DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • DevOps Chats
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Communities
    • AWS Community Hub
    • CloudBees
    • IT as Code
    • Rocket on DevOps.com
    • Traceable on DevOps.com
    • Quali on DevOps.com
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DevSecOps
  • Leadership Suite
  • Practices
  • ROELBOB
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps

Home » Latest News Releases » Imperva® Launches New Product to Secure Serverless Functions with Visibility into the Application Layer and Code-Level Vulnerabilities

Imperva® Launches New Product to Secure Serverless Functions with Visibility into the Application Layer and Code-Level Vulnerabilities

By: Veronica Haggar on May 24, 2021 Leave a Comment

Imperva Serverless Protection provides an additional layer of security for AWS Lambda environments

Recent Posts By Veronica Haggar
  • DevOps Connect: DevSecOps — Building a Modern Cybersecurity Practice
  • Allego® Launches Allego 7 to Power Sales Enablement that Wins Sellers and Buyers
  • Starburst Acquires Varada To Deliver The New Standard Of Data Lake Analytics
More from Veronica Haggar
Related Posts
  • Imperva® Launches New Product to Secure Serverless Functions with Visibility into the Application Layer and Code-Level Vulnerabilities
  • Should You Go ‘Serverless’? The Pros and Cons
  • Contrast Security Releases New Capabilities to Secure Enterprise Software Supply Chains
    Related Categories
  • Latest News Releases
    Related Topics
  • Imperva
Show more
Show less

San Mateo, CA, May 24, 2021 — Imperva, Inc., (@Imperva) the cybersecurity leader whose mission is to protect data and all paths to it, launches Imperva Serverless Protection, a new product built to secure organizations from vulnerabilities created by misconfigured apps and code-level security risks in serverless computing environments. Designed with the developer and security team in mind, the new product is easily deployed as an AWS Lambda layer, protecting functions without changing code.

DevOps Connect:DevSecOps @ RSAC 2022

Built on Amazon Web Services (AWS), Imperva Serverless Protection is a fully integrated tool within AWS Lambda Extensions. The integration gives developers faster access to the new Imperva offering to provide an additional layer of security for their AWS Lambda environment. This latest innovation from Imperva adds to the company’s solutions for protecting applications in all their forms: legacy, APIs, microservices, and serverless functions.

“We see hundreds of thousands of customers of all sizes embrace serverless applications to quickly deliver value to their customers,” says Holly Mesrobian, General Manager, AWS Lambda, AWS. “The Imperva extension enables customers to easily embed additional security in their DevOps processes for serverless applications with just a simple configuration change.”

Developers are increasing adoption of serverless functions that offer lower costs, less configuration and faster deployment. However, “through 2022, 80% of successful attacks on serverless [platform as a service] PaaS will have a root cause of misconfiguration or the use of known vulnerable code due to immature tools and processes,” writes Neil MacDonald, Vice President, Distinguished Analyst, Gartner, in the March 2020 report, “Security Considerations and Best Practices for Securing Serverless PaaS”. He adds, “New approaches and techniques for securing serverless will be required and should be designed using a life cycle approach, starting in development and carrying through into operations.”

Imperva Serverless Protection offers market-differentiated capabilities to help organizations manage the complex security risks that emerge in serverless functions.

  • Protection against malicious activity: Purpose-built for serverless computing, Imperva uniquely enables a positive security model that provides protection against malicious changes, like zero-day exploits, within the function. Deployed as an AWS Lambda layer, it can be deployed once and applied to multiple AWS Lambda functions.
  • Visibility and protection from internal and external code vulnerabilities: Imperva Serverless Protection secures serverless functions from vulnerabilities embedded in first and third-party code — the underlying risk factor that can trigger a software supply chain attack. It effectively monitors and blocks vulnerabilities without elaborate or manual steps involved.
  • OWASP Serverless Top 10 coverage: Imperva Serverless Protection offers protections from misconfigurations, code-level risks, injections and weaknesses. It stops HTTP response splitting and method tampering, code injection, and other complex threats. It also monitors for insecure cookies and transport, logging of sensitive information, unauthorized network activity, weak authentication, and other potential vulnerabilities.
  • Deep visibility into security incidents at the application layer: Imperva Serverless Protection runtime monitoring gathers log-level information to provide forensic detail so security teams can fully understand the context of every attack with virtually no impact on latency. It also identifies and maps third-party dependencies used during runtime.

“Traditional security technologies are not designed to get visibility into and provide protection for ephemeral workloads like serverless functions. Customers require the combination of protection at the function, contextual awareness, and high performance. Additionally, customers are not interested in modifying their workloads or changing code to support security functions. Imperva Serverless Protection was created exactly to solve these needs,” says Kunal Anand, Chief Technology Officer, Imperva. “With Imperva Serverless Protection, DevOps and SecOps teams have a powerful new capability to stop serverless attacks.”

“We are pleased to have partnered with Imperva on the design of their Imperva Serverless Protection solution and believe they’re offering the right approach to serverless security by embedding protection into the function,” says Tyler Warren, Director, IT Security, Prologis. “Imperva is a true differentiator and ensures we remain at the forefront of protection against ever-evolving security threats, including those emerging in serverless functions.”

About Imperva

Imperva is the cybersecurity leader whose mission is to protect data and all paths to it. Customers around the world trust Imperva to protect their applications, data and websites from cyber attacks. With an integrated approach combining edge, application security and data security, Imperva protects companies through all stages of their digital journey. Imperva Research Labs and our global intelligence community enable Imperva to stay ahead of the threat landscape and seamlessly integrate the latest security, privacy and compliance expertise into our solutions.

Filed Under: Latest News Releases Tagged With: Imperva

Sponsored Content
Featured eBook
The 101 of Continuous Software Delivery

The 101 of Continuous Software Delivery

Now, more than ever, companies who rapidly react to changing market conditions and customer behavior will have a competitive edge.  Innovation-driven response is successful not only when a company has new ideas, but also when the software needed to implement them is delivered quickly. Companies who have weathered recent events ... Read More
« GridGain Control Center Now Available as a Cloud Service
API Security by Design »

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Continuous Deployment
Monday, July 11, 2022 - 1:00 pm EDT
Using External Tables to Store and Query Data on MinIO With SQL Server 2022
Tuesday, July 12, 2022 - 11:00 am EDT
Goldilocks and the 3 Levels of Cardinality: Getting it Just Right
Tuesday, July 12, 2022 - 1:00 pm EDT

Latest from DevOps.com

Rust in Linux 5.20 | Deepfake Hiring Fraud | IBM WFH ‘New Normal’
June 30, 2022 | Richi Jennings
Moving From Lift-and-Shift to Cloud-Native
June 30, 2022 | Alexander Gallagher
The Two Types of Code Vulnerabilities
June 30, 2022 | Casey Bisson
Common RDS Misconfigurations DevSecOps Teams Should Know
June 29, 2022 | Gad Rosenthal
Quick! Define DevSecOps: Let’s Call it Development Security
June 29, 2022 | Don Macvittie

Get The Top Stories of the Week

  • View DevOps.com Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Download Free eBook

DevOps: Mastering the Human Element
DevOps: Mastering the Human Element

Most Read on DevOps.com

What Is User Acceptance Testing and Why Is it so Important?
June 27, 2022 | Ron Stefanski
Rust in Linux 5.20 | Deepfake Hiring Fraud | IBM WFH ‘New No...
June 30, 2022 | Richi Jennings
Chip-to-Cloud IoT: A Step Toward Web3
June 28, 2022 | Nahla Davies
DevOps Connect: DevSecOps — Building a Modern Cybersecurity ...
June 27, 2022 | Veronica Haggar
The Two Types of Code Vulnerabilities
June 30, 2022 | Casey Bisson

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2022 ·Techstrong Group, Inc.All rights reserved.