilities to easily understand security status and meet regulatory compliance. Generates pre-defined and customizable reports. Quickly assess security status and streamline demonstration of compliance with PCI, SOX, HIPAA and FISMA and other compliance standards.

Integrates with SIEM

SecureSphere WAF easily integrate with most of the leading Security Information and Event Management (SIEM) systems such as Splunk, ArcSight and others. SecureSphere WAF exports events as syslog messages, Common Event Format (CEF) and JSON format. SecureSphere WAF events are intuitively indexed and easily searchable for quick incident response.


Key Resources

White paper

The Future of Web Security

Learn the 10 things every WAF should provide.

Read whitepaper ›
White paper

Web Attack Survival Guide

Get step-by-step instructions to help you prepare for and stop web attacks.

Read guide ›