Let’s be blunt: cybersecurity is a never-ending arms race between bad actors and IT and security teams. Lately, attackers have surged. Armed with powerful, inexpensive hacking tools and deep knowledge gleaned from successful breaches, attackers are organizing sprawling botnets, probing soft targets such as website logins, and hammering web applications with DDoS attacks of unprecedented ferocity.
The attackers haven’t just grown stronger, the attack surface is growing apace. Most companies are currently engaged in digital transformation: automating their business processes, moving workloads to the cloud, and deploying technology such as microservices and open APIs in order to boost productivity and innovation and better serve customers and partners. The downside? As you invest in new technologies and move workloads to the cloud, the threat surfaces are also evolving and expanding.
No wonder eight out of 10 CSOs and CISOs surveyed in the 2019 CyberThreat Defense Report admitted their company suffered a breach last year, with a shocking one-third admitting they had been breached more than 6 times. And seven out of eight security leaders think their company will be breached this year.
What to do? Companies can try to plug their security gaps by locking down their workers and reversing their modernization moves. Even if that strategy were feasible, it would result in massive shocks to their productivity and revenue-generating businesses that would likely outweigh the huge financial damage from an actual breach.
Imperva has been undergoing a transformation of their own, in order to keep ahead of the bad guys and defend a business’s growth while protecting their innovation efforts.
This article will share, some of the latest expansions and enhancements Imperva has made to its defense-in-depth application security portfolio. Built on top of Imperva’s single integrated stack architecture and deployed across a global network, these new services further expand protection against a wide range of cybersecurity threats that target not just websites but also business-critical APIs, legacy systems and applications based on open source. They include:
Comprehensive bot protection. Imperva’s new Account Takeover Protection detects and stops hackers from using stolen credentials to hijack web user accounts. Leveraging artificial intelligence, Account Takeover Protection detects and blocks botnet traffic while allowing legitimate users through to your websites. The anticipated acquisition of Distil Networks, a Leader in Forrester Research’s New Wave: Bot Management Q3 2018, will further boost Imperva’s bot management capabilities.
Built-in application protection for websites and APIs. Open APIs enable digital businesses to innovate quickly with partners and customers, but they are also vulnerable to attack. The new Imperva API Security solution automatically builds and enforces a positive security model for all of your published APIs, while integrating with API Gateways from Microsoft Azure, Amazon AWS and Red Hat.
Fastest Broad DDoS Protection — guaranteed. Imperva already protects against the biggest and most ferocious DDoS attacks ever reported, including one in May that hit a peak rate of 652 million packets per second (Mpps) and another that hit 713 Gbps. And promises to mitigate any attack in three seconds or less, according to Imperva’s Service Level Agreement (SLA) with its customers. That’s the fastest mitigation guarantee that covers all attacks of any size or duration — no exceptions.
DDoS Protection all the way to the edge. Imperva has also introduced a new anti-DDoS service that protects individual IP addresses. The significance is that customers with workloads hosted in the cloud can enjoy the same level of DDoS protection available for on-premises websites, networks, and domain name servers (DNS) that we have long protected.
For some vendors, defense-in-depth is an empty buzzword. For Imperva, providing defense-in-depth security is a way of life, and their promise to you. With these updates to Imperva’s analyst-recognized, award-winning application security portfolio, they’re providing guaranteed DDoS attack mitigation in three seconds or less, and greatly bolstering their ability to protect against bot-based attacks, especially account takeovers. Imperva is also extending protection from the network and applications to edge IPs and APIs, so you can continue your digital transformation and cloud migration without fear. And with the FlexProtect subscription model, you can quickly add these capabilities on-demand without the fear of price shock. As your business innovates and evolves to meet the future, Imperva is in lockstep with you as your security partner and Defender-in-Chief.
To learn more, speak with a Lifeboat Sales Representative today!
This post originally appeared on the Imperva Blog.