Web Application Firewall (WAF)
Web application attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) analyzes and inspects requests coming in to applications and stops these attacks.
Imperva WAF At a glance: Start Presentation!
Secure cloud and on-prem apps
Protect your applications in the cloud and on-premises with the same set of security policies and management capabilities. Safely migrate apps while maintaining full protection. Imperva WAF is a key component of Imperva’s market-leading, full stack application security solution which brings defense-in-depth to a new level.
Deploy Imperva WAF the way YOU want
Deploy Imperva WAF on-premises, in AWS and Azure, or as a cloud service itself. Easily meet the specific security and service level requirements of individual applications.
- Cloud WAF: Imperva Cloud WAF protects against known and unknown threats, including all OWASP top 10 and zero-day threats.
Imperva Cloud WAF is designed to work in blocking mode with little or no tuning and with near zero false positives. You can easily build custom WAF rules and secure your API interfaces. Automated virtual patching lets you protect all apps with a single change. More than a WAF, Imperva also adds bot control, account takeover protection, backdoor protection, two-factor authentication and SIEM integration.
- WAF Gateway: Web attacks deny services and steal sensitive data. Imperva Web Application Firewall (WAF) Gateway analyzes and inspects incoming requests to your applications and APIs and stops these attacks.
WAF Gateway inspects and analyzes all requests to your websites and APIs and protects them from attacks aimed at exploiting vulnerabilities and from automated attacks.Machine learning creates a positive security model of the application’s profile to avoid false-positives. WAF Gateway dynamically learns normal application behavior and distinguishes it from the abnormalities of an attack.
Stop OWASP Top 10 and Automated Top 20
Imperva WAF protects against the most critical web application security risks: SQL injection, cross-site scripting, illegal resource access, remote file inclusion, and other OWASP Top 10 and Automated Top 20 threats. Imperva security researchers continually monitor the threat landscape and update Imperva WAF with the latest threat data.
Gartner Magic Quadrant for Web Application Firewalls: Imperva has been recognized for the 6th time in a row as a Gartner Leader in Web Application Firewall sector!
How Imperva WAF Protects Your Applications
- Attack detection Imperva WAF uses patented dynamic application profiling and correlated attack validation to accurately detect attacks and minimize false positives. Dynamic application profiling learns all aspects of web applications, including the directories, URLs, parameters, and acceptable user inputs. Correlated attack validation aggregates and analyzes individual violations across the stack. Combined, they detect attacks with exceptional accuracy and block only bad traffic.
- Extensive reporting Imperva WAF offers rich graphical reporting capabilities to easily understand security status and meet regulatory compliance. Generate pre-defined and customizable reports. Quickly assess security status and streamline demonstration of compliance with PCI, SOX, HIPAA and FISMA and other compliance standards. Benefit from our best-in-class integrative attack analytics and intuitive single pane of glass dashboards.
- SIEM integration Imperva WAF integrates with most of the leading Security Information and Event Management (SIEM) systems such as Splunk, ArcSight and others. It exports events as syslog messages, Common Event Format (CEF) and JSON format. Events generated by Imperva WAF are intuitively indexed and easily searchable for quick incident response.
Features
Cloud Web Application Firewall
A cloud WAF that protects applications against all attacks wherever they're located; on-premises, in public or private cloud. Imperva cloud WAF is PCI-certified, customizable, SIEM-ready and tuned for blocking threats with minimal false-positives. Easy setup ensures rapid time to benefit.
Web Application Firewall Gateway
An appliance or virtual WAF that protects applications against all attacks wherever they're located; on-premises, in public or private cloud. Imperva WAF gateways set the standard for protection, innovation, and customization. Dynamic profiling ensures any application is protected no matter how complex or unique.
Client Classification
A multilayered system to block malicious traffic. Behavioral analysis, device fingerprinting, signature identification and transparent challenges combine to only allow legitimate users with low false positives.
IP Reputation Intelligence
A security reputation feed that combines research from Imperva security researchers, live crowdsourced intelligence from millions of sites and threat intelligence from multiple partners.
ATO Protection
A service that mitigates account takeover (ATO) attacks without affecting legitimate traffic. Takes an intent-focused approach to detection, utilizing reputational analysis, an advanced classification engine, and behavioral machine learning.
FlexProtect Plus
Choose it to complete data and application security that let you deploy protection when and where you need it - on-premises or in the cloud.
FlexProtect Premier
Get the Maximum data and application security that gives you all that Imperva has to offer, inlcuding DDoS protection and Data Masking.
Trusted by World Leaders
Leading companies rely on Imperva's Web Application Firewall, e.g. AARP, GE, Siemens or Xoom - a PayPal service