Top Page | English | 简体中文 | 繁體中文 | 한국어 | 日本語
Tuesday, 29 January 2013, 16:05 HKT/SGT

Source: Imperva Inc.
Imperva Report Examines Dangers of Third-Party Code for Cloud Security
Analysis of Yahoo! Breach Highlights SQL Injection; Third-party Code Offers Little Control, High Risk

Redwood Shores, CA, Jan 29, 2013 - (ACN Newswire) - Imperva, Inc. (NYSE: IMPV), a pioneer and leader of a new category of business security solutions for critical applications and high-value data in the data center, today announced its January Hacker Intelligence Initiative Report, "Lessons Learned from the Yahoo! Hack," which examines the dangers of third-party code in cloud computing.

In December 2012, a hacker breached Yahoo! with an SQL injection attack that took advantage of a vulnerability in a third-party application that was provided on the Yahoo! Web site. This attack highlights the risk that many Web applications face: Web applications may contain some sort of third-party code, such as APIs, that was not created by the developers.

"The weak link in the Yahoo! attack was not programmed by Yahoo! developers, nor was it even hosted on the Yahoo! Servers, and yet the company found itself breached as a result of third-party code," said Amichai Shulman, CTO, Imperva. "The challenge presented by the Yahoo! breach is that Web-facing businesses should take responsibility to secure third-party code and cloud-based applications."

In "Lessons Learned from the Yahoo! Hack," Imperva recommends specific business and technical steps. From a business standpoint, for example, enterprises should:

-- Put in place legal requirements in a contract for what you will and will not accept from a security perspective.
-- Incorporate security due diligence for any merger or acquisition activity.

Technically, Imperva recommends enterprises:

-- Conduct a Web application vulnerability security assessment. A manual review of Web application security or proper use of automated Web application security vulnerability assessment can identify potential vulnerabilities that should be addressed in the software development lifecycle (SDLC).
-- Deploy a Web Application Firewall (WAF). A WAF serves as a security policy enforcement point that prevents vulnerable Web applications from being exploited.

To download the full report please visit: .

About Imperva

Imperva is a pioneer and leader of a new category of business security solutions for critical applications and high-value data in the data center. Imperva's award-winning solutions protect against data theft, insider abuse, and fraud while streamlining regulatory compliance by monitoring and controlling data usage and business transactions across the data center, from storage in a database or on a file server to consumption through applications. With over 2,000 end-user customers in more than 60 countries and thousands of organizations protected through cloud-based deployments, securing your business with Imperva puts you in the company of the world's leading organizations. For more information, visit , follow us on Twitter or visit our blog. We're hiring! Help us protect the world's data: .

Media Contact:
Clinton Karr
[email protected]

(c) 2013 Imperva, Inc. All rights reserved. Imperva and the Imperva logo are trademarks of Imperva, Inc.

This announcement is distributed by Thomson Reuters on behalf of Thomson Reuters clients.

The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and other applicable laws; and
(ii) they are solely responsible for the content, accuracy and originality of the information contained therein.

Source: Imperva Inc. via Thomson Reuters ONE

Jan 29, 2013 16:05 HKT/SGT
Topic: Press release summary
From the Asia Corporate News Network

Copyright © 2020 ACN Newswire. All rights reserved. A division of Asia Corporate News Network.

Imperva Inc.
July 3, 2014 07:05 HKT/SGT
Imperva Named Web Application Firewall Vendor of the Year at 2014 Frost & Sullivan Asia Pacific ICT Awards
Dec 21, 2012 07:10 HKT/SGT
Imperva Issues 2013 Cyber Security Predictions
Dec 5, 2012 13:05 HKT/SGT
Imperva Reports Antivirus Solutions Woefully Inadequate
Nov 19, 2012 18:00 HKT/SGT
Imperva Ranked 235th Fastest Growing Company in North America on Deloitte's 2012 Technology Fast 500(TM)
Nov 14, 2012 13:40 HKT/SGT
Imperva and Acunetix Partner to Virtually Patch Web Vulnerabilities
Oct 30, 2012 20:15 HKT/SGT
Increased Hacker Interest in SQL Injection Attacks
Oct 25, 2012 07:25 HKT/SGT
Mitigate Insider Threats With A Measured Approach To Security
Sept 26, 2012 20:15 HKT/SGT
Imperva SecureSphere WAF to be hosted on the Cisco Nexus 1110/1010 Virtual Services Appliances to Improve Web Application Security
Sept 25, 2012 08:05 HKT/SGT
Imperva Earns Government Technology Research Alliance Insider Threat Roundtable Award
Sept 21, 2012 07:55 HKT/SGT
Imperva Dissects Denial Of Service Attacks
More news >>
 News Alerts
Copyright © 2020 ACN Newswire - Asia Corporate News Network
Home | About us | Services | Partners | Events | Login | Contact us | Privacy Policy | Terms of Use | RSS
US: +1 800 291 0906 | Beijing: +86 400 879 3881 | Hong Kong: +852 2217 2912 | Singapore: +65 6304 8926 | Tokyo: +81 3 6859 8575

Connect With us: