Press release

Imperva Strengthens Defense-in-Depth Application Security Portfolio

Sponsored by Businesswire

, the cybersecurity leader championing the fight to secure data
and applications wherever they reside, today announced significant
enhancements to the Imperva Application Security portfolio, now offering
targeted protection against account takeover (ATO), an industry-leading
approach to detecting and blocking malicious attacks targeted at APIs,
as well as partnerships with leading API vendors and an unprecedented
three-second SLA for mitigating any type of DDoS attack.

These capabilities help customers further harden their defenses against
rapidly evolving attacks. The release extends application protection
from the edge all the way to the individual applications themselves.
Built on top of Imperva’s integrated single-stack architecture and
deployed across a global network, which includes a powerful CDN recently
enhanced with developer access, these new services provide comprehensive
protection against a wide range of cybersecurity threats. These threats
target not just websites but also business-critical APIs, legacy systems
and applications based on open source.

Comprehensive Bot Protection

New Imperva Account Takeover Protection detects and stops hackers from
using stolen credentials to hijack accounts, an attack method that
results in more than $5.1B in losses each year. Leveraging advances in
artificial intelligence, Imperva lets enterprises ensure that only
business-critical traffic reaches websites by eliminating botnet traffic
long before it reaches a customer’s web applications.

Imperva’s acquisition of Distil Networks will strengthen its anti-bot
capabilities even further, when augmented by the industry’s leading bot
detection power. Distil Networks’ detection and advanced reporting
capabilities are in line with Imperva’s overall intent-focused approach
to detection. In combination, they will enable faster security
deployment, better accuracy in detection with no added latency, and
enhanced visibility and management, for a holistic view of all attack
vectors targeting an application.

Built-In Application Protection for Websites and APIs

APIs play a critical role in accelerating innovation and business growth
in the digital economy, but they expose a wider attack surface for
cybercriminals to exploit. Imperva API Security protects API endpoints
by automatically building and enforcing a positive security model of
each published API. Seamless integration with best-in-class API vendors,
including Microsoft Azure, Amazon AWS, and Red Hat 3scale now empowers
Imperva customers to leverage their existing investments.

“API Management can make it easy to open up APIs, and API Gateways help
ensure access is controlled, but a solution like Imperva API Security
offers protection against intrusion attempts,” said Mark Cheshire,
director of product management at Red Hat.

Because of this, Imperva has also announced a new relationship with the
OpenAPI Initiative to further show their support and investment in
securing everyone’s digital landscape via APIs.

“Through our expertise and market leadership within web application
security, we recognized enterprises’ desire to include API security
within the greater web application security industry,” said Terry Ray,
SVP and Imperva Fellow. “As DevOps continue to drive modern application
architecture, including APIs, they certainly need security, but almost
equally important is the support of automation necessary to build API
security into the CI/CD process without maintenance, overhead, and
manual effort from security teams. It’s an exciting time for DevOps and
we’re delighted to be in a position where we continue to set the bar for
security within the CI/CD process.”

Enhanced DDoS Protection

A new anti-DDoS service provides protection for individual IPs, allowing
customers with workloads in the cloud to achieve the same level of DDoS
protection for TCP/IP services. The service joins Imperva’s existing
DDoS protection for websites, the network, and domain name servers (DNS).

Its strength in providing protection against DDoS attacks continues to
be validated as Imperva mitigates the largest attacks ever reported,
including an attack in early May, which hit a peak rate of 652 Mpps and
another attack which came in at 713 Gbps. All attacks are guaranteed to
be mitigated in an industry-best three seconds or less DDoS mitigation
SLA timeframe.

With these application security capabilities, available via Imperva’s
flexible and predictable FlexProtect licensing which secures data and
applications on-premises and in the cloud, Imperva brings defense in
depth to a new level. For protection from the edge, to the network, to
individual applications, all the way to APIs, companies no longer have
to sacrifice security as they undergo digital transformation and migrate
workloads to the cloud.

About Imperva

Imperva is an analyst-recognized, cybersecurity leader on a mission to
protect customers’ digital assets by accurately detecting and
effectively blocking incoming threats, and empowering customers to
manage critical risks, so they do not have to choose between innovating
for their customers and protecting what matters most. At Imperva, we
tirelessly defend your business as it grows, giving you clarity for
today and confidence for tomorrow. Learn more about how Imperva is
protecting the pulse of your business at,
our blog,
or Twitter.