Imperva
Imperva
Imperva CloudWAF
Imperva CloudWAF is the industry-leading WAAP product
WAAP stands for Web Application and API Protection and refers to a next-generation web application security solution.
It mainly consists of four components: WAF, Web API protection, malicious bot countermeasures, and DDoS countermeasures.
WAAP
(Web Application and API Protection)
Web application
Mitigating attacks that target vulnerabilities
Mitigating attacks that target vulnerabilities
Various for Web API
Attack detection and mitigation
Attack detection and mitigation
Hoarding, unauthorized login, etc.
Various attacks using malicious tools
Detection and mitigation of access and attacks
Various attacks using malicious tools
Detection and mitigation of access and attacks
Add a high charge to web services
Mitigate attacks and maintain service
Mitigate attacks and maintain service
Why do we need WAAP?
Web application threats are becoming increasingly diverse.
Introducing individual countermeasure solutions for various attacks on web applications (traditional attacks, malicious bots, DDoS, Web API threats) requires operational effort and costs, and is not efficient.
WAAP can comprehensively and efficiently protect web applications from numerous threats such as those mentioned above.
Why Imperva?
WAAP provided by Imperva is based on the industry's leading next-generation WAF and has a proven track record of being used by many organizations.
[Reason for being chosen]
- Comprehensive protection of your assets on a single platform
- Reliability as a WAF vendor + selected as a leader by Gartner for 8 consecutive years
- Overwhelming implementation track record (installed in over 6,200 major companies worldwide)
[Strengths of each segment]
WAFs
- Fewer false positives (more than 90% installed in block mode)
- Protected from OwaspTop10
- Because it is a SaaS product, it automatically responds to the latest vulnerabilities.
Web API protection
- Auto-discovery of API endpoints
- Automating threat classification with machine analysis
- Blocking unauthorized communications using a positive security model
Measures against malicious bots
- Advanced malicious bot countermeasures + Selected as a leader by Forrester in the second quarter of 2022
- Investigation by our own SOC
- Flexible policy settings
DDos countermeasures
- Overwhelming capacity (processing power exceeding 10Tbps)
- Implemented as a standard feature
- Comprehensive measures from network to application possible
From WAF to WAAP+α
Functions provided by Imperva CloudWAF
| solution name | function | Functional overview |
| WAFs | Responding to attacks that target web application vulnerabilities | We provide a unique ruleset developed by Imperva and can also set custom rules. |
| DDoS protection | DDoS countermeasures | Comprehensive support from network to application layer is possible. |
| CDNs | Faster communication | Using advanced caching and optimization technology, we achieve high-speed communication optimization while reducing bandwidth costs, contributing to reducing the load on origin servers and improving site usability. |
| Advanced Bot Protection | Advanced malicious bot countermeasures that cannot be taken with WAF | By detecting communications from malicious bots, you can protect against automated attacks such as hoarding, scraping, and account takeover. |
| Account Takeover Protection | Account takeover countermeasures | Detects and defends against a variety of unauthorized login attacks, from brute force attacks to list-type attacks using difficult-to-detect IP distribution and slow rates. |
| API Security | Visualization and protection of API communication | Classify/detect APIs through machine analysis and visualize unknown APIs and API risks. Quickly establish a positive security model and detect API abuse. |
| Client-Side Protection | Countermeasures against threats that occur on the client side | Provides support functions for detecting and defending against attacks that steal information on the client side without modifying websites. |
| Attack Analytics | Automatic analysis of incidents | It aggregates and automatically analyzes all security events, selects important incidents, and also provides recommended settings to strengthen security. |
Frequently Asked Questions
- Please tell me how to deal with direct IP attacks on web servers (not via WAF).
- It is possible to take measures by setting the customer's FW side to accept communication only from the IP of CloudWAF. CloudWAF IP range
- Can I create my own rules?
- Yes. It is possible. Threshold settings such as rate limits can be set according to the customer's environment. You can also create rules based on HTTP headers.
- Can a Naked domain be monitored by CloudWAF?
- Yes. It is possible. CloudWAF can monitor Naked domains without relying on DNS specifications.
- The source IP seen from the web server is the WAF IP, but is it possible to know the client IP?
- Yes. It is possible. You can get the client IP by referring to the X-forwarded-for header or Incap-Client-IP.
- 証明書の発行サービスはありますか。
- Yes, it can be issued free of charge.
- Is a CDN an option?
- No, it is bundled with the standard functionality.
- Is PoC possible?
- はい、無償のトライアルライセンスを発行可能です。期限は2週間です。PoCをご希望の場合は弊社営業窓口にお問い合わせください。
窓口: imperva-info@macnica.co.jp
- Please tell me the period until introduction
- Since it can be used with only initial settings and DNS changes, it can be introduced in a few days at the earliest.
- Do you have a Japanese manual?
- Yes, we make them. You can use it during PoC.
- I would like to know the license/installation support costs.
- 弊社営業窓口にお問い合わせください。
窓口: imperva-info@macnica.co.jp
Inquiry/Document request
In charge of Macnica Imperva Co., Ltd.
- TEL:045-476-2010
- E-mail:imperva-info@macnica.co.jp
Weekdays: 9:00-17:00