Web Application FirewallImperva Information Security

Your website receives a continuous barrage of attacks. If hackers uncover a crack in your defenses, they can steal your application data, defraud your users, and take down your website.

The SecureSphere Web Application Firewall stops web attacks and prevents costly data breaches and downtime. Combining multiple defenses, SecureSphere accurately pinpoints and blocks attacks without blocking your customers. It offers drop-in deployment and automated management. Certified by ICSA Labs, SecureSphere satisfies PCI 6.6 compliance and provides ironclad protection against the OWASP Top Ten.


SecureSphere Web Application Firewall:

  • Provides up-to-date, ironclad defenses powered by research from the Imperva ADC
  • Automates management by dynamically learning applications and user behaviour
  • Virtually patches website vulnerabiliities to reduce the window of exposure and cost of emergency fix cycles
  • Offers transparent, drop-in deployment


Web Application Firewall Add-ons:

  • ThreatRadar Reputation Services ThreatRadar enables you to stop large-scale, automated attacks and prevent hackers from infiltrating your site. ThreatRadar deflects known malicious sources, anonymous proxies, phishing URLs, and requests from suspicious countries to keep your applications safe. User reputation information from ThreatRadar lets you free-up application infrastructure, maximize website uptime, and protect your intellectual property.
  • ThreatRadar Community Defense
    Your organization faces a never-ending battle against hackers. Without the latest defenses, hackers can infiltrate your website and steal sensitive data, causing brand damage and lost revenue. ThreatRadar Community Defense safeguards your website and lets you stay ahead of the attackers, by gathering attack data from SecureSphere deployments around the world and translating that data into security policies.
  • ThreatRadar Bot Protection Services
    Over half of all your Website users are not human, they’re bots. And malicious bots account for more than 95% of all website attacks, including participating in DDoS attacks, injecting comment spam, and scraping website content. ThreatRadar Bot Protection Services accurately distinguishes between good bots, bad bots and human users, and provides granular information enabling SecureSphere WAF to stop the malicious ones before they can attack your web application.
  • ThreatRadar Fraud PreventionAccelerate your web fraud security deployments and easily manage your fraud policies from the SecureSphere web user interface, without impacting your web applications. ThreatRadar Fraud Prevention integrates with leading web fraud solutions to transparently identify and prevent fraudulent activity.


Key Benefits & Features:

  • Block attacks with laser precisionDynamic Profiling technology automatically builds a “white list” of acceptable user behavior. Correlated Attack Validation is used to correlate Dynamic Profiling violations with other suspicious activity to correctly identify attacks without blocking your customers
  • Leverage world-renowned application security researchTo get ahead and stay ahead in the continuous fight against application attacks, you need your own security research organization. SecureSphere WAF customers get exactly that with regular signature and policy updates from our dedicated security research team, the Application Defense Center (ADC). ADC research yields the most up-to-date threat intelligence, and the most complete set of application signatures and policies in the industry
  • Shut down malicious sources and botsCan you distinguish between real customers, known attackers, or bots? Can you tell if website visitors are using anonymous proxies to cloak their identity? ThreatRadar Reputation Services detects these users with IP reputation feeds of malicious sources, anonymizing services, phishing URLs, and IP geolocation data. ThreatRadar delivers an up-to-date and automated defense against automated attacks and attack sources to help you maximize uptime and protect your sensitive data
  • Stop application DDoS and business logic attacksYou can keep your customers happy and your reputation intact in spite of the growing threat of business logic attacks. Business logic attacks exploit the normal logic of your applications to post comment spam in forums and message boards, scrape web content, or disable access to your website. All of this can reduce your competitive edge, frustrate customers, and damage your reputation. SecureSphere mitigates these concerns by identifying bots, known attack sources, and attack behavior
  • Instantly patch website vulnerabilitiesApplication vulnerabilities can leave your company exposed to attack for weeks or months. SecureSphere integrates with application scanners for virtual patching, importing assessment results, and creating custom policies to remediate vulnerabilities. Compared to manually fixing website vulnerabilities, virtual patching reduces the window of exposure and costs
  • Gain forensics insights with customisable reportsYou can quickly analyze security threats and meet compliance requirements with graphical reports. SecureSphere provides both pre-defined and fully-customizable reports. Reports can be viewed on demand or emailed on a daily, weekly, or monthly basis. A real-time dashboard provides you with a high level view of system status and security events
  • Speed up deployment without riskNow you can protect your applications without impacting performance and without requiring extensive network changes. SecureSphere offers flexible inline, non-inline, and proxy deployment options that meet your organizations’ diverse requirements. SecureSphere’s unique, transparent bridge mode saves time and labor with drop-in deployment that requires no changes to existing applications or network devices. SecureSphere also delivers multi-Gigabit throughput while maintaining sub-millisecond latency



Imperva Web Application Firewall Datasheet

Imperva Web Application Firewall Datasheet

Download the Imperva SecureSphere Web Application Security Datasheet to learn more.  





For more information, contact us now to determine how Imperva can help secure your business.  


To learn more about Imperva, visit the Imperva website.