Unauthenticated API Endpoints

API Security and The Silent Menace of Unknown APIs

The digital application landscape is evolving rapidly, with APIs as the backbone of modern software development. However, amidst all this innovation lies a silent menace:  the prevalence of unknown APIs. These APIs, often lurking beyond sanctioned channels, pose significant security risks to organizations. From shadow APIs born of good intentions ... Read More

Understanding the OWASP API Security Top 10: Why BOLA is the Number One Risk for APIs

Understanding and addressing vulnerabilities is critical in cybersecurity, where APIs serve as the backbone for seamless data exchange. The OWASP API Security Top 10, revised in 2023, provides a comprehensive guide to the critical issues that organizations must tackle to ensure the robust security of their APIs. Among the vulnerabilities ... Read More
Why it Pays to Have a Comprehensive API Security Strategy

Why it Pays to Have a Comprehensive API Security Strategy

In an era dominated by digital connectivity and rapid technological advancements, Application Programming Interfaces (APIs) play a pivotal role in facilitating seamless communication and data exchange between diverse software applications. As API usage continues to grow, so does the need for robust API security measures. In this blog post, we ... Read More
Latest Research Reveals Rise in API Attacks in 2023, Putting Businesses at Risk in 2024

Latest Research Reveals Rise in API Attacks in 2023, Putting Businesses at Risk in 2024

| | Application Security
The State of API Security in 2024 Report highlights how APIs and their increased usage are significantly changing the threat landscape. In 2023, the number of API-targeted attacks rose significantly.  Attacks targeting the business logic of APIs constituted 27% of attacks in 2023, a growth of 10% since the previous ... Read More
2024 Cybersecurity Trends & Predictions

Imperva Named an Overall Leader in the KuppingerCole Leadership Compass: API Security and Management Report

Imperva named an Overall Leader We’re thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management report.  Our Leadership excels across the sub-categories of Product, Innovation, and Market Leadership and in three correlated categories designed to provide an ... Read More

Imperva Expands Global Network, Adds First PoP in Vietnam

We are delighted to announce our first Point of Presence (PoP) in Hanoi, Vietnam, expanding our global network with our 16th PoP located in the Asia Pacific & Japan (APJ) region. Alongside its rich culture and historic sites, Hanoi, the enchanting capital city of Vietnam, is a bustling business center ... Read More

New Secaucus Point of Presence Increases Resilience for Financial Services

We are thrilled to announce the opening of a new cutting-edge Point of Presence (PoP) in Secaucus, New Jersey, which adds resilience to our network infrastructure located in the Northeastern United States region. This PoP represents the first build using next generation technology designed to significantly enhance performance, and deliver ... Read More
How to Secure All Your APIs Through Multiple Deployment Options

How to Secure All Your APIs Through Multiple Deployment Options

Imperva has invested in strengthening our API Security offering to meet the needs of customers since the acquisition of CloudVector in 2021. Since then, the product’s capabilities have expanded, positioning it as a leader in the growing API Security market.  What makes Imperva API Security unique is its ability to ... Read More
Understanding Business Logic Abuse and Its Detection Challenges

Understanding Business Logic Abuse and Its Detection Challenges

Digital modernization and automation have been on a rapid trajectory for the last 5 years and were thrust forward at an even faster pace when the COVID-19 pandemic and subsequent lockdown period took hold in 2020. For businesses and consumers alike this acceleration of advanced technology development has brought a ... Read More
Spikes in layer 7 DDOS Healthcare

Advanced Persistent Threat Groups Behind DDoS Attacks on Danish Hospitals

On Sunday 26 February the websites of several Danish hospitals were taken offline after being hit by Distributed Denial of Service (DDoS) attacks claimed by a group calling themselves ‘Anonymous Sudan’. According to reports on Twitter patient care was unaffected by the attacks and the sites were back online after ... Read More