Collaborate Disseminate
Researchers at Imperva Bot Management (formerly Distil Networks) have been tracking online bots that target the e-commerce gift card systems of major online retailers. The threat actors they’ve studied show remarkable resourcefulness and adaptabi… Continue reading New Research From Imperva Bot Management Tracks Gift Card Abuse
Imperva’s Cloud WAF has identified instances of a new 0-day vulnerability being exploited within a matter of hours of the exploit being published. On Monday 23rd September 2019, an exploit was published for a vulnerability found within vBulletin … Continue reading Attackers Are Quick to Exploit vBulletin’s Latest 0-day Remote Code Execution Vulnerability
We’re living in the Golden Age of data. Some companies analyze it to better themselves, others trade it for profit, none give it up freely due to its value — for their business, and for criminals, as well. SQL (Structured Query Language) is… Continue reading SQL Injection Attacks: So Old, but Still So Relevant. Here’s Why (Charts)
Pop quiz: how many data records are lost or stolen on an average day? 1 million? 3 million? 6 million? If you answered 6 million, you’re correct, according to the Breach Level Index. According to the Index, 14.7 billion records have been lost or … Continue reading Modern Database Security Buys Down More Risks for Enterprises
Millions of Verizon FIOS broadband users vulnerable to hackers controlling and surveilling their home networks. Thousands of GPS watches whose maps were open to attackers tracking and eavesdropping on children and elderly users. A zero-day hole in Micr… Continue reading Cloud WAAPs Are the Future of Application Security. But What Does That Mean?
Hey developers and DevOps professionals: what if I told you that how you wrap and execute your automation tests could be the key to making your development process faster, more professional and stable, and stop the bickering between your developers and… Continue reading Developers Versus Automation Engineers: How We Ended the Fighting with the Right CI Process
DDoS attacks have always been a major threat to network infrastructure and web applications. Attackers are always creating new ways to exploit legitimate services for malicious purposes, forcing us to constantly research DDoS attacks in our CDN to buil… Continue reading The Ping is the Thing: Popular HTML5 Feature Used to Trick Chinese Mobile Users into Joining Latest DDoS Attack
Imperva recently launched the Imperva GitHub where our global community can access tools, code repositories and other neat resources that aid collaboration and streamline development. The nice thing about these tools is that you can clone them and cust… Continue reading Enhance Imperva Cloud WAF with a New Management Tool in the Imperva GitHub
For those of us in the security industry, the annual Cyberthreat Defense Report is a gold mine of insights into the minds of IT security professionals, including what threats keep them up at night, and how they plan to defend against them. The 6th edit… Continue reading The Five Most Startling Statistics from this 2019 Global Survey of 1,200 Cybersecurity Pros [Infographic]
This guide gives step-by-step guidance on how to collect and parse Imperva Cloud Web Application Firewall (WAF, formerly Incapsula) logs into the Graylog SIEM tool. Read Part I to learn how to set up a Graylog server in AWS and integrate with Imperva C… Continue reading Imperva Cloud WAF and Graylog, Part II: How to Collect and Ingest SIEM Logs