Welcome!

News Feed Item

Imperva to Acquire Incapsula and Skyfence; Introduces SecureSphere WAF for Amazon Web Services

Imperva, Inc. (NYSE: IMPV), pioneering the third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual data centers, today announced the company has agreed to acquire cloud security gateway startup Skyfence and has an agreement in principle to acquire the remaining shares of cloud-based web application security company Incapsula. Imperva also announced today the release of SecureSphere Web Application Firewall (WAF) for Amazon Web Services (AWS). The combination of these extends Imperva’s comprehensive data center security strategy across the cloud with solutions that are unmatched in the industry.

“Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognized that cloud delivery would change the web application security landscape,” said Shlomo Kramer, CEO of Imperva. “In the case of Skyfence, we believe that Software as a Service (SaaS) delivery models for internally facing corporate applications will substantially change the landscape for data center security and compliance. We are investing in this space early to put us in the best position possible to help new and existing customers.”

Gartner predicts global spending on public cloud services will grow from $155B in 2014 to $210B in 20161. As cloud adoption accelerates, enterprises are prioritizing how to integrate and migrate existing systems, from Enterprise Resource Planning (ERP) to Customer Relationship Management (CRM) systems, to cloud-based platforms. Cloud services often run critical applications and store business-critical data, but the majority of existing security controls do not cover the range of different cloud deployments because they were designed for on-premise applications.

“For some time now, we’ve seen our customers take advantage of cloud-based services to reduce costs and increase flexibility. However, moving applications and data off-premise causes new and very significant risk exposure for organizations,” said Mark Kraynak, Senior Vice President, Worldwide Marketing, Imperva. “The strategy we are unveiling today comprehensively addresses the dangerous security gaps raised by the move to the cloud.”

Imperva’s strategy covers security gaps with multiple cloud deployment models. For internally facing corporate applications, the move to the cloud obviates traditional on-premise activity monitoring and security solutions. To fill this gap, Skyfence delivers a cloud gateway that provides a comprehensive security and compliance stack. For externally facing production applications, the cloud is changing deployment in two ways. Some customers prefer a SaaS model for WAF delivery. Incapsula directly meets that need with an application-aware global CDN platform that provides best-of-breed security, DDoS protection, load balancing, and failover solutions. Other customers prefer an Infrastructure as a Service (IaaS) model by which they can leverage the economies of scale of their cloud provider to realize significant cost savings. For these customers, SecureSphere for AWS allows them to move their applications without sacrificing security.

Imperva Skyfence
The first component of Imperva’s strategy is the agreement to acquire Skyfence. Skyfence protects the internal corporate applications, like employee- and back office-oriented applications that are moving to SaaS delivery models. Despite being internal, these applications allow access from the internet, which exposes them to the vulnerabilities intrinsic to public facing applications. This also creates security challenges and regulatory and compliance challenges as it moves responsibility for housing the data to a third party.

Skyfence has developed a solution providing real time visibility and control over corporate use of SaaS applications, which enforces security policy, protects sensitive data from external and inside threats, and ensures compliance with standards. Skyfence uses proprietary network traffic analysis and Dynamic User Fingerprinting technology to profile normal user behavior and detect anomalies that could indicate cyber-attacks or inside threats. Through a single, central gateway, the solution provides organizations with the power to discover all of the cloud assets that are in use and to uniformly enforce security and compliance policies in addition to controlling user access to sensitive data, privileged user activity and API access to the service.

There are three main customer challenges driving the need for Skyfence:

  • Managing Compliance in the Cloud – Skyfence generates an audit trail of all user access ranging from login events to a full activity log and enables enforcement of the necessary separation of duties between the SaaS administrator and IT security. Administrators can generate activity reports for both internal and external compliance audits and exposure reports for forensic analysis.
  • Controlling “Shadow IT” – Skyfence will automatically detect cloud applications that are used without corporate approval and provides risk scores and usage metrics.
  • Cyber Intrusion Prevention – The weakest link in many cloud applications’ security is the abuse of legitimate user accounts. Skyfence identifies and protects against account-centric attacks including account takeovers, man-in-the-middle attacks, DNS poisoning, and brute force attacks.

Imperva Incapsula
The second component of this strategy is our agreement in principle to purchase of the remaining stake in Incapsula to deliver security for external facing production applications like online banking, online gaming, and retail applications. Through an application-aware global Cloud Delivery Network (CDN) platform, Incapsula provides websites and web applications with best-of-breed security, DDoS protection, load balancing, and failover solutions, available as standalone services or as an integrated solution.

  • Incapsula's enterprise-grade PCI-certified WAF protects customers’ websites or applications so that they are secure and available. Based on Imperva’s industry-leading technology and experience and using a SaaS approach, Incapsula's security experts protect customers against new and emerging threats.
  • Incapsula DDoS applies mitigation outside of a customer’s network, meaning that only filtered traffic reaches the host. Incapsula maintains an extensive DDoS threat knowledgebase, which includes new and emerging attack methods. This constantly-updated information is aggregated across the entire network, identifying new threats as they emerge, detecting known malicious users, and applying remedies in real-time across all Incapsula-protected websites.
  • Incapsula’s CDN is a powerful network of data centers located around the world that delivers full site acceleration. On average, websites using Incapsula's CDN are 50% faster and consume 40%-70% less bandwidth.
  • Incapsula’s Layer 7 Load Balancing and Failover balances traffic across multiple web servers directly from the cloud. This allows websites and applications to scale beyond the capacity of a single web server without requiring a local load balancing appliance or virtual appliance.

Over four years ago, Imperva anticipated that the WAF market would be ready to take advantage of cloud delivery models, so the Imperva team invested in Incapsula as a majority owned subsidiary. Imperva intends to bring Incapsula fully in house to allow for scale as the demand for Incapsula technology grows.

Imperva SecureSphere WAF for AWS
The third component of this strategy is Imperva’s new SecureSphere Web Application Firewall version for Amazon Web Services. Similar to Incapsula, this product is primarily for externally facing production applications, but for customers that want to take their on-premise solution to the cloud or that prefer a “do it yourself” model for application security. Enterprise customers are making a strong push to move their customer facing applications to Amazon Web Services so that they can realize significant infrastructure savings by managing load peaks with temporary Amazon capacity. With SecureSphere for AWS, customers can replicate their existing on-premise security controls as they migrate to the cloud.

SecureSphere WAF for AWS was designed to natively take advantage of Amazon Web Services infrastructure. Leveraging Amazon Cloud Formation, WAF instances are created and moved along with the applications they protect, including across Availability Zones, allowing for fast deployment of large enterprise-scale environments with minimal operational overhead. Instances of SecureSphere are created or removed from the deployment following Amazon’s auto-scaling policies. These abstractions can dramatically improve the efficiency of IT and security operations teams.

SecureSphere for AWS has been in limited availability since late 2013 and will be generally available in March 2014.

Imperva expects the acquisitions of Skyfence and Incapsula to close in the first quarter of 2014.

About Imperva
Imperva, pioneering the third pillar of enterprise security, fills the gaps in endpoint and network security by directly protecting high-value applications and data assets in physical and virtual data centers. With an integrated security platform built specifically for modern threats, Imperva data center security provides the visibility and control needed to neutralize attack, theft, and fraud from inside and outside the organization, mitigate risk, and streamline compliance. Over 3,000 customers in more than 75 countries rely on our SecureSphere® platform to safeguard their business. Imperva is headquartered in Redwood Shores, California. Learn more: www.imperva.com, our blog, on Twitter.

Forward Looking Statements
This news release contains forward-looking statements, including those regarding our belief that the combination of our SecureSphere for AWS, Skyfence and Incapsula will enable us to offer a comprehensive solution that addresses the dangerous security gaps raised by the move to the cloud; the anticipated benefits to Imperva of the contemplated acquisitions of Skyfence and Incapsula; the expected timing of the completion of the transaction; and the ability to complete the transaction considering the various closing conditions. These forward-looking statements are subject to material risks and uncertainties that could cause actual results to differ materially from those in the forward-looking statements. Investors should consider important risk factors, which include: the risk that Imperva will be unable to successfully integrate Skyfence and Incapsula, the risk that Imperva will have difficulty retaining key employees of Skyfence and Incapsula; the risk that our development expenses are greater than we anticipate; and other risks detailed under the caption “Risk Factors” in the company’s Quarterly Report on Form 10-Q filed with the SEC on November 12, 2013 and the company’s other SEC filings. You can obtain copies of the company’s SEC filings on the SEC’s website at www.sec.gov.

© 2014 Imperva, Inc. All rights reserved. Imperva, the Imperva logo and SecureSphere are trademarks of Imperva, Inc. All other brand, service or product names are trademarks of their respective companies or owners.

____________

1 Ed Anderson, Lai-ling Lam, Chad Eschinger, Susan Cournoyer, Joanne M. Correia, Laurie F. Wurster, Ruggero Contu, Fabrizio Biscotti, Venecia K Liu, Tom Eid, Chris Pang, Hai Hong Swinehart, Morgan Yeates, Gregor Petri, Warren Bell
Gartner Report, “Forecast Overview: Public Cloud Services, Worldwide, 2011-2016, 4Q12” February 8, 2013

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Peak 10, Inc., a national IT infrastructure and cloud services provider, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Peak 10 provides reliable, tailored data center and network services, cloud and managed services. Its solutions are designed to scale and adapt to customers’ changing business needs, enabling them to lower costs, improve performance and focus intern...
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point where organizations begin to see maximum value is when they implement tight integration deploying their code to their infrastructure. Success at this level is the last barrier to at-will deployment. Storage, for instance, is more capable than where we read and write data. In his session at @DevOpsSummit at 20th Cloud Expo, Josh Atwell, a Developer Advocate for NetApp, will discuss the role and valu...
SYS-CON Events announced today that Twistlock, the leading provider of cloud container security solutions, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Twistlock is the industry's first enterprise security suite for container security. Twistlock's technology addresses risks on the host and within the application of the container, enabling enterprises to consistently enforce security policies, monitor...
This talk centers around how to automate best practices in a multi-/hybrid-cloud world based on our work with customers like GE, Discovery Communications and Fannie Mae. Today’s enterprises are reaping the benefits of cloud computing, but also discovering many risks and challenges. In the age of DevOps and the decentralization of IT, it’s easy to over-provision resources, forget that instances are running, or unintentionally expose vulnerabilities.
Everywhere we turn in our industry we can find strong opinions about the direction, type and nature of cloud’s impact on computing and business. Another word that is used in every context in our industry is “hybrid.” In his session at 20th Cloud Expo, Alvaro Gonzalez, Director of Technical, Partner and Field Marketing at Peak 10, will use a combination of a few conceptual props and some research recently commissioned by Peak 10 to offer a real-world consideration of how the various categories of...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In his Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, will explore t...
Five years ago development was seen as a dead-end career, now it’s anything but – with an explosion in mobile and IoT initiatives increasing the demand for skilled engineers. But apart from having a ready supply of great coders, what constitutes true ‘DevOps Royalty’? It’ll be the ability to craft resilient architectures, supportability, security everywhere across the software lifecycle. In his keynote at @DevOpsSummit at 20th Cloud Expo, Jeffrey Scheaffer, GM and SVP, Continuous Delivery Busine...
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
SYS-CON Events announced today that SoftLayer, an IBM Company, has been named “Gold Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. SoftLayer, an IBM Company, provides cloud infrastructure as a service from a growing number of data centers and network points of presence around the world. SoftLayer’s customers range from Web startups to global enterprises.
The 21st International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
Multiple data types are pouring into IoT deployments. Data is coming in small packages as well as enormous files and data streams of many sizes. Widespread use of mobile devices adds to the total. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will look at the tools and environments that are being put to use in IoT deployments, as well as the team skills a modern enterprise IT shop needs to keep things running, get a handle on all this data, and deli...
While some vendors scramble to create and sell you a fancy solution for monitoring your spanking new Amazon Lambdas, hear how you can do it on the cheap using just built-in Java APIs yourself. By exploiting a little-known fact that Lambdas aren’t exactly single threaded, you can effectively identify hot spots in your serverless code. In his session at 20th Cloud Expo, David Martin, Principal Product Owner at CA Technologies, will give a live demonstration and code walkthrough, showing how to ov...
SYS-CON Events announced today that Systena America will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Systena Group has been in business for various software development and verification in Japan, US, ASEAN, and China by utilizing the knowledge we gained from all types of device development for various industries including smartphones (Android/iOS), wireless communication, security technology and IoT serv...
SYS-CON Events announced today that Loom Systems will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Founded in 2015, Loom Systems delivers an advanced AI solution to predict and prevent problems in the digital business. Loom stands alone in the industry as an AI analysis platform requiring no prior math knowledge from operators, leveraging the existing staff to succeed in the digital era. With offices in S...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend @CloudExpo | @ThingsExpo, June 6-8, 2017, at the Javits Center in New York City, NY and October 31 - November 2, 2017, Santa Clara Convention Center, CA. Learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.