Zero to Account Takeover: How I ‘Impersonated’ Someone Else Using Auth0

There’s a fine line between an unintended use and a bug; this was my conclusion after taking a look at Auth0, an identity-as-a-service offering...

New research shows 75% of ‘open’ Redis servers infected

Since our initial report on the RedisWannaMine attack that propagates through open Redis and Windows servers, we’ve been hearing about more and more attacks...

Five Ways Imperva Attack Analytics Helps You Cut Through the Event Noise

The maddening volume of events security teams have to deal with each day is growing at an exponential pace, making it increasingly difficult to effectively...

See If You’re GDPR-Ready With Our Last-Minute Checklist

Time’s just about run out to get all your ducks in a row for the EU’s General Data Protection Regulation (GDPR) going into effect...

Facebook, GDPR and the Right to Privacy: Three’s a Crowd?

Back in 2016 the European Union voted to pass the mother of all security laws, aimed at further extending the rights of its citizens...

72 Hours: Understanding the GDPR Data Breach Reporting Timeline

We’re down to the wire with respect to the General Data Protection Regulation (GDPR) compliance deadline of May 25, 2018. Organizations that fail to comply...

Imperva Python SDK – We’re All Consenting SecOps Here

Managing your WAF can be a complicated task. Custom policies, signatures, application profiles, gateway plugins… there’s a good reason ours is considered the best...

Want to See What A Live DDoS Attack Looks Like?

We’re fortunate enough to have had Andy Shoemaker, founder of NimbusDDoS, and our own Ofer Gayer chat about DDoS attacks and shed some light on...

Configuring Imperva SecureSphere for GDPR Compliance: Part One

Time is running out. 23 days until GDPR enforcement The GDPR effective date is less than a month away and, given the significant risk and...

The Catch 22 of Base64: Attacker Dilemma from a Defender Point of View

Web application threats come in different shapes and sizes. These threats mostly stem from web application vulnerabilities, published daily by the vendors themselves or...

Latest article

Test Cache

Testing cache response - Read more

Secure Amazon container workloads using container attribute-based rules in AWS Network Firewall

Today, you can use AWS Network Firewall to protect traffic flowing to and from containerized applications on Amazon Elastic Kubernetes Service (Amazon EKS) and...

Aflac Data Breach: Over 4M Customers in Japan May Be at Risk

Aflac says a data breach in Japan may affect 4.38 million customers and agents, exposing personal, policy, and some banking information. The post Aflac Data...

Indian Govt Halts Meta’s WhatsApp Usernames Rollout Over Fraud Concerns

The Indian government has issued a formal notice to WhatsApp LLC (Meta), directing the platform to justify why regulatory action should not be taken...