Click here to close now.


News Feed Item

Imperva to Acquire Incapsula and Skyfence; Introduces SecureSphere WAF for Amazon Web Services

Imperva, Inc. (NYSE: IMPV), pioneering the third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual data centers, today announced the company has agreed to acquire cloud security gateway startup Skyfence and has an agreement in principle to acquire the remaining shares of cloud-based web application security company Incapsula. Imperva also announced today the release of SecureSphere Web Application Firewall (WAF) for Amazon Web Services (AWS). The combination of these extends Imperva’s comprehensive data center security strategy across the cloud with solutions that are unmatched in the industry.

“Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognized that cloud delivery would change the web application security landscape,” said Shlomo Kramer, CEO of Imperva. “In the case of Skyfence, we believe that Software as a Service (SaaS) delivery models for internally facing corporate applications will substantially change the landscape for data center security and compliance. We are investing in this space early to put us in the best position possible to help new and existing customers.”

Gartner predicts global spending on public cloud services will grow from $155B in 2014 to $210B in 20161. As cloud adoption accelerates, enterprises are prioritizing how to integrate and migrate existing systems, from Enterprise Resource Planning (ERP) to Customer Relationship Management (CRM) systems, to cloud-based platforms. Cloud services often run critical applications and store business-critical data, but the majority of existing security controls do not cover the range of different cloud deployments because they were designed for on-premise applications.

“For some time now, we’ve seen our customers take advantage of cloud-based services to reduce costs and increase flexibility. However, moving applications and data off-premise causes new and very significant risk exposure for organizations,” said Mark Kraynak, Senior Vice President, Worldwide Marketing, Imperva. “The strategy we are unveiling today comprehensively addresses the dangerous security gaps raised by the move to the cloud.”

Imperva’s strategy covers security gaps with multiple cloud deployment models. For internally facing corporate applications, the move to the cloud obviates traditional on-premise activity monitoring and security solutions. To fill this gap, Skyfence delivers a cloud gateway that provides a comprehensive security and compliance stack. For externally facing production applications, the cloud is changing deployment in two ways. Some customers prefer a SaaS model for WAF delivery. Incapsula directly meets that need with an application-aware global CDN platform that provides best-of-breed security, DDoS protection, load balancing, and failover solutions. Other customers prefer an Infrastructure as a Service (IaaS) model by which they can leverage the economies of scale of their cloud provider to realize significant cost savings. For these customers, SecureSphere for AWS allows them to move their applications without sacrificing security.

Imperva Skyfence
The first component of Imperva’s strategy is the agreement to acquire Skyfence. Skyfence protects the internal corporate applications, like employee- and back office-oriented applications that are moving to SaaS delivery models. Despite being internal, these applications allow access from the internet, which exposes them to the vulnerabilities intrinsic to public facing applications. This also creates security challenges and regulatory and compliance challenges as it moves responsibility for housing the data to a third party.

Skyfence has developed a solution providing real time visibility and control over corporate use of SaaS applications, which enforces security policy, protects sensitive data from external and inside threats, and ensures compliance with standards. Skyfence uses proprietary network traffic analysis and Dynamic User Fingerprinting technology to profile normal user behavior and detect anomalies that could indicate cyber-attacks or inside threats. Through a single, central gateway, the solution provides organizations with the power to discover all of the cloud assets that are in use and to uniformly enforce security and compliance policies in addition to controlling user access to sensitive data, privileged user activity and API access to the service.

There are three main customer challenges driving the need for Skyfence:

  • Managing Compliance in the Cloud – Skyfence generates an audit trail of all user access ranging from login events to a full activity log and enables enforcement of the necessary separation of duties between the SaaS administrator and IT security. Administrators can generate activity reports for both internal and external compliance audits and exposure reports for forensic analysis.
  • Controlling “Shadow IT” – Skyfence will automatically detect cloud applications that are used without corporate approval and provides risk scores and usage metrics.
  • Cyber Intrusion Prevention – The weakest link in many cloud applications’ security is the abuse of legitimate user accounts. Skyfence identifies and protects against account-centric attacks including account takeovers, man-in-the-middle attacks, DNS poisoning, and brute force attacks.

Imperva Incapsula
The second component of this strategy is our agreement in principle to purchase of the remaining stake in Incapsula to deliver security for external facing production applications like online banking, online gaming, and retail applications. Through an application-aware global Cloud Delivery Network (CDN) platform, Incapsula provides websites and web applications with best-of-breed security, DDoS protection, load balancing, and failover solutions, available as standalone services or as an integrated solution.

  • Incapsula's enterprise-grade PCI-certified WAF protects customers’ websites or applications so that they are secure and available. Based on Imperva’s industry-leading technology and experience and using a SaaS approach, Incapsula's security experts protect customers against new and emerging threats.
  • Incapsula DDoS applies mitigation outside of a customer’s network, meaning that only filtered traffic reaches the host. Incapsula maintains an extensive DDoS threat knowledgebase, which includes new and emerging attack methods. This constantly-updated information is aggregated across the entire network, identifying new threats as they emerge, detecting known malicious users, and applying remedies in real-time across all Incapsula-protected websites.
  • Incapsula’s CDN is a powerful network of data centers located around the world that delivers full site acceleration. On average, websites using Incapsula's CDN are 50% faster and consume 40%-70% less bandwidth.
  • Incapsula’s Layer 7 Load Balancing and Failover balances traffic across multiple web servers directly from the cloud. This allows websites and applications to scale beyond the capacity of a single web server without requiring a local load balancing appliance or virtual appliance.

Over four years ago, Imperva anticipated that the WAF market would be ready to take advantage of cloud delivery models, so the Imperva team invested in Incapsula as a majority owned subsidiary. Imperva intends to bring Incapsula fully in house to allow for scale as the demand for Incapsula technology grows.

Imperva SecureSphere WAF for AWS
The third component of this strategy is Imperva’s new SecureSphere Web Application Firewall version for Amazon Web Services. Similar to Incapsula, this product is primarily for externally facing production applications, but for customers that want to take their on-premise solution to the cloud or that prefer a “do it yourself” model for application security. Enterprise customers are making a strong push to move their customer facing applications to Amazon Web Services so that they can realize significant infrastructure savings by managing load peaks with temporary Amazon capacity. With SecureSphere for AWS, customers can replicate their existing on-premise security controls as they migrate to the cloud.

SecureSphere WAF for AWS was designed to natively take advantage of Amazon Web Services infrastructure. Leveraging Amazon Cloud Formation, WAF instances are created and moved along with the applications they protect, including across Availability Zones, allowing for fast deployment of large enterprise-scale environments with minimal operational overhead. Instances of SecureSphere are created or removed from the deployment following Amazon’s auto-scaling policies. These abstractions can dramatically improve the efficiency of IT and security operations teams.

SecureSphere for AWS has been in limited availability since late 2013 and will be generally available in March 2014.

Imperva expects the acquisitions of Skyfence and Incapsula to close in the first quarter of 2014.

About Imperva
Imperva, pioneering the third pillar of enterprise security, fills the gaps in endpoint and network security by directly protecting high-value applications and data assets in physical and virtual data centers. With an integrated security platform built specifically for modern threats, Imperva data center security provides the visibility and control needed to neutralize attack, theft, and fraud from inside and outside the organization, mitigate risk, and streamline compliance. Over 3,000 customers in more than 75 countries rely on our SecureSphere® platform to safeguard their business. Imperva is headquartered in Redwood Shores, California. Learn more:, our blog, on Twitter.

Forward Looking Statements
This news release contains forward-looking statements, including those regarding our belief that the combination of our SecureSphere for AWS, Skyfence and Incapsula will enable us to offer a comprehensive solution that addresses the dangerous security gaps raised by the move to the cloud; the anticipated benefits to Imperva of the contemplated acquisitions of Skyfence and Incapsula; the expected timing of the completion of the transaction; and the ability to complete the transaction considering the various closing conditions. These forward-looking statements are subject to material risks and uncertainties that could cause actual results to differ materially from those in the forward-looking statements. Investors should consider important risk factors, which include: the risk that Imperva will be unable to successfully integrate Skyfence and Incapsula, the risk that Imperva will have difficulty retaining key employees of Skyfence and Incapsula; the risk that our development expenses are greater than we anticipate; and other risks detailed under the caption “Risk Factors” in the company’s Quarterly Report on Form 10-Q filed with the SEC on November 12, 2013 and the company’s other SEC filings. You can obtain copies of the company’s SEC filings on the SEC’s website at

© 2014 Imperva, Inc. All rights reserved. Imperva, the Imperva logo and SecureSphere are trademarks of Imperva, Inc. All other brand, service or product names are trademarks of their respective companies or owners.


1 Ed Anderson, Lai-ling Lam, Chad Eschinger, Susan Cournoyer, Joanne M. Correia, Laurie F. Wurster, Ruggero Contu, Fabrizio Biscotti, Venecia K Liu, Tom Eid, Chris Pang, Hai Hong Swinehart, Morgan Yeates, Gregor Petri, Warren Bell
Gartner Report, “Forecast Overview: Public Cloud Services, Worldwide, 2011-2016, 4Q12” February 8, 2013

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty ...
In his General Session at DevOps Summit, Asaf Yigal, Co-Founder & VP of Product at, explored the value of Kibana 4 for log analysis and provided a hands-on tutorial on how to set up Kibana 4 and get the most out of Apache log files. He examined three use cases: IT operations, business intelligence, and security and compliance. Asaf Yigal is co-founder and VP of Product at log analytics software company In the past, he was co-founder of social-trading platform Currensee, which...
DevOps is about increasing efficiency, but nothing is more inefficient than building the same application twice. However, this is a routine occurrence with enterprise applications that need both a rich desktop web interface and strong mobile support. With recent technological advances from Isomorphic Software and others, rich desktop and tuned mobile experiences can now be created with a single codebase – without compromising functionality, performance or usability. In his session at DevOps Su...
As organizations realize the scope of the Internet of Things, gaining key insights from Big Data, through the use of advanced analytics, becomes crucial. However, IoT also creates the need for petabyte scale storage of data from millions of devices. A new type of Storage is required which seamlessly integrates robust data analytics with massive scale. These storage systems will act as “smart systems” provide in-place analytics that speed discovery and enable businesses to quickly derive meaningf...
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
In his General Session at 17th Cloud Expo, Bruce Swann, Senior Product Marketing Manager for Adobe Campaign, explored the key ingredients of cross-channel marketing in a digital world. Learn how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects).
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new da...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
We all know that data growth is exploding and storage budgets are shrinking. Instead of showing you charts on about how much data there is, in his General Session at 17th Cloud Expo, Scott Cleland, Senior Director of Product Marketing at HGST, showed how to capture all of your data in one place. After you have your data under control, you can then analyze it in one place, saving time and resources.
In recent years, at least 40% of companies using cloud applications have experienced data loss. One of the best prevention against cloud data loss is backing up your cloud data. In his General Session at 17th Cloud Expo, Sam McIntyre, Partner Enablement Specialist at eFolder, presented how organizations can use eFolder Cloudfinder to automate backups of cloud application data. He also demonstrated how easy it is to search and restore cloud application data using Cloudfinder.
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessi...
The Internet of Everything is re-shaping technology trends–moving away from “request/response” architecture to an “always-on” Streaming Web where data is in constant motion and secure, reliable communication is an absolute necessity. As more and more THINGS go online, the challenges that developers will need to address will only increase exponentially. In his session at @ThingsExpo, Todd Greene, Founder & CEO of PubNub, exploreed the current state of IoT connectivity and review key trends and t...
As organizations shift towards IT-as-a-service models, the need for managing & protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection & E-Discovery of your data - whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise.