The classic 1982 Steven Spielberg horror film “Poltergeist” chronicles disturbing, unexplained paranormal activity happening in a suburban family’s idyllic home. As the activity becomes more sinister and terrifying, the family learns that their neighborhood was built on an old burial ground. It turns out that the real estate developer moved the burial markers, but not […]
The post Why a “Lift-and-shift” Cloud Migration Strategy Doesn’t Support Data Security appeared first on Blog.
There is a paradox that lies at the heart of data security. Data itself only has real value if an organization can share it with stakeholders that need it to perform their roles. However, the more widely an organization shares data the greater the risks of the data being compromised. Data security professionals wrestle every […]
The post Determining “Need to share vs. Need to know” is a Cornerstone of a Data Protection Strategy appeared first on Blog.
For the ninth year, Imperva is proud to sponsor CyberEdge Group’s annual Cyberthreat Defense Report. In this report, CyberEdge Group delivers a detailed accounting of how IT security professionals perceive cyberthreats today and reveals actionable insights into how they plan to defend their enterprises against them. To develop these findings, CyberEdge Group surveyed 1,200 IT […]
The post Four Key Findings from the 2022 Cyberthreat Defense Report appeared first on Blog.
In the report, Insider Threats Drive Data Protection Improvements, Forrester Research asserts that most organizations are making positive steps toward protecting the sensitive data they are migrating to the cloud. However, Forrester suggests that many have not devised a comprehensive plan that addresses a primary obstacle to data security, internal cybersecurity threats. In this post, […]
The post 7 Facts About Insider Threats That Should Make you Rethink Data Security appeared first on Blog.
Today, the necessities of business innovation compel most organizations to have several teams with diverse priorities managing dozens of data sources, all with different structures. This makes it impossible to secure complete data repositories successfully using traditional methods. This post will explain how and why you need to give up siloed data security management and […]
The post Three Reasons Why Unification Drives Modern Data Security Strategy appeared first on Blog.
The outmoding of traditional network security Traditional network security was based on the concept of a guarded network perimeter, which is difficult to access from the outside but implicitly trusts everyone on the inside. The problem with this approach is that once an attacker has access to the network, they are free to move laterally […]
The post Five Steps to Prepare Data for a Zero-Trust Security Model appeared first on Blog.
Imperva has just released the DDoS Threat Landscape Report Q1 2022. Download it now to familiarize yourself with new threats and get detailed information about current DDoS attack patterns and their potential impact on your business. So far, 2022 has b…
In April 2022 it was reported that pro-Russian hacktivist group, KILLNET, carried out a series of Distributed Denial of Service (DDoS) attacks against a number of websites including the United Nations (UN), The Organization for Security and Cooperation (OSCE) an organization founded in Finland, and other European sites in Czechia, Estonia, Latvia, Lithuania, German, Poland, […]
The post Hacktivists Expanding DDoS Attacks as Part of International Cyber Warfare Strategy appeared first on Blog.
Today at least 90% of developers are using APIs in cloud-native web application development. According to new data collected by Forrester Research and presented in their report, Improve API Performance with a Sound API Security Strategy, 62 percent of IT decision makers believe the value they gain from APIs is worth the adoption process so […]
The post 3 Recommendations to Ensure Your API Security Solution can Drive Data Visibility and Quality appeared first on Blog.
They say the devil is in the details. This is especially true for security professionals that use Splunk as their organization’s primary security analytics engine. Splunk analytics gives security teams a real-time view of machine data from networks, data centers, or IT environments. Organizations also use Splunk to retain log records for data repositories, which […]
The post How Imperva Data Security Fabric Reduces Splunk Ingestion Costs and Accelerates Incident Management appeared first on Blog.
It shouldn’t be news to anyone that people sharing information online are concerned about the safety of their data. Imperva recently conducted a study with YouGov plc regarding consumers’ attitudes towards data, whether they feel in control of their pe…
Nobody ever says, “We don’t need better security for the data we manage.” There is, however, a balancing act that security professionals perform every day to get the most security value from their solutions at the lowest possible cost. As they move more workloads into cloud-native environments and more databases are introduced to an organization’s […]
The post The Business Case for Modernizing On-Premises and Cloud-Based Database Security appeared first on Blog.
An Application Programming Interface (API) is a software intermediary that allows applications to communicate with one another. APIs provide routines, protocols, and tools for developers to facilitate and accelerate the creation of software applications. They enable applications to easily access and share data. APIs connect Web-based applications and other services or platforms, such as social […]
The post Forrester Report Reveals the 5 Benefits IT Teams Really Need from API Security Tools appeared first on Blog.
For organizations that use it, Imperva’s DAM Gateway is the workhorse of data auditing and security. Today, the explosion of data and data repositories that organizations need to manage – both on-premises and in cloud environments – requires a more flexible, higher-capacity technology platform to execute data auditing and security. The costs of doing things […]
The post Building on Your Existing DAM Instance is Smart Budget Planning appeared first on Blog.
Today, there are still API security threats that most WAFs and Advanced Bot Protection solutions cannot manage. In this post, we’ll explain these new types of threats and make some recommendations for features you need within solutions to protect your …
Given the dramatic increases in the volume and frequency of data theft due to breaches and the increased threat of cyberattacks resulting from current conflicts, organizations worldwide are prioritizing tactical and strategic efforts to shore up their …
A short primer on internet bots An Internet bot (bot, for short) is a software application that runs automated tasks over the internet. Bots typically run simple tasks which they can perform at a dramatically greater rate than any human. Beneficial or anodyne bots are characterized as legitimate, or good. Common legitimate bots include Googlebot, […]
The post 4 Bad Bots Likely to Cause Problems for the Remainder of 2022 appeared first on Blog.
A recent IDC survey reported that 38 percent of organizations identified cybersecurity threats and regulations as the factor having the greatest impact on their technology investment planning over the next two years. The survey also revealed that for organizations taking a digital-first business approach, unifying security was cited most frequently as their principal motivation. This […]
The post APIs Are Here to Stay, so Get in Front of Securing Them appeared first on Blog.
Identifying and taking action to stop policy-violating behavior is hard enough when you have complete insight into the risks affecting your data repositories. It is virtually impossible to achieve security, however, when you cannot even see these risks to your data repositories. Unfortunately, too many organizations are not doing enough to address two of the […]
The post Gain Insight into Database Security Vulnerabilities you Didn’t Know you Had appeared first on Blog.
In your effort to collect data access information from your data repositories in order to apply security controls, you don’t have to make the black and white choice to go with agents or an agentless approach. It is important, however, that the tool you choose is right for the job you are doing. In this […]
The post Agents and Agentless: Better Together appeared first on Blog.
To build and deploy apps in a fast-paced, iterative process, cloud-native developers in organizations on the digital transformation journey rely on APIs for communication. With at least 90% of developers using APIs in cloud-native web application development, organizations are reviewing their API security strategies to ensure that security moves in lockstep with innovation. Organizations need […]
The post API Gateway or not, You Need API Security appeared first on Blog.
For a sentient species, humans, in general, have curious ideas when it comes to reckoning and responding to risk. For example, studies show using seat belts when driving in automobiles save lives. Studies also show when cyclists use helmets more cyclists’ lives are saved. This research drives prolific seat belt and helmet use among auto […]
The post 5 Ways to Determine if you do Cybersecurity or Cybersecurity Theater appeared first on Blog.
Fifty-eight percent of sensitive data security incidents are caused by insider threats, according to a recent study by Forrester Research. Insider threats originate from inappropriate use of legitimate authorized user accounts. These accounts – assigned to internal employees and business associates – are either misused by the rightful owner or leveraged by an external threat […]
The post How Insider Threats Drive Better Data Protection Strategies appeared first on Blog.
Insights into the cybersecurity skills gap In a poll taken at a recent Imperva webinar, What’s New in ‘22? Cybersecurity Trends and Predictions, participants said it’s easier to turn security practitioners into cloud professionals by a margin of 65-35….
Historically, account takeover (ATO) has been recognized as an attack in which cybercriminals take ownership of online accounts using stolen passwords and usernames. Cybercriminals purchase a list of account credentials from the dark web that are usual…
As a consumer, you must assume that your personal information is not 100% safe online. Hackers cause data breaches every single day, exposing our email addresses, passwords, credit card numbers, social security numbers and other sensitive personal data in the process. Most people don’t think about how serious this is until they are affected personally […]
The post Five Data Privacy Tips for Consumers appeared first on Blog.
All organizations understand how critical it is to have access to their customers’ and prospects’ sensitive personal data. This intelligence is essential to helping them create and maintain relationships so they can deliver tailored experiences and recommendations. Having this sensitive personal data also facilitates the streamlined execution of basic business transactions. The digitalization of business […]
The post The Data-Centric Approach to Data Privacy appeared first on Blog.
As a cybersecurity industry leader, Imperva is working with the National Cybersecurity Alliance (NCA) as a 2022 Data Privacy Week Champion to promote the need for businesses to prioritize data privacy and protection and the importance of individuals and companies to secure their online data. As part of Data Privacy Week, Imperva is committed to […]
The post Imperva Champions Data Privacy Week 2022 appeared first on Blog.
When Henry Ford, the de-facto inventor of mass production, was asked during a production meeting in 1909 in which colors his Model T automobile would be available to consumers, Ford – a notorious stickler for keeping costs to the bare minimum – offered almost no optional extras and that included the range of colors. He […]
The post 3 Data Source Coverage Capabilities You Need from Your Database Security Solution appeared first on Blog.
The farther your organization travels down the digital transformation path, the more critical API protection is to your overall security posture. Every day, your development teams are innovating; they rely more on microservices to save time and money a…
One of the core principles of cybersecurity is not letting things “slip through the cracks”. An effective security posture depends on visibility. The more visibility you have into the environments where your data is, the more successful you will be in applying your organization’s security protocols and identifying suspicious behavior. Here are five cybersecurity issues […]
The post 2021 in Review, Part 4: 5 Cybersecurity Topics to Watch in 2022 appeared first on Blog.
Today, everyone is talking about CVE-2021-44228, and with good reason. But before that, here were five of the issues that dominated virtual “water cooler talk” in 2021: 5. Data security in the cloud Champion heavyweight boxer Mike Tyson said, “Everyone has a plan until they get punched in the face.” For many security practitioners, their […]
The post 2021 in Review, Part 3: 5 Things Security Professionals Were Discussing this Year appeared first on Blog.
Ransomware may have dominated headlines in 2021, but it’s only one of many threats security teams must protect against. We’re taking a look back at 5 top cybersecurity stories of 2021 that practitioners wanted to learn more about. 5. The State of Security in eCommerce Why you should learn more about this The global pandemic […]
The post 2021 in Review, Part 2: 5 Top Cybersecurity Stories appeared first on Blog.
It’s been another chaotic year in cybersecurity, as protecting web applications and stopping sensitive data breaches remain top-of-mind issues and continue to generate headline news. As 2021 comes to a close, cybersecurity and all the industries it serves is dealing with an unprecedented zero-day vulnerability in the form of CVE-2021-44228 – just 12 months after […]
The post 2021 in Review, Part 1: 5 Cybersecurity Topics that Made News appeared first on Blog.
What do humans and bots have in common? A love for visiting online shopping sites: more than half (57%) of all attacks on retail websites in 2021 were carried out by bots, compared to 33% for all other industries. It gets worse: a third of all log-in attempts on retail eCommerce websites are account takeover […]
The post New research reveals that one third of all log-in attempts on eCommerce sites are malicious appeared first on Blog.
The worldwide data privacy regulation landscape is changing National laws and state/provincial laws continue to be enacted and strengthened to ensure their citizens’ data is protected and give individuals more control over how personal data is collected, used, and shared. No matter what industry you are in, if you retain personal data, you must comply […]
The post 7 data privacy solution features your organization needs to have appeared first on Blog.
The way organizations build web applications has changed dramatically over the last several years. As a result, many organizations are considering additional security strategies to augment the Web Application Firewall (WAF) on which they have relied to protect critical digital business operations from vulnerabilities. New technology has created a development environment where the web application […]
The post Protecting today’s web applications requires more than a firewall appeared first on Blog.
Whether you obsess about cybersecurity every day or you are completely new to the process, there are certain things that you should consider to make your company’s cybersecurity strategy successful. In this post, we’ll reveal five elements you should include in your strategy, regardless of whether you are the sole proprietor of a brand new […]
The post 5 elements to include in a cybersecurity strategy for any size business appeared first on Blog.
Like many high-tech businesses, the cybersecurity industry is facing a widening skills gap. One of the main reasons why many companies do not have effective data security practices is the lack of actual skilled cybersecurity practitioners. In a November 2019 report, the International Information System Security Certification Consortium suggested that in the US market alone, […]
The post Six paths to a job in cybersecurity appeared first on Blog.
For a considerable time, many organizations have used three to five on-premise databases to manage their workloads, and many teams have tried to funnel every application into using those databases. Today, as the pressure to innovate while keeping costs low intensifies, organizations have started moving many workloads to the cloud. According to Gartner, by 2022 […]
The post Four Essential Features for a Database Security Strategy to Take on a Growing Threat Landscape appeared first on Blog.