D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application Layer Attacks
-
Upload
imperva-incapsula -
Category
Technology
-
view
74 -
download
2
Transcript of D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application Layer Attacks
The Incapsula WAF: Your Best Line of Defense Against Application Layer AttacksEhud Cohen
Product Manager
BIO
Ehud CohenTwo kids Three years at
Imperva Incapsula
Over 13 years in the
business, in various
different roles such
as application, R&D
and project
management
Continuously
challenge previous
assumptions to
find a better
solution
© 2017 Imperva, Inc. All rights reserved.
BOTs are coming already here
BOTs Evolution
Old school technologies:CAPTCHA
SubmitSubmit
© 2017 Imperva, Inc. All rights reserved.
WAF offering: Cookiechallenge
Hackers response:Save cookie
© 2017 Imperva, Inc. All rights reserved.
WAF offering: JS challenge
© 2017 Imperva, Inc. All rights reserved.
Hackers response:Browser look alike
© 2017 Imperva, Inc. All rights reserved.
WAF offering: Header Signatures
© 2017 Imperva, Inc. All rights reserved.
Hackers response:Selenium driver
© 2017 Imperva, Inc. All rights reserved.
WAF offering: fingerprinting
Hackers response:Piggyback legitimatesessions
© 2017 Imperva, Inc. All rights reserved.
The IncapsulaWay
“Session-based, out-of-the-
box WAF with minimal latency”
© 2017 Imperva, Inc. All rights reserved.
IncapRules
Session based
Single stack
Home grown technology
© 2017 Imperva, Inc. All rights reserved.
Advanced automatic BOT mitigation
High visibility into attacks
© 2017 Imperva, Inc. All rights reserved.
Thank you for your time.
© 2017 Imperva, Inc. All rights reserved.