Imperva WAM automates the discovery of application vulnerabilities in production systems
05 August 2008
Imperva has announced that its SecureSphere Web Application Firewall now supports comprehensive Web Activity Monitoring (WAM) to automate the discovery and accelerate the remediation of application vulnerabilities in production systems. In addition to blocking attacks, SecureSphere now records malicious inputs and application responses to provide development teams with the information they need to pinpoint and fix coding flaws
These enhancements expand SecureSphere's role as an application protection and security lifecycle management platform, which includes the ability to bi-directionally share data with leading vulnerability scanning tools.
"Because they monitor web traffic and detect attacks, Web Application Firewalls should help developers find and fix flaws in production code. But in reality, the process is too tedious and costly," said Andrew Jaquith, program manager in Yankee Group's Enabling Technologies Enterprise group. "In contrast, Imperva's Web Activity Monitoring solution feeds alerts and reports to both security and development teams, closing the loop between security operations and application developers."
WAM adds another dimension to SecureSphere's application security lifecycle management capabilities, which enable IT departments to connect the dots between web application firewall protection, code reviews, and vulnerability scanning. SecureSphere serves as a hub for the exchange and correlation of web application security information and provides a means to identify vulnerabilities in production applications in real-time. SecureSphere WAM provides:
• Alerts on unrecognized attack behaviors to pinpoint potential new exploits
• Anomalous application activity alerts, to uncover potential logical flaws in the code
• Real-time alerts that capture full response pages on suspicious activity
• Sensitive data usage reports that document which parts of an application process confidential data such as credit card data, social security numbers or other personally identifiable information (PII)
• Application profile reports that show characteristics of the application in use, including pre-defined views of broken links, broken inbound referrers, page response time by URLs, as well as custom analysis capability
• Profile change alerts and reports that identify and track application changes to support closed-loop QA and change control processes
"Historically, Web Application Firewalls have focused on reducing threats to online applications, while code review and vulnerability scanning technologies have focused on discovering vulnerabilities," said Amichai Shulman, CTO of Imperva. "With Web Activity Monitoring, SecureSphere closes this gap by blocking malicious inputs and capturing detailed information on how applications respond to live queries, which allows developers to fix code level security holes."
SecureSphere Web Application Firewall with Web Activity Monitoring is available immediately from Imperva and its business partners worldwide.
Latest bank and financial services security articles
Secon 2013 to showcase latest technology in Video Surveillance, Access Control, Biometric Recognition, Alarm Monitoring
Shield Guarding sets sights on major growth
VDT Direct Launches New Rapid Deployment Video Alarm Solution
New Biometric Terminals For Employee Self Service And Workforce Management From Accu-Time Systems
As Cloud Adoption Increases, Enterprises Are Increasingly At Risk
Allstream joins Arbor Network’s Cloud Signalling Coalition to stop DDoS attacks
Intersec Dubai 2013 – Avon Barrier Company to show its latest range of anti-terrorist vehicle blocking products for the Middle East
Why dividing your data after a merger or acquisition won’t need the Sword of Solomon, By David Gibson, VP of Strategy, Varonis
Evading Malware Researchers: Shylock’s New Trick
Enhanced safety mirrors launched by Securikey
Other bank and financial services security resources
Other security websites:
Bank and financial security -
Corporate security -
School and education security -
Sport event and live venue security -
Healthcare and hospital security -
Hotel restaurant and casino security -
Industrial and manufacturing security -
Infrastructure and Utilities security -
Home and personal security -
Public sector security -
Retail security -
Small Business security -
Bank and Finance security links
Security California Bancorp Reports 20% Increase in Net Income for Second Quarter of 2014 Security California Bancorp , the parent company of Security Bank of California, reported net income of $858,000, or 15 cents per share, for the second quarter of 2014
Security Program Tested At Citizens Bank Park Phillies fans are seeing something a little different as they head into Monday night'sgame.fans will be screened before entry into every Major League Baseball ballpark., including Citizens Bank Park.The program features threebrand new detectors that have been installed at the Right Field gates.The Phillies Director of Security says it’s part of an overall effort by the league to increase ...
Israeli shoots Palestinian dead in W. Bank: security source An Israeli shot dead a Palestinian who had been throwing stones at his car north of Jerusalem in the West Bank, a Palestinian security source told AFP late Monday. The security source named the fatality as Mahmud Shawamreh, 21. He said the incident took place between Ar-Ram and the Hizma checkpoint, and the body was taken to Israel. Asked for comment, a spokeswoman for the Israeli army said ...
Bank of Japan Majority Won’t Be Swayed by Kuroda Ideology More than a year after securing support at the Bank of Japan for unprecedented monetary stimulus, Governor Haruhiko Kuroda has yet to persuade most board members that they have the power to achieve their inflation target. A majority of the nine members disagree with Kuroda's view that flooding the economy with cash is sufficient to get stable 2 percent gains in consumer prices, according to ...
HDFC Bank Q1 net up 21 percent, lags estimates HDFC Bank Ltd(HDBK.NS), India's second-biggest private sector lender by assets, reported its slowest quarterly earnings growth in more than a decade on higher-than-expected provisions. Analysts had on average forecast a net profit of 23.21 billion rupees, according to Thomson Reuters data. Weaker economic expansion has squeezed credit growth for Indian lenders, slowing their earnings growth in ...
Bank of Santa Clarita Announces Continued Improvement in Earnings and Promotions of Executives Bank of Santa Clarita today announced its results of operations for the second quarter and first half of 2014. For the second quarter of 2014 the Bank reported net earnings of $308,000, which exceeded the amount reported in the second quarter of 2013, and also represents the second-greatest quarterly earnings ever recorded by the Bank.
Police Investigating Danske Bank Rule Out Systemic Misconduct Police investigating Danske Bank A/S (DANSKE) on allegations of bond price manipulation said the evidence so far pointed to isolated cases of individual misconduct rather than a broader series of breaches across the bank.