Decades of experience
As a spin-off of Imperva, Incapsula’s WAF threat detection models leverage Imperva’s vast experience and best practices, gained over the past eight years of leading the WAF market.
Incapsula’s cloud-based Web Application Firewall (WAF) safeguards your websites and applications from any web attack, so you can avoid costly data breaches and downtime. Based on Imperva’s industry-leading technology, our PCI-certified WAF protects against SQL injection, XSS and other OWASP top 10 threats. Custom security rules let you efficiently enforce security policies and eliminate false positives.
Incapsula’s Web Application Firewall protects against the most critical web application security risks, such as SQL injection, cross-site scripting, illegal resource access, remote file inclusion and other OWASP Top 10 threats. Security experts behind Incapsula's service ensure optimum protection against newly discovered vulnerabilities to prevent disruption to your application and improve website performance.
Incapsula’s custom security rules allow you to enforce your organization’s security policy in an optimal manner within Incapsula’s Web Application Firewall. A simple-to-use GUI lets you configure tailored security rules to meet your business’ particular needs.
Each security rule can be configured specifically according to the customer’s blocking policy (block request, block IP, block session or alert only).
Incapsula’s Web Application Firewall is certified by the PCI Security Standards Council. It delivers cost-effective compliance with PCI DSS requirement 6.6 without any hardware or software installation and without changes to your web application.
Incapsula protects you from liabilities and non-compliance penalties, while protecting your customers' sensitive data from exposure on your site. The PCI compliance report audits security rules configuration changes and periodically reports on your compliance with PCI 6.6 requirements.
Using crowdsourcing techniques, Incapsula's Web Application Firewall protects your websites and applications with collective knowledge about the current threat landscape. Threat information is aggregated across the entire Incapsula community using big data analytics. This data is used to identify new attacks as they happen and simultaneously apply mitigation rules to all websites protected by Incapsula.
The security policy can be fine-tuned to address specific URLs, fields, IP addresses and countries. Powerful access control capabilities enable you to define exceptions and minimize false-positives.