The Future of SSL Certificate Management: Adapting to Shortened Renewal Periods
The industry is evolving yet again. With the CA/Browser Forum’s recent decision to reduce the maximum SSL/TLS certificate lifecycle to 47 days by 2029, the way organizations manage their certificates is going ...
From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities
Introduction In today’s digital era, security breaches can occur in the blink of an eye. Telegram Desktop is renowned for its secure, user-friendly messaging interface, but what if the data used to ...
2025 Imperva Bad Bot Report: How AI is Supercharging the Bot Threat
Bad bots continue to target organizations across every industry and geography, but the rise of Artificial Intelligence (AI) is fueling bot attacks, making them more intelligent and more evasive than ever before ...
Beyond Schema Enforcement: Imperva’s Approach to Delivering Holistic API Security
API security is gaining attention, yet many organizations struggle to move from identifying risks to mitigating them effectively. In their eagerness to strengthen their security posture, some rush to implement schema protection ...
Imperva Customers Are Protected Against CVE-2025-31161 in CrushFTPÂ
Introduction A critical security vulnerability, identified as CVE-2025-31161 (previously tracked as CVE-2025-2825), has been discovered in CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. This flaw allows unauthenticated remote attackers to ...
The Database Kill Chain
Modern attacks targeting sensitive data have become complex. An organization with many assets might be lost when trying to assess its overall risk, understand the pain points and prioritize the tasks required ...
The 2025 WAF Wave from the Other Side
Forrester just published its 2025 Web application Firewall Wave. As a former industry analyst, and as a contributor on the vendor side for Imperva (cough, a leader in the report, cough), let ...
Imperva Named a Leader in Forrester Wave™: Web Application Firewall (WAF) Solutions: A Continued Legacy of Excellence
In today’s digital-first environment, protecting web applications and APIs is a critical priority for businesses. Organisations seek trusted solutions that balance robust protection, scalability, and ease of use. It’s no surprise that ...
Imperva Protects Against Apache Tomcat Deserialization Vulnerability
Overview A newly disclosed vulnerability, CVE-2025-24813, affecting Apache Tomcat, has been identified as a high-risk path equivalence vulnerability that allows attackers to manipulate filenames with internal dots (.) under specific conditions, leading ...
Imperva Protects Against the Apache Camel Vulnerabilities
Introduction: Understanding the Apache Camel Flaw On March 9, 2025, Apache released a security advisory for CVE-2025-27636, a vulnerability in the Apache Camel framework that allows attackers to bypass header filtering via ...
