Imperva Inc. : Imperva Report Demonstrates Importance of Crowd-Sourced Threat Intelligence

Imperva Inc. : Imperva Report Demonstrates Importance of Crowd-Sourced Threat
                                 Intelligence

Media Contact:
Michelle Dailey
LEWIS PR for Imperva
(415) 432-2458
imperva@lewispr.com

 Imperva Report Demonstrates Importance of Crowd-Sourced Threat Intelligence

New Hacker Intelligence Initiative report shows businesses can reduce risk by
       identifying and blocking attackers targeting multiple sources. 

Redwood Shores, Calif., April 23, 2013 -Imperva, Inc. (NYSE: IMPV), a pioneer
and leader of a new category of business security solutions for critical
applications and high-value business data in the data center, today released
its April Hacker Intelligence Initiative report, "Get What You Give: The Value
of Shared Threat Intelligence," which analyzed real-world attack traffic
against 60 web applications between January and March 2013 to identify common
attack patterns. According to the report, businesses can reduce the risk of
successful attacks against their organizations by identifying and blocking
attack sources, payloads and tools that are found to target multiple websites
or organizations. These attack sources made up a disproportionate amount of
the overall traffic against enterprise organizations in the report, and can be
identified only by analyzing crowd-sourced attack data from a broader
community.

"Our report shows that businesses can greatly reduce the number of successful
attacks against their organizations by identifying and blocking attack sources
that are known to target multiple sites or applications. We've found that
these attack sources are responsible for a disproportionate amount - up to six
times - of the attack traffic affecting businesses. The only way to identify
these types of attack sources, though, is by sharing attack data among the
community," said Amichai Shulman, CTO, Imperva. "This report highlights the
need for early identification of these types of attack sources and payloads
across a community of web applications, so that organizations can leverage
shared intelligence to better protect themselves and reduce risk."

As part of the report, Imperva researchers analyzed the behavior of the most
common web application attacks (SQL injection, remote and local file
inclusion, and comment spam attacks) over time and across targets,
cross-referencing the three most prevalent attack characteristics (attack
source, payload, and tool), against known attack signatures.

Highlights from this report include:

  *Multiple targets are responsible for a disproportionate amount of attack
    traffic. SQL attackers targeting multiple sources generated nearly six
    times their share of the population in the report and accounted for 17% of
    all attacks, while spam attackers generated four times their share of the
    population in the report and multiple target RFI attackers generated
    nearly two times their share of the population, amounting to 56% and 73%
    of total attacks respectively.

  *Crowd-sourcing increases community protection against large-scale attacks.
    Multiple attacking sources and payloads gradually cover more and more
    targets, thus affecting larger parts of the community. Identifying a
    "noisy" attack source - an attacker, payload or tool that repeatedly
    attacks - is important. Security cooperation between organizations that
    suffer from Web attacks can create a "network effect" in which all members
    of the cooperating community can benefit by exchanging security and threat
    information.

"Sharing security information is desirable from an industry perspective in
order to enhance collective intelligence via collaboration on defense
matters," said Dan Blum, vice president and distinguished analyst at Gartner
in a July 2012 reported titled Decision Point for Anti-malware.

To download the full Imperva report, please click here.

Get up-to-date security insights on the Imperva Data Security blog.

About Imperva
Imperva is a pioneer and leader of a new category of business security
solutions for critical applications and high-value data in the data center.
Imperva's award-winning solutions protect against data theft, insider abuse,
and fraud while streamlining regulatory compliance by monitoring and
controlling data usage and business transactions across the data center, from
storage in a database or on a file server to consumption through applications.
With over 2,200 end-user customers in more than 60 countries and thousands of
organizations protected through cloud-based deployments, securing your
business with Imperva puts you in the company of the world's leading
organizations. For more information, visit www.imperva.com, follow us on
Twitter or visit our blog.

                                     ###

© 2013 Imperva, Inc. All rights reserved. Imperva and the Imperva logo are
trademarks of Imperva, Inc.

------------------------------------------------------------------------------

This announcement is distributed by Thomson Reuters on behalf of Thomson
Reuters clients.

The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and other
applicable laws; and
(ii) they are solely responsible for the content, accuracy and originality of
the
information contained therein.

Source: Imperva Inc. via Thomson Reuters ONE
HUG#1695154
 
Press spacebar to pause and continue. Press esc to stop.