End-to-End Application Security from the Cloud



Similar documents
Website Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?

Enterprise-Grade Security from the Cloud

Akamai to Incapsula Migration Guide

Imperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers

5 Lines of Defense You Need to Secure Your SharePoint Environment SharePoint Security Resource Kit

10 Things Every Web Application Firewall Should Provide Share this ebook

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Automated Mitigation of the Largest and Smartest DDoS Attacks

SANS Top 20 Critical Controls for Effective Cyber Defense

Cenzic Product Guide. Cloud, Mobile and Web Application Security

Powered by. Incapsula Cloud WAF

Vulnerability Management

Trend Micro. Advanced Security Built for the Cloud

How to Secure Your SharePoint Deployment

IAAS REFERENCE ARCHITECTURES: FOR AWS

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

IT Security & Compliance. On Time. On Budget. On Demand.

Protecting What Matters Most. Bartosz Kryński Senior Consultant, Clico

End-user Security Analytics Strengthens Protection with ArcSight

Securing the Database Stack

F5 Silverline Web Application Firewall Onboarding: Technical Note

Securing SharePoint 101. Rob Rachwald Imperva

White Paper. Protecting Databases from Unauthorized Activities Using Imperva SecureSphere

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

The New PCI Requirement: Application Firewall vs. Code Review

Cutting the Cost of Application Security

From the Bottom to the Top: The Evolution of Application Monitoring

High End Information Security Services

How Web Application Security Can Prevent Malicious Attacks

Extreme Networks Security Analytics G2 Vulnerability Manager

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

How To Buy Nitro Security

IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY MONITORING

IBM Security QRadar Vulnerability Manager

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks

Security Services. 30 years of experience in IT business

Payment Card Industry Data Security Standard

HP Application Security Center

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

THE BLIND SPOT IN THREAT INTELLIGENCE THE BLIND SPOT IN THREAT INTELLIGENCE

Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

White Paper. McAfee Web Security Service Technical White Paper

FISMA / NIST REVISION 3 COMPLIANCE

Applications and data are the main targets for modern attacks. Adoption of dedicated application and data security concepts, technologies and

Introduction: 1. Daily 360 Website Scanning for Malware

Total Protection for Compliance: Unified IT Policy Auditing

Symantec Messaging Gateway 10.5

Devising a Server Protection Strategy with Trend Micro

Strengthen security with intelligent identity and access management

Protect Your Business and Customers from Online Fraud

Requirements When Considering a Next- Generation Firewall

The Hillstone and Trend Micro Joint Solution

White Paper. Intelligent DDoS Protection Use cases for applying DDoS Intelligence to improve preparation, detection and mitigation

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

IBM Advanced Threat Protection Solution

Devising a Server Protection Strategy with Trend Micro

The Cloud App Visibility Blindspot

Application Security Manager ASM. David Perodin F5 Engineer

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

NSFOCUS Web Application Firewall White Paper

What Next Gen Firewalls Miss: 6 Requirements to Protect Web Applications

Protecting Your Organisation from Targeted Cyber Intrusion

The Cloud App Visibility Blind Spot

A Network Administrator s Guide to Web App Security

Symantec Complete Website Security

Palo Alto Networks and Splunk: Combining Next-generation Solutions to Defeat Advanced Threats

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

SiteLock SECURE Partner Program FAQ

Imperva SecureSphere Data Security

SharePoint Governance & Security: Where to Start

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

Leveraging Symantec CIC and A10 Thunder ADC to Simplify Certificate Management

I D C A N A L Y S T C O N N E C T I O N

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

How Companies Can Improve Website & Web Application Security. Even with a Tight IT Budget

Firewall and UTM Solutions Guide

PCI Compliance for Cloud Applications

FortiWeb 5.0, Web Application Firewall Course #251

Current IBAT Endorsed Services

About SecuPi. Your business runs on applications We secure them. Tel Aviv, Founded

Analyzing HTTP/HTTPS Traffic Logs

Manage the unexpected

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

Symantec Messaging Gateway 10.6

1 Introduction Product Description Strengths and Challenges Copyright... 5

ALERT LOGIC FOR HIPAA COMPLIANCE

Automated Mitigation of the Largest and Smartest DDoS Attacks

APPLICATION PROGRAMMING INTERFACE

CASE STUDY. Global Airline Empowers Mobile Workforce for SaaS Apps while Reducing Risk

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Finding Security in the Cloud

EVADING ALL WEB-APPLICATION FIREWALLS XSS FILTERS

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

How McAfee Endpoint Security Intelligently Collaborates to Protect and Perform

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

Transcription:

Datasheet Website Security End-to-End Application Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed security to the world's most security-conscious enterprises. Our cloud-based website security solution features the industry s leading WAF technology, as well as strong two-factor authentication and bot access control. An advanced client classification engine analyzes all incoming traffic to your site, preventing access to malicious and unwanted visitors. Complementing the WAF s built-in security capabilities, Incapsula provides easy-to-use tools that enable enterprises to build custom security rules tailored to their specific use cases. Access Control Bot Protection Web Application Firewall What You Get Best-in-class, PCI-certified web application firewall Custom rules tailored to your enterprise s security policy and use cases Two-factor authentication for website access Advanced client classification engine analyzes all incoming traffic Easy-to-use API for integration with backend systems Why Incapsula? Cloud-based, big data approach leverages customer base for 360-degree visibility into attack landscape Web Application Login Protect Proven against hundreds of penetration tests and millions of attacks every day Dedicated security research team monitors, tunes, and updates the service to ensure protection against new and emerging threats Cloud-Based, Big Data Security Approach A cloud-based approach enables us to harness real data from our customer base to better understand the global attack landscape and continually improve our security. Sandboxing lets us silently test new features on real websites before their launch. Servicing thousands of customers and subjected to hundreds of penetration tests and millions of attacks every day, Incapsula's service is aligned to meet the most stringent security criteria. Decades of security experience and best practices, leveraging Imperva's market-leading WAF technology Dynamic profiling and application-aware technologies minimize false positives Activated by simple DNS change no hardware or software installation, integration, or changes to the website

Using crowdsourcing techniques, Incapsula protects your website with collective knowledge about the current threat landscape. Threat information is aggregated across the entire Incapsula community using big data analytics. This data is used to identify new attacks as they happen and simultaneously apply mitigation rules to all websites protected by Incapsula. Web Application Firewall (WAF) Best-of-Breed, End-to-End Web Application Security Incapsula's cloud-based WAF ensures that your website or application is always protected against any type of application layer hacking attempt. Based on Imperva s industry-leading WAF technology and experience, Incapsula's WAF defends against OWASP Top 10 threats including: SQL injection, cross-site scripting, illegal resource access, and remote file inclusion. Security experts behind Incapsula's service ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your application and improve website performance. Proactive Remediation Incapsula s security team monitors hackers' activities and zero-day exploits to make sure that websites and applications using our service are protected. Using a home-grown database of all common website stacks, content management systems, and e-commerce solutions, Incapsula applies dedicated security rules to proactively remediate known vulnerabilities from these sources. PCI Certification and Reporting Incapsula s WAF is certified by the PCI Security Standards Council. It protects you from liabilities and non-compliance penalties, while protecting your customers' sensitive data from exposure on your site. Incapsula s PCI compliance report audits security rule configuration changes and periodically reports on your compliance with PCI 6.6 requirements. Rich graphical reporting capabilities enable organizations to easily understand security status and meet regulatory compliance.

Blacklisting Prevention Legitimate websites are added to the malware blacklists of security software firms, search engines, and browser vendors on a daily basis due to application vulnerabilities. In this scenario, customers and partners cannot access your website and your business is effectively shut down. The WAF enables you to close vulnerability gaps in your applications to avoid blacklisting and ensure your website is always accessible. Automated Learning of Applications and User Behavior To accurately detect attacks, a WAF must understand application structure, elements, and expected user behavior. Our Dynamic Profiling technology automates this process by profiling protected applications and building a baseline or white list of acceptable user behavior. It also automatically learns application changes over time, minimizing false positives to ensure that every legitimate user reaches your website. Custom Security Rules Custom security rules allow each enterprise to enforce its security policy in an optimal manner within the Incapsula website security service. A simple-to-use GUI lets you configure tailored security rules to meet your business particular needs. Custom security rules enhance Incapsula s best-in-class web application security capabilities by giving you the flexibility, for example, to tighten security policies around sensitive areas or to generate alerts for specific events that require investigation. Not only do these rules improve security, they also help to eliminate false-positives by taking into account specific user behavior anomalies.

Both technical and non-technical users can define custom rules using the intuitive GUI rule builder or a syntax text editor. Rule actions may include Alert, Block Request, Block IP, or Request CAPTCHA, while rule triggers are based on multiple filters such as URL, client type, and user-agent. Examples of custom rule triggers: (ClientType == Browser Referrer contains google.com) (User-Agent contains googlebot & CaptchaState == Failed ClientIP == 120.0.0.1). Bot Protection More than 95% of all website attacks are carried out by malicious bots. Using advanced client classification, crowdsourcing, and reputation-based techniques, Incapsula distinguishes between good and bad bot traffic. This lets you block known bad or suspicious bot activity such as comment spam, scraping, and vulnerability scanning, while making sure that legitimate bots such as Google, Facebook, and Pingdom can freely access your website. In addition to the improved security, blocking malicious bots also improves website performance, for they can account for up to 50% of all website traffic. Login Protect: One-Click, Two-Factor Authentication This feature lets you implement strong authentication on any website or application without integration, coding, or software changes. Single-click activation lets you instantly protect administrative access, secure remote access to corporate web applications, and restrict access to a particular web page. Login Protect manages and controls multiple logins across several websites in a centralized manner. Two-factor authentication is supported using either email, SMS, or Google Authenticator.

Traffic Monitoring and Analytics In-Depth Threat Reporting and Analysis Alerts can be easily searched, sorted, and directly linked to corresponding security rules. Incapsula's monitoring and reporting framework provides instant visibility into security, compliance, and content delivery concerns. A dashboard provides a high-level view of system status and security events. Incapsula provides customers with a detailed analysis of every threat posed to your website including: IP address, user agent, location, and other pertinent session information. Weekly graphical reports visualize trends in website traffic, threats, and performance improvements. Real-Time Statistics A real-time Statistics dashboard enables users to get instant access to live information about their website s traffic and performance. This premium feature allows rapid response to security events and supports real-time, data driven decision-making. In the case of a DDoS attack, for instance, live traffic statistics enable your security team to quickly identify abnormal activity patterns of bot and human visitors. They can also evaluate how well their servers are coping with an attack's load, and use the data to optimize load distribution across their servers. Requests/Second 7 (1%) Passed to origin server 454 (95%) Blocked 17 (4%) Served from cache Traffic Overall Traffic Per Origin Server Per Data Center Req/sec Bits/sec Response Time

Premium Service Support Managed Service Incapsula offers a managed service option, allowing enterprises to free up IT resources for other business-critical tasks. Based on a dedicated team of security experts and support engineers, our fully-managed service provides you with the highest level of security and performance around the clock. Incapsula provides organizations with continuous website health monitoring, as well as email threat alerts, proactive security event management, policy tuning and configuration management, and weekly reporting. A 24 7 NOC performs ongoing security monitoring and ensures that you are always protected against DDoS attacks, as well as other new and emerging threats. Managed service customers are assigned a personal account manager who acts as a single point of contact for all your website security and performance needs. API for Provisioning, Management, and Events Incapsula's experts understand the world of enterprise web applications and work closely with IT teams to address their specific integration and customization requirements. Incapsula s API is designed for easy integration with your backend systems, enabling streamlined customer provisioning and account management. Plug-and-Play SIEM Integration To help enrich your existing solutions and workflows, Incapsula has developed a productized connector for seamless integration with several leading SIEM platforms including HP ArcSight, Splunk, and McAfee. Residing on your network, it serves as a link between the SIEM and the Incapsula API. In addition to near real-time event reporting and strong data encryption, Incapsula s productized offering features pre-made custom dashboards and reports, permitting easy viewing of incoming data from within the SIEM according to security best practices. T: +1 (866) 250-7659 E: info@incapsula.com www.incapsula.com 3400 Bridge Parkway, Suite 200, Redwood Shores, CA 94065 2015, Imperva, Inc. All rights reserved. Imperva, the Imperva logo, SecureSphere, Incapsula and Skyfence are trademarks of Imperva, Inc. and its subsidiaries. All other brand or product names are trademarks or registered trademarks of their respective holders.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information