We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,108 News Articles

Crowd-sourced attack data now key to web application defence, says Imperva

Announces ThreatRadar Community

Imperva used this week's Infosecurity Show in London to announce what it believes is a key innovation for its line of web application firewalls - crowd-sourced threat data.

Called ThreatRadar Community Defense and incorporated into the firm's latest SecureSphere 10.0 release, the system analyses attack patterns detected hitting the networks of participating customers, which are then fed into its reputation protection and policies in what is said to be close to real time.

According to the company's analysis of 60 web applications, this type of pattern analysis across offers better defence against the types of large-scale attacks experienced by its customer base.

"Together, Imperva ThreatRadar Reputation Services and Community Defense pull crowd-sourced data from around the world to provide heightened insight into the identity of these attackers," said Imperva's co-founder and CTO, Amichai Shulman.

A key to making the concept work is persuading as many customers as possible to adopt the model as possible, which Schulman believed was possible because of the realisation that such a buy-in offered extra protection. To work well, scale was important.

An important giveaway was attacks that targeted multiple networks, said Shulman, describing them as "noisy" sources. Aggregated attack data made it possible to identify these far more quickly.

Shulman used the example of an SQL injection attack source might be aimed at numerous organisations, each one of which would not be able to 'see' the significance of the source from an isolated perspective.

With ThreatRadar, the significance of such a campaign would be immediately apparent, allowing defensive measures to be distributed to the community.

Payloads were particularly important part of attack patterns where a single entity might distribute an application campaign across multiple sources in which specific pieces of malware were the best identifier.

Imperva was the first vendor to offer web application firewalling using such intelligence, Shulman claimed.


IDG UK Sites

Windows 9 release date, price, features: Microsoft teases new OS ahead of 30 September unveiling

IDG UK Sites

From the iPhone 6 to the iWatch and a new Apple TV we look at the products Apple is set to launch...

IDG UK Sites

September 2014 creative trends: 5 things you must see

IDG UK Sites

What to expect from Apple in autumn/winter 2014: iPhone 6, iPhone Air, iWatch, iPad 6, new Apple...