Imperva incapsula

Incapsula's cloud-based Web Application Firewall (WAF) safeguards your websites and applications from any web attack, so you can avoid costly data breaches and downtime. Based on Imperva's industry-leading technology, our PCI-certified service protects against SQL injection, XSS and other OWASP top 10 threats. Custom security rules let you efficiently enforce security policies and eliminate false positives.

Features

Protection against OWASP Top 10 Threats

Incapsula's Web Application Firewall protects against the most critical web application security risks, such as SQL injection, cross-site scripting, illegal resource access, remote file inclusion and other OWASP Top 10 threats. Security experts behind Incapsula's service ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your application and improve website performance.

PCI Certification & Reporting

Incapsula's Web Application Firewall is certified by the PCI Security Standards Council. It delivers cost-effective compliance with PCI DSS requirement 6.6 without any hardware or software installation and without changes to your web application.

Incapsula protects you from liabilities and non-compliance penalties, while protecting your customers' sensitive data from exposure on your site. The PCI compliance report audits security rules configuration changes and periodically reports on your compliance with PCI 6.6 requirements.

Crowdsourcing

Using crowdsourcing techniques, Incapsula's Web Application Firewall protects your websites and applications with collective knowledge about the current threat landscape. Threat information is aggregated across the entire Incapsula community using big data analytics. This data is used to identify new attacks as they happen and simultaneously apply mitigation rules to all websites protected by Incapsula.

Exception Handling and False Positive Tuning

The security policy can be fine-tuned to address specific URLs, fields, IP addresses and countries. Powerful access control capabilities enable you to define exceptions and minimize false-positives.