Imperva expands cloud defences

An aggressive acquisition and development campaign sees security specialist, Imperva, adding Skyfence and Incapsula to its cloud-based security tools, as well as developing a Web Application Firewall for AWS

  • 10 years ago Posted in

Filling out what it calls its third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual datacentres, US security systems vendor, Imperva, has announced that it has agreed to acquire cloud security gateway startup, Skyfence, and has an agreement in principle to acquire the remaining shares of cloud-based web application security company Incapsula. It has also released SecureSphere Web Application Firewall (WAF) for Amazon Web Services (AWS).

Skyfence replaces traditional on-premise activity monitoring and security solutions, delivering a cloud gateway that provides a comprehensive security and compliance stack. For externally facing production applications, the cloud is changing deployment in two ways. The SaaS approach is where  Incapsula comes in, directly meeting that need with an application-aware global CDN platform that provides security, DDoS protection, load balancing, and failover solutions.

Other customers prefer an Infrastructure as a Service (IaaS) model, and for these, SecureSphere for AWS allows them to move their applications without sacrificing security.

 “The strategy we are unveiling today comprehensively addresses the dangerous security gaps raised by the move to the cloud.”

“Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognised that cloud delivery would change the web application security landscape,” said Shlomo Kramer, CEO of Imperva. “In the case of Skyfence, we believe that SaaS delivery models for internally facing corporate applications will substantially change the landscape for datacentre security and compliance. We are investing in this space early to put us in the best position possible to help new and existing customers.”

Skyfence protects the internal corporate applications, like employee- and back office-oriented applications that are moving to SaaS delivery models. Despite being internal, these applications allow access from the internet, which exposes them to the vulnerabilities intrinsic to public facing applications. This also creates security challenges and regulatory and compliance challenges as it moves responsibility for housing the data to a third party.

Skyfence has developed a solution providing real time visibility and control over corporate use of SaaS applications, which enforces security policy, protects sensitive data from external and inside threats, and ensures compliance with standards.

It generates an audit trail of all user access ranging from login events to a full activity log and enables enforcement of the necessary separation of duties between the SaaS administrator and IT security. Administrators can generate activity reports for both internal and external compliance audits and exposure reports for forensic analysis.

It also identifies and protects against account-centric attacks including account takeovers, man-in-the-middle attacks, DNS poisoning, and brute force attacks.


The purchase of the remaining stake in Incapsula delivers security for external facing production applications like online banking, online gaming, and retail applications. Through an application-aware global Cloud Delivery Network (CDN) platform, Incapsula provides websites and web applications with DDoS protection, load balancing, and failover solutions, available as standalone services or as an integrated solution.

Imperva’s new SecureSphere Web Application Firewall version for Amazon Web Services is primarily aimed at customers that want to take their on-premise solution to the cloud or that prefer a `do it yourself’ model for application security. It has been designed to natively take advantage of Amazon Web Services infrastructure. Leveraging Amazon Cloud Formation, WAF instances are created and moved along with the applications they protect, including across Availability Zones, allowing for fast deployment of large enterprise-scale environments with minimal operational overhead. Instances of SecureSphere are created or removed from the deployment following Amazon’s auto-scaling policies.

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.