Yankee Group Names Imperva to “Winner” Category in Application Security Market
FOSTER CITY, Calif. – September 16, 2004 – Imperva, Inc., a leading provider of application security solutions, today announced that Yankee Group, the global leader in communications & networking research and consulting, included the company in the “Winners” category, along with three other Web application gateway vendors, in a report entitled “Application Gateways Secure Business Communications.” The report, by Eric Ogren, Senior Analyst, Security Solutions & Services at the Yankee Group, highlights Imperva’s approach to protecting web and database applications as a key differentiator for its SecureSphere line of products.
“Imperva takes a holistic view of application security in protecting internal and external access to Web interfaces, application servers and database servers. Imperva examines all communications to the application environment, making decisions based on type of access and the risk of inadvertent disclosure of proprietary information,” said Eric Ogren in the August 2004 report. “Imperva’s solution excels at securing entire application environments.”
“Earning a place on the winner’s block with Yankee Group is confirmation of market traction for us,” said Shlomo Kramer, CEO of Imperva Inc. “Our unique approach to automatically securing the entire application layer from the inside out has met with substantial demand from enterprises who want total application security with minimal ongoing management.”
SecureSphere’s Total Application Security is based on Dynamic Profiling(tm), which creates a baseline of expected behavior to enable detection and blocking of attempted security breaches. Because application environments are highly dynamic, persistent learning technologies constantly update profiles to reflect recent changes without requiring manual tuning.
SecureSphere’s Dynamic Web Firewall protects the application’s external Web interface based upon the Web elements of the Dynamic Profile. These Web elements include legitimate URLs, HTTP methods, parameters, cookies, response codes and hidden fields, among others. Based upon this understanding of normal user interactions with the Web server, the Dynamic Web Firewall is able to prevent attacks targeting all of the most pervasive application vulnerabilities.
SecureSphere’s Dynamic Database Firewall relies on the database elements of the Dynamic Profile to detect unusual database queries of any kind. Database elements include legitimate SQL queries, valid IP addresses per SQL query, valid user names per SQL query, and more. The database firewall prevents direct unauthorized queries from internal sources. SecureSphere’s Correlated Attack Validation algorithms can correlate database firewall violations with Web firewall violations to deliver overall system accuracy that is not possible by Web or Database firewalls working independently.
About Imperva, Inc.
Imperva, developer of the first Dynamic Profiling Firewall(tm), delivers Total Application Security solutions – including protection from Web application, database, and worm attacks – requiring no manual configuration or tuning. The firm’s SecureSphere gateway appliances are deployed in leading financial, healthcare, and retail organizations around the globe. Led by Shlomo Kramer, a Check Point Software Technologies founder, Imperva is privately funded by Accel Partners, US Venture Partners, and Venrock Associates. For more information visit our website: www.imperva.com
About The Yankee Group
The Yankee Group is the global leader in communications & networking research and consulting. The company helps businesses understand the opportunities, risks and competitive pressures of developing, deploying and consuming products and services that drive communication or information exchange. Now in its fourth decade, the Yankee Group is based in Boston with offices throughout North America and Europe. (