Imperva’s ThreatRadar Add-on Mitigates Automated Cyber Attacks

Reputation-based service for Web application security

Note: ESJ’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

Imperva has released ThreatRadar, a new add-on to the company’s Web application firewall (WAF), providing automated, reputation-based defense against large scale industrialized cyber attacks.

ThreatRadar increases an enterprise’s ability to stop attacks by automatically adapting the defense so traffic from malicious sources can be blocked before an attack is attempted. As attackers shift locations and techniques, Imperva’s ThreatRadar-powered WAF delivers an arsenal of defense capabilities.

By using ThreatRadar with Imperva’s WAF, enterprises can mitigate:

  • Mass SQL Injection attacks coming from botnets

  • Several types of automated attacks such as Comment SPAM campaigns, scraping attacks, and Web e-mail SPAM attacks

ThreatRadar provides protection against:

  • Malicious sources: Protection from sources that have repeatedly performed malicious activity on other Web applications; often part of the over ten million botnet networks they are executing attacks on behalf of remote hackers

  • Anonymous Proxies: Protection from sources used as anonymous proxies. By hiding the identity of traffic sources, anonymous proxies are often exploited by hackers to launch attacks

  • The Onion Router, a.k.a., TOR IPs: Protection from the TOR hacker network. Hackers use the TOR network to launch attacks without revealing their identity and location

  • Phishing URLs: Real-time alerting on phishing incidents against your domain

In addition, ThreatRadar will provides an IP forensics tool to dynamically provide additional context on attackers, including geographic location and user profile, that takes the guesswork out of incident analysis.

Imperva’s Application Defense Center (ADC) has researched and integrated credible attack source data providers to ensure protection accuracy and effectiveness. The ADC will continually update attack sources as an ongoing service.

More information is available at