Five Key Takeaways from the 2024 Imperva Bad Bot Report

Bad bots continue to affect consumers and organizations across all sectors. For over eleven years, Imperva has been dedicated to helping organizations manage and mitigate the threat of bad bots. We’ve published the 2024 Imperva Bad Bot Report as part of our commitment to helping organizations better understand the challenges ... Read More
spiral frame windows thumb

The New York Times vs. OpenAI: A Turning Point for Web Scraping?

In a recent blog, we covered the blurry lines of legality surrounding web scraping and how the advent of artificial intelligence (AI) and large language models (LLMs) further complicates the matter. Shortly after publishing the blog, a significant legal development began unfolding: The New York Times (NYT) filed a lawsuit ... Read More
Are You Ready for PCI DSS 4.0?

Are You Ready for PCI DSS 4.0?

The Payment Card Industry Data Security Standard (PCI DSS) is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure payment card systems.  In 2022, PCI DSS introduced its version ... Read More
Shifting from reCAPTCHA to hCaptcha

Shifting from reCAPTCHA to hCaptcha

We are adding another CAPTCHA vendor and helping our customers migrate from Google’s reCAPTCHA to hCaptcha.  Why We Are Making This Change We continuously evaluate our security measures to ensure they align with the evolving landscape of threats. After carefully evaluating several different CAPTCHA providers, including rigorous testing by our ... Read More
CSP Per Website

Are HTTP Content-Security-Policy (CSP) Headers Sufficient to Secure Your Client Side?

Modern web frameworks have shifted business logic from the server side to the client side (web browser), enhancing performance, flexibility, and user experience. However, this move introduces security and privacy concerns, as exposing sensitive logic and data can lead to vulnerabilities like code injections and data tampering. Proper data handling ... Read More
2024 Cybersecurity Trends & Predictions

Is Web Scraping Illegal? Depends on Who You Ask

Web scraping has existed for a long time, and depending on who you ask, it can be loved or hated. But where is the line drawn between extracting data for legitimate business purposes and malicious data extraction that hurts business? The bar is getting blurrier by the day, and the ... Read More
Five Takeaways from Black Friday & Cyber Monday Cyber Attacks

Five Takeaways from Black Friday & Cyber Monday Cyber Attacks

| | Application Security
The online retail industry is one of the prime targets for cybercrime, as detailed in our annual analysis of the cybersecurity threats targeting eCommerce websites and applications.  As the 2023 holiday shopping season continues, Imperva Threat Research is closely monitoring how cybercriminals are trying to disrupt and cause chaos for ... Read More
Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season

Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season

As the holiday season approaches, a palpable sense of joy and anticipation fills the air. Twinkling lights adorn homes, the aroma of freshly baked cookies wafts through the kitchen, and the sound of laughter and carolers’ melodies resonate on frosty evenings. It’s a time when families come together, cherished traditions ... Read More

The Dark Side of Web Development: Why You Should Be Prioritizing Shadow Code

In the fast-paced world of web development, staying ahead of the curve is paramount, as developers are frequently under pressure to deliver products and functionalities quickly and efficiently. To meet accelerated timelines, they often leverage third-party scripts and open-source libraries, expediting the development process and enhancing the application’s functionality. However, ... Read More

Imperva Offers New Features to Simplify PCI DSS Compliance

The Silent Threat of Client-Side Attacks As more transactions move online, a silent threat is lurking in the deepest, darkest shadows of websites, threatening to steal your sensitive data. This rapidly evolving threat, known as client-side attacks such as Magecart, formjacking, and online skimming, is capable of quietly acquiring a ... Read More

Secure Guardrails