Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed security to the world's most security-conscious businesses. Our website security solution redefines and extends the WAF beyond traditional concepts. In addition to our enterprise-grade, PCI-certified WAF, Incapsula's service also includes backdoor protection, two-factor authentication, and bot access control.
Our cloud-based approach, coupled with crowdsourcing techniques, enables us to harness real data from our customer base to better understand the global attack landscape and continually improve our security. Servicing thousands of customers and subjected to hundreds of penetration tests and millions of attacks every day, Incapsula's service is aligned to meet the most stringent enterprise-grade security criteria.
Application Firewall (WAF)
Incapsula's cloud-based WAF ensures that your website or application is always protected against any type of application layer hacking attempt. Based on Imperva’s industry-leading WAF technology and experience, Incapsula's WAF defends against OWASP Top 10 threats including: SQL injection, cross-site scripting, illegal resource access, and remote file inclusion. Security experts behind Incapsula's service ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your application and improve website performance.
Bad Bot Protection
Using advanced client classification technology, crowdsourcing and reputation-based techniques, Incapsula distinguishes between "good" and "bad" bot traffic. This lets you block scrapers, vulnerability scanners and comment spammers that overload your servers and steal your content, while allowing search engines and other legitimate services to freely access your website.
Backdoor Shell Protection:Detect and Quarantine
Hackers covertly install malicious code (known as a backdoor) on your website that gives them full access to your application and data. Incapsula's adaptive security engines and WAF monitor website traffic to prevent backdoor install attempts and to quarantine backdoors already installed, rendering them useless.
One-click Two Factor Authentication (2FA)
Implement strong authentication on any website or application without integration, coding or software changes. Single-click activation lets you protect administrative access, secure remote access to corporate web applications, and restrict access to particular webpages. Manage and control multiple logins across several websites in a centralized manner.
Ingress Traffic Management
With Incapsula, you can take full control over who and what can access your site. Our service provides granular filters and controls to prevent access from unwanted visitors (e.g., countries, specific bots, URLs, IPs), while enabling uninterrupted access to legitimate visitors (customers, leading search engines, etc.). IP address shielding hides your web server’s IP address, preventing access to it via SSH, FTP, Telnet and other methods.
Advanced Persistent Threats (APTs) exploit the key weaknesses of today’s common IT infrastructures in order to steal intellectual property and sabotage business-critical production environments. As more companies conduct their core business operations in the cloud, APTs have begun to target websites and web applications as a "soft spot" in the security architecture.