Imperva ThreatRadar Community Defense
Keep Your Website Safe and Available with Crowd-Sourced Threat Intelligence
Overview:
Your organization faces a never-ending battle against hackers. Without the latest defenses, hackers can infiltrate your website and steal sensitive data, causing brand damage and lost revenue. ThreatRadar Community Defense safeguards your website by gathering attack data from SecureSphere deployments around the world and translating that data into security policies.
With crowd-sourced threat intelligence provided by Community Defense, you can neutralize hackers targeting web applications to prevent multi-million data breaches and costly website downtime.
ThreatRadar Community Defense, an industry-leading innovation for ThreatRadar Reputation Services, delivers crowd sourced threat intelligence to SecureSphere Web Application Firewalls. Community Defense gathers attack data from SecureSphere WAF deployments around the world and translates this data into attack patterns, policies, and reputation feeds. Crowd-sourced security content is distributed in near-real time to fortify the entire community against emerging threats. ThreatRadar Community Defense demonstrates the positive network effect of sharing attack data, a new threat reported from one company could protect hundreds of web applications that are being protected by SecureSphere.
While ThreatRadar Reputation Services relies on security information from leading external security providers, Community Defense draws on live attacks detected by SecureSphere Web Application Firewalls. Together, they provide the most comprehensive protection on the market.
Key Capabilities :
- Strengthen ThreatRadar reputation services with community insight
- Prevent Never-Before-Seen attacks with Patent-Pending Defenses
- Deflect attacks from malicious scanners and SQL injection attack sources
- Securely share data to bolster your application defenses
Features:
Strengthen ThreatRadar reputation services with community insight
Community Defense protects your website from damaging attacks by harnessing the collective insight of SecureSphere deployments around the world. It builds on the early warning provided by ThreatRadar Reputation Services with threat intelligence from Web Application Firewalls on the frontlines of attack. This arms your organization with defenses against attackers specifically targeting Web applications, so they can be blocked before they can do damage.
Prevent Never-Before-Seen attacks with Patent-Pending Defenses
With Community Defense, you can prevent total web server takeover, defacement, and data theft by stopping zero-day attacks. This service uses patent-pending technology to gather suspicious Web requests, validate that those requests are attacks, and then transform identified attacks into signatures. With Community Defense, you can block dangerous threats like zero-day Remote File Inclusion (RFI) attacks without blocking your customers and partners.
Deflect attacks from malicious scanners and SQL injection attack sources
With Community Defense, you will be able to drastically lower the risk of a data breach by blocking users that repeatedly scan and attack websites. Hackers don’t just target one site, they probe and attack many sites. In fact, 48% of SQL injection attacks originate from users that attacked multiple sites or performed multiple attacks. Community Defense identifies the sources that have scanned or attacked two or more websites, keeping your applications secure.
Securely share data to bolster your application defenses
Community Defense improves SecureSphere’s attack stopping power by identifying zero-day web attacks and attack sources. Since security is your top priority, we’ve gone to great lengths to ensure the confidentiality of data we collect. To that end, SecureSphere automatically removes all private, customer-specific content before sending data to the ThreatRadar cloud, ensuring Community Defense feeds are secure and anonymous.
ThreatRadar customers that share their attack data receive Community Defense feeds free of charge.
Deployment:
ThreatRadar Community Defense
Harnessing the collective insight of SecureSphere deployments around the world, ThreatRadar Community Defense delivers crowd-sourced threat intelligence to ThreatRadar-enabled SecureSphere Web Application Firewalls. ThreatRadar Community Defense uses patent-pending algorithms to translate attack information it gathers into attack patterns, policies, and reputation data. Community Defense distributes these feeds in near-real time to fortify the entire community against emerging threats.
While ThreatRadar Reputation Services relies on security information from leading external security providers, Community Defense draws on live attacks detected by SecureSphere Web Application Firewalls. ThreatRadar Reputation customers who opt to send anonymized attack data to the ThreatRadar cloud will receive ThreatRadar Community Defense free of charge.
Multiple SecureSphere Deployment Options
- Transparent Layer 2 Bridge: Drop-in deployment and industry-best performance
- Reverse Proxy and Transparent Proxy: Provide content modification, such as cookie signing and URL rewriting
- Non-inline Monitor: Zero risk monitoring and forensics
- High Availability: IMPVHA, VRRP, fail open interfaces, existing redundancy options, non-inline deployment
Specifications:
| Specification | Description |
|---|---|
| Malicious Sources |
|
| Malicious Attack Strings |
|
| Communications to ThreatRadar servers |
|
| Security Feed Updates |
|
| Data Feed Sources |
|
| SecureSphere Integration |
|
| Supported Products | |
| Pre-Requisites |
|
Documentation:
Download the SecureSphere ThreatRadar Datasheet (PDF).