Imperva
More information: https://www.imperva.com
Description of technology
DDOS PROTECTION FOR DNS - protects DNS infrastructure while accelerating queries through caching and reducing load. Imperva can act as both a record host and authoritative DNS, providing final responses and protecting against volumetric attacks. The secure DNS proxy terminates TCP and UDP connections, acting as a buffer between the Internet and the original DNS server, filtering DDoS attacks such as SYN Floods and UDP Floods. Only legitimate DNS queries are forwarded to the origin server.
DDOS PROTECTION FOR INDIVIDUAL IPS - is similar to DDoS Protection for Networks, but protects specific IP addresses. This service is suitable for organizations that do not have a Class C network or BGP-enabled network equipment required for Infrastructure Protection.
DDOS PROTECTION FOR NETWORKS - helps organizations protect their environment from layer 3 and 4 DDoS attacks. This cloud-based solution is fully automated and provides a 3-second SLA for attack mitigation. It can protect any online resources, including websites, DNS servers, SMTP servers, and other IP-based applications. The service leverages Imperva’s multi-terabit network capacity and packet-processing capabilities to absorb and mitigate the largest and most sophisticated DDoS attacks.
DATA RISK ANALYTICS (DRA) - protects data stored in corporate databases from theft or loss caused by compromised, careless, or malicious users. By dynamically learning normal user access patterns and identifying inappropriate or unauthorized access, DRA proactively alerts IT teams to risky behavior.
DATA SECURITY FABRIC (DSF) - a collection of technologies forming a comprehensive data security solution for organizations of all sizes. DSF includes traditional Data Activity Monitoring (DAM) components that rely on agent-based auditing, as well as agentless mechanisms leveraging native auditing present in almost all production databases. DSF also provides analytics tools and additional functionalities to support enterprise-wide data monitoring and protection projects. DSF goes beyond structured data (stored in relational/structured databases) to enable protection of unstructured data. It provides proactive control and predictive analytics, allowing security analysts and management to monitor activity, assess security, model risk, and detect attacks to prevent harmful data breaches or compliance violations.
DATABASE ACTIVITY MONITORING (DAM) / DATABASE FIREWALL (DBF) - is a part of the DSF platform but can operate as a standalone product. The solution includes agents, agent gateways, and management components. DAM/DBF secures sensitive database data, providing full visibility into data usage, vulnerabilities, and access rights. It enables security, audit, and risk teams to improve data protection and meet compliance requirements.
ACCOUNT TAKEOVER PROTECTION - is a part of the Imperva Cloud Application Security suite, that detects and mitigates account takeover attempts, protecting web applications from both volumetric and slow ATO attacks. Its focus is on safeguarding the authentication page of the protected application.
ADVANCED BOT PROTECTION - a specialized solution designed to defend against highly motivated actors causing significant business damage. Often combined with API Security, it enhances protection against bots exploiting APIs for business logic attacks, such as web data scraping, credential theft, and credit card fraud.
API SECURITY - properly protects APIs, typical WAF protection must be combined with specialized API Security mechanisms. Only this approach can provide full protection (comprehensive WAAP coverage). The API Security product is an additional tool integrated into the Cloud WAF platform. It can monitor both public endpoints (via Cloud WAF) and endpoints not exposed to the Internet.
ATTACK ANALYTICS - accelerates the investigation of WAF security alerts by providing a comprehensive view of attacks and adversaries targeting resources. The service aggregates and analyzes account security alerts, identifies common patterns, and groups them into meaningful security incidents.
CLIENT-SIDE PROTECTION - is a part of the Imperva Cloud Application Security suite, that protects data from theft via client-side attacks such as Digital Skimming, Formjacking, Supply Chain Attacks, and Magecart. These attacks compromise applications by stealing data directly from users rather than databases.
CLOUD WAF - a SaaS-based solution protecting websites (including APIs) from external threats. It is based on a network of secure reverse proxy servers deployed across a globally distributed CDN (Content Delivery Network). Traffic routed through Imperva’s network is terminated by the proxy, allowing Imperva to inspect every request and block malicious activity.
DDOS PROTECTION FOR WEBSITES AND APIS - websites using Imperva DDoS Protection are safeguarded against all types of DDoS attacks, including network-level (layer 3 and 4) and application-level (layer 7). A secure HTTP proxy terminates TCP connections, acting as a buffer between the Internet and the origin server. Only legitimate TCP sessions are forwarded to the origin server.
RUNTIME APPLICATION SELF-PROTECTION (RASP) - a lightweight plugin that protects applications from within using the LangSec methodology. It embeds itself during runtime to monitor and safeguard the application without requiring additional infrastructure. RASP is fully autonomous, does not require network connections, and operates in any deployment architecture – on-premises, in the cloud, or in containers.
WAF GATEWAY - provides comprehensive application protection through a local component (physical appliance or virtual machine). It offers extensive customization options and full flexibility for integration with applications. This solution is ideal for larger customers with a SOC that requires configuration flexibility. It is also suitable for organizations where SaaS-based protection is not acceptable due to regulatory requirements.