Enterprise-Grade Security from the Cloud

Similar documents
Website Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?

End-to-End Application Security from the Cloud

Imperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

10 Things Every Web Application Firewall Should Provide Share this ebook

Powered by. Incapsula Cloud WAF

SANS Top 20 Critical Controls for Effective Cyber Defense

Automated Mitigation of the Largest and Smartest DDoS Attacks

Akamai to Incapsula Migration Guide

Protecting What Matters Most. Bartosz Kryński Senior Consultant, Clico

Vulnerability Management

IAAS REFERENCE ARCHITECTURES: FOR AWS

Introduction: 1. Daily 360 Website Scanning for Malware

Automated Mitigation of the Largest and Smartest DDoS Attacks

5 Lines of Defense You Need to Secure Your SharePoint Environment SharePoint Security Resource Kit

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

A Network Administrator s Guide to Web App Security

NSFOCUS Web Application Firewall White Paper

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

F5 Silverline Web Application Firewall Onboarding: Technical Note

Trend Micro. Advanced Security Built for the Cloud

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

How Web Application Security Can Prevent Malicious Attacks

Payment Card Industry Data Security Standard

HP Application Security Center

Optimal Traffic Distribution & High Availability from the Cloud. Intelligent Layer 7 Load Balancing. Datasheet Load Balancing & Failover.

Protecting Your Network Against Risky SSL Traffic ABSTRACT

End-user Security Analytics Strengthens Protection with ArcSight

Cenzic Product Guide. Cloud, Mobile and Web Application Security

Production Security and the SDLC. Mark Kraynak Sr. Dir. Strategic Marketing Imperva

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

Devising a Server Protection Strategy with Trend Micro

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

IBM Security QRadar Vulnerability Manager

The Hillstone and Trend Micro Joint Solution

How to Secure Your SharePoint Deployment

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Devising a Server Protection Strategy with Trend Micro

VULNERABILITY MANAGEMENT

White Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015

Cutting the Cost of Application Security

Where every interaction matters.

What Next Gen Firewalls Miss: 6 Requirements to Protect Web Applications

FortiWeb 5.0, Web Application Firewall Course #251

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

IT Security & Compliance. On Time. On Budget. On Demand.

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Analyzing HTTP/HTTPS Traffic Logs

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

PCI-DSS Penetration Testing

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Applications and data are the main targets for modern attacks. Adoption of dedicated application and data security concepts, technologies and

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

A Decision Maker s Guide to Securing an IT Infrastructure

isheriff CLOUD SECURITY

The Global Attacker Security Intelligence Service Explained

THE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.

Mailwall Remote Features Tour Datasheet

Reducing Application Vulnerabilities by Security Engineering

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

The New PCI Requirement: Application Firewall vs. Code Review

Protecting Your Organisation from Targeted Cyber Intrusion

APERTURE. Safely enable your SaaS applications.

Incapsula vs. CloudFlare

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Extreme Networks Security Analytics G2 Vulnerability Manager

Secure Web Gateways Buyer s Guide >

The Importance of Cybersecurity Monitoring for Utilities

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

EVADING ALL WEB-APPLICATION FIREWALLS XSS FILTERS

Requirements When Considering a Next- Generation Firewall

Cisco Advanced Services for Network Security

Securing SharePoint 101. Rob Rachwald Imperva

Security Services. 30 years of experience in IT business

INTRODUCING isheriff CLOUD SECURITY

PCI DSS Reporting WHITEPAPER

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Firewall and UTM Solutions Guide

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Radware s Behavioral Server Cracking Protection

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Protect Your Business and Customers from Online Fraud

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

Symantec Messaging Gateway 10.5

WHY DOES MY SPEED MONITORING GRAPH SHOW -1 IN THE TOOLTIP? 2 HOW CAN I CHANGE MY PREFERENCES FOR UPTIME AND SPEED MONITORING 2

Introducing IBM s Advanced Threat Protection Platform

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

Bringing Continuous Security to the Global Enterprise

Cyberoam Perspective BFSI Security Guidelines. Overview

From Rivals to BFF: WAF & VA Unite OWASP The OWASP Foundation

From the Bottom to the Top: The Evolution of Application Monitoring

Transcription:

Datasheet Website Security Enterprise-Grade Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed security to the world's most security-conscious businesses. Our website security solution redefines and extends the WAF beyond traditional concepts. In addition to our enterprise-grade, PCI-certified WAF, Incapsula's service also includes backdoor protection, two-factor authentication, and bot access control. An advanced client classification engine analyzes and classifies all incoming traffic to your site, preventing access to malicious and unwanted visitors. Access Control Bot Protection Web Application Firewall Web Application Login Protect What You Get Enterprise-grade, PCI-certified Web Application Firewall Protection from malicious bot traffic and backdoors Two factor authentication for website access Granular website access control based on URL, IP, country, etc. Why Incapsula? Cloud-based, big data approach leverages customer base for 360-degree visibility into attack landscape Proven against hundreds of penetration tests and millions of attacks every day Dedicated security research team monitors, tunes and updates the service to ensure protection against new and emerging threats Decades of security experience and best practices leveraging Imperva's market-leading WAF technology Dynamic profiling and application-aware technologies minimize false positives Activated by simple DNS change - no hardware or software installation, integration or changes to the website

Cloud-Based, Big Data Security Approach A cloud-based approach enables us to harness real data from our customer base to better understand the global attack landscape and continually improve our security. Sandboxing lets us silently test new features on real websites before their launch. Servicing thousands of customers and subjected to hundreds of penetration tests and millions of attacks every day, Incapsula's service is aligned to meet the most stringent enterprise-grade security criteria. Using crowdsourcing techniques, Incapsula protects your website with collective knowledge about the current threat landscape. Threat information is aggregated across the entire Incapsula community using big data analytics. This data is used to identify new attacks as they happen and simultaneously apply mitigation rules to all websites protected by Incapsula. Web Application Firewall (WAF) Best-of-Breed, End-to-End Web Application Security Incapsula's enterprise-grade WAF ensures that your website or application is always protected against any type of Application Layer hacking attempt. Based on Imperva s industry-leading WAF technology and experience, Incapsula's cloud-based WAF defends against OWASP top 10 threats including: SQL injection, cross site scripting, illegal resource access and remote file inclusion. Security experts behind Incapsula's service ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your website and improve website performance. Custom Security Rules Incapsula s custom security rules allow you to apply your organization s security policy within Incapsula s Web Application Firewall, by configuring a variety of rule triggers and adding different rule actions.

Proactive Remediation Incapsula s security team monitors hackers' activities and zero day exploits to make sure that websites using our service are protected. Using a home-grown database of all common website attacks, content management systems and e-commerce solutions, Incapsula applies dedicated security rules to proactively remediate known vulnerabilities from these sources. monitoring and reporting framework provides instant visibility into security, compliance and content delivery concerns. A dashboard provides a high-level view of system status and security events. Incapsula provides customers with a detailed analysis of every threat that was posed to your website including: IP address, user agent, location, and other pertinent session information. Weekly graphical reports visualize trends in website traffic, threats, and performance improvements. PCI Certification and Reporting Incapsula s WAF is certified by the PCI Security Standards Council. The WAF protects you from liabilities and non-compliance penalties, while protecting your customers' sensitive data from exposure on your site. Incapsula s PCI compliance report audits security rule configuration changes and periodically reports on your compliance with PCI 6.6 requirements. Rich graphical reportingcapabilities enable customers to easily understand security status and meet regulatory compliance. Automated Learning of Applications and User Behavior Blacklisting Prevention 24x7 Security Coverage On a daily basis legitimate websites are added to the malware blacklists of security software firms, search engines, and browser vendors due to application vulnerabilities. As a result, access to your website is blocked to customers and partners and your business is effectively shut down. The WAF enables you to close vulnerability gaps in your applications to avoid blacklisting and ensure your website is always accessible. Customer-Specific Threat Policy Management Each security rule can be configured specifically according to the customer s blocking policy (block request, block IP, block session or alert only). The security policy can be fine-tuned to address specific URLs, fields, IP addresses and countries. Powerful access control capabilities enable you to define exceptions and minimize false positives. In-Depth Threat Monitoring and Analysis Alerts can be easily searched, sorted, and directly linked to corresponding security rules. Incapsula's To accurately detect attacks, a WAF must understand application structure, elements, and expected user behavior. Our Dynamic Profiling technology automates this process by profiling protected applications and building a baseline or white list of acceptable user behavior. It also automatically learns application changes over time, minimizing false positives to ensure that every legitimate user reaches your website. Using a "Security as a Service" approach, Incapsula's security experts manage and update the WAF 24x7 to ensure that you are always protected against new and emerging threats. Incapsula provides organizations with continuous website health monitoring by world-class security researchers. In addition, Incapsula provides email threat alerts, proactive security event management, policy tuning and configuration management, and weekly reporting. For enterprise plan customers, Incapsula assigns a personal account manager to act as a single point of contact for all website security needs. Backdoor Detection Hackers covertly install malicious code (known as a backdoor) on your website that gives them full access to your application and data. Incapsula's WAF monitors website traffic to detect and prevent backdoor install attempts and to quarantine backdoors already installed, rendering them useless.

Bot Protection More than 95% of all website attacks are carried by malicious bots. Using advanced client classification, crowdsourcing and reputation-based techniques, Incapsula distinguishes between "good" and "bad" bot traffic. This lets you block known bad or suspicious bot activity such as comment spam, scraping and vulnerability scanning, while making sure that legitimate bots such as Google, Facebook and Pingdom can freely access your website. In addition to the improved security, blocking malicious bots also improves website performance as they can account to up to 50% of all website traffic. Login Protect: One-Click Two-Factor Authentication This feature lets you implement strong authentication on any website or application without integration, coding or software changes. Single-click activation lets you instantly protect administrative access, secure remote access to corporate web applications, and restrict access to a particular webpage. Login Protect manages and controls multiple logins across several websites in a centralized manner. Two-factor authentication is supported using either email, SMS or Google Authenticator.

Website Access Control Traffic Analytics With Incapsula, you can take full control over who and what can access your site. Our service provides granular filters and controls to prevent access from unwanted visitors (e.g., countries, specific bots, URLs, IPs), while enabling uninterrupted access to legitimate visitors (customers, leading search engines, etc.). IP address shielding hides your web server s IP address, preventing access to it via SSH, FTP, Telnet and other methods. Easy-to-understand traffic analytics give you full visibility into what is happening on your website, from high level statistics and down to a single request related to a security event. Our visualized analytics include statistics of your daily visits humans and bots, top countries and client applications, stats on your daily hits (bots, humans and blocked), hits per second, accumulated bandwidth and bits per second. Statistics can be sorted by different time frames. T: +1 (866) 250-7659 E: info@incapsula.com www.incapsula.com 3400 Bridge Parkway, Suite 200, Redwood Shores, CA 94065, United States Copyright 2014, Incapsula. All rights reserved.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information