Firstly, Imperva monitors all traffic, even customer access, to the web application. Then, Imperva uses features like signatures to identify attacks like cross-site scripting or SQL injection.

It's important to note, if you don't have dynamic profiling, you can use manual configurations. For instance, you can configure a text field on a website to limit input to only numeric characters and specific special characters. 

This helps protect against SQL injection, as these attacks often use special characters to try and break the website's security.

Imperva Web Application Firewall has improved security of my organization through enhanced visiblity as well protecting malicious IPs, applications and unknown users as well.

We were facing issues related to web servers and OWASP Top 10. We had bots rather than human traffic. We went with Imperva for a single-stack solution. We have bot protection, DDoS protection, web application firewall, and database security from Imperva.

It is one of the best solutions that I have worked with. After deploying it, bot attacks have completely stopped. When it comes to OWASP Top 10, it responds very clearly when we do testing, so we are not facing any threats. Compliance is also very good. So, overall, it is very good for security and compliance.

Imperva is known in the market for customization and deployments according to the use cases of the customers. You can deploy it the way you want. You can deploy it in the inline mode, reverse proxy mode, or transfer and bridge mode. You can deploy it according to the environment or infra of the company. In terms of integration, with one click of a button, you can integrate it with your SIEM solution. You have preconfigured SIEM codes. You just need to run that code in the SIEM application, and that is it. You will start getting the logs. It is pretty easy.

For certain web servers, I have it on-prem, and for certain web servers, I have it on the cloud. A basic use case of the customers is that they want a single dashboard for the cloud WAF or on-prem WAF. There is a solution called attack analytics in Imperva. It integrates with on-prem and the cloud, so in a single dashboard, you can see what is happening in your on-prem as well as cloud setup. It is very easy. When it comes to reporting, you can take reports anywhere anytime and you can take logs anywhere anytime. Someone who does not know about cybersecurity can understand the logs. Logs are in English instead of the raw format. Anybody who knows English can understand them. Reporting is very easy. These reports can also be used for audit and compliance.

We use SIEM solutions. We use Splunk, and we use Elastic. We use Datadog and Securonix. I integrated Imperva with Elastic and Splunk. We have a pre-written code. We just have to download that code and run the code in the SIEM solution server. After that, the logs start showing. It is that easy. Integration is that easy. I have also done integration with multifactor authentication, security key, HSM, etc. I have worked with RSA and YubiKey. Both of them were very easy. The integration happened with the click of a button. The integration is seamless and is working perfectly. Our clients are happy. We are happy.

Imperva Web Application Firewall is a very good solution and very feasible for any corporation. We can almost accommodate everything with this solution. We were able to accommodate almost all our use cases with this. This is one of the best solutions I have found so far.

We have a co-location that we do with our QA and Dev and our pre-production environment. We do everything there. We built it for the production environment so we deploy everything in the cloud. We have the web application firewall in the cloud, after the proxy.

Since the product is categorized in Gartner as a Web Application and API Protection tool, it protects APIs and web applications. It provides bot and client-side protection. I have done POCs. Once the platform is configured to block DDoS attacks, no traffic regarding DDoS or bots gets into the application.

This solution has helped in securing our clients' assets, which is key. It mitigates all of the availabilities of risks around web applications.

It does bring value. For example, consider a BFSI customer. Their application is critical and represents their brand. Without a WAF, an attack could take their application down, harming their reputation. It leads to hampering the customer's workflow. 

With an Imperva WAF, they protect against attacks like DDoS or SQL injection, ensuring their application remains available and customers are happy. That's the main benefit for both the customer and the organization.

The impact depends on the customer's use case. If their business primarily operates online, a CDN is beneficial for traffic optimization.

Moreover, the integration options depend on the specific use case of our customers. Generally, integration capabilities are good with SIEM (Security Information and Event Management) parts. 

The solution reduces the risk of attacks and that benefits our clients. 

With acquisition of a license to use the product, we received the ability to standardize database scanning and data protection across the enterprise around one product.

Using WAF in an organization means we can quickly see the attacks that the environment is suffering and take action to mitigate the threat(s). It is possible to view traffic and analyze it to determine if it is legitimate traffic or not, using features such as threat radar and geolocation, helping the security team in the company.

Protects and secures all our web sites.

It has helped a lot with working among, and creating a link between, different teams in my organization, of course I’m referring to security, networking and system application teams. It’s important to find the right collaboration in order to secure the applications from the beginning of the deployment process.

• Security compliance and temporary remediation of application vulnerabilities