Imperva expands cloud defences

An aggressive acquisition and development campaign sees security specialist, Imperva, adding Skyfence and Incapsula to its cloud-based security tools, as well as developing a Web Application Firewall for AWS

  • 10 years ago Posted in

Filling out what it calls its third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual datacentres, US security systems vendor, Imperva, has announced that it has agreed to acquire cloud security gateway startup, Skyfence, and has an agreement in principle to acquire the remaining shares of cloud-based web application security company Incapsula. It has also released SecureSphere Web Application Firewall (WAF) for Amazon Web Services (AWS).

Skyfence replaces traditional on-premise activity monitoring and security solutions, delivering a cloud gateway that provides a comprehensive security and compliance stack. For externally facing production applications, the cloud is changing deployment in two ways. The SaaS approach is where  Incapsula comes in, directly meeting that need with an application-aware global CDN platform that provides security, DDoS protection, load balancing, and failover solutions.

Other customers prefer an Infrastructure as a Service (IaaS) model, and for these, SecureSphere for AWS allows them to move their applications without sacrificing security.

 “The strategy we are unveiling today comprehensively addresses the dangerous security gaps raised by the move to the cloud.”

“Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognised that cloud delivery would change the web application security landscape,” said Shlomo Kramer, CEO of Imperva. “In the case of Skyfence, we believe that SaaS delivery models for internally facing corporate applications will substantially change the landscape for datacentre security and compliance. We are investing in this space early to put us in the best position possible to help new and existing customers.”

Skyfence protects the internal corporate applications, like employee- and back office-oriented applications that are moving to SaaS delivery models. Despite being internal, these applications allow access from the internet, which exposes them to the vulnerabilities intrinsic to public facing applications. This also creates security challenges and regulatory and compliance challenges as it moves responsibility for housing the data to a third party.

Skyfence has developed a solution providing real time visibility and control over corporate use of SaaS applications, which enforces security policy, protects sensitive data from external and inside threats, and ensures compliance with standards.

It generates an audit trail of all user access ranging from login events to a full activity log and enables enforcement of the necessary separation of duties between the SaaS administrator and IT security. Administrators can generate activity reports for both internal and external compliance audits and exposure reports for forensic analysis.

It also identifies and protects against account-centric attacks including account takeovers, man-in-the-middle attacks, DNS poisoning, and brute force attacks.


The purchase of the remaining stake in Incapsula delivers security for external facing production applications like online banking, online gaming, and retail applications. Through an application-aware global Cloud Delivery Network (CDN) platform, Incapsula provides websites and web applications with DDoS protection, load balancing, and failover solutions, available as standalone services or as an integrated solution.

Imperva’s new SecureSphere Web Application Firewall version for Amazon Web Services is primarily aimed at customers that want to take their on-premise solution to the cloud or that prefer a `do it yourself’ model for application security. It has been designed to natively take advantage of Amazon Web Services infrastructure. Leveraging Amazon Cloud Formation, WAF instances are created and moved along with the applications they protect, including across Availability Zones, allowing for fast deployment of large enterprise-scale environments with minimal operational overhead. Instances of SecureSphere are created or removed from the deployment following Amazon’s auto-scaling policies.

New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
Barracuda Networks’s award-winning Email Protection and Cloud Backup security solutions will be...
Leading company in renewables to leverage HPE’s unique turnkey AI infrastructure solution to...
The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...