2025-07-24, Thu.

Top Stories       Business       Culture & Life       Science & Technology       World

Lecture

Notification

 

NEWS > Science & Technology


Imperva Application Security Integrates API Detection and Response, Setting A New Standard in API Security

First unified, single-pane-of-glass platform to deliver real-time detection and mitigation of API threats, including Broken Object Level Authorization (BOLA) and other advanced business logic threats
Date: 2025-07-10

MEUDON, FRANCE -- Thales announced new detection and response capabilities in the Imperva Application Security platform to protect against business logic attacks, such as Broken Object Level Authorization (BOLA) - the leading threat in the OWASP API Security Top 10. By integrating real-time detection with automated mitigation of risky APIs, BOLA attacks, unauthenticated APIs, and deprecated APIs, Imperva Application Security platform delivers comprehensive protection against unauthorized data exposure and other complex business logic vulnerabilities across cloud and on-premises environments.

APIs have become the backbone of modern applications, enabling businesses to seamlessly connect services, optimize operations, and deliver personalized experiences at scale. According to Imperva Threat Research, APIs accounted for 71% of all web traffic. More recently, the team observed a sharp rise in API-directed attacks, with 44% of advanced bot traffic targeting APIs, compared to just 10% targeting web applications. This shift underscores how attackers are increasingly exploiting API endpoints that manage sensitive and high-value data.

Why BOLA is a Critical Business Risk

BOLA occurs when APIs fail to properly verify whether users are authorized to access specific data objects. This allows attackers to manipulate requests and gain unauthorized access to sensitive information. As the leading OWASP Top 10 API threat, BOLA exposes businesses to significant risks, including data breaches, compliance failures, and loss of customer trust.

“API security is no longer optional - it’s fundamental to maintaining business continuity and trust,” said Tim Chang, Global Vice President and General Manager of Application Security at Thales. “Imperva Application Security bridges the gap by delivering a fully unified platform that identifies business logic threats and actively blocks malicious sessions, setting a new benchmark for API protection.”

Empowering Enterprises with a Unified, Flexible, and Privacy-First Solution

Imperva Application Security integrates advanced threat detection engines with automated inline responses and flexible deployment options, enabling security teams to detect and respond to API attacks like BOLA without slowing development or disrupting the user experience. For customers who want to protect their API infrastructure, Imperva Application Security delivers the following benefits:

·Unified Platform Architecture: Manage API discovery, risk assessment, detection, and mitigation in a single console, eliminating tool sprawl and operational friction across cloud and on-premises environments.
·Real-Time BOLA Detection: Hybrid behavioral and rule-based engines analyze API request patterns, scoring anomalies, and flagging endpoints for immediate action.
·Automated Response and Remediation: Integration with Imperva Cloud WAF and WAF Gateway enables a variety of response actions, including inline mitigation actions such as automatically blocking malicious API traffic in real-time. Integration with security automation tools ensures rapid incident orchestration.

Advancing the Imperva Security Anywhere Vision

The integration of API detection and response into Imperva Application Security is foundational to the Imperva Security Anywhere vision, which provides scalable, end-to-end protection for applications and APIs across any environment. This unified solution provides enterprises with a comprehensive view of automated threats targeting APIs and the necessary tools to protect those APIs.

Detection and response to deprecated APIs, unauthenticated APIs, and BOLA attacks are now available as part of Imperva Application Security.

 to the Top List of News
LG Expands Into Smart Logistics, Building on Lighthouse Factory Expertise
Biocytogen Enters into Antibody Licensing Agreement with BeOne Medicines to Accelerate Innovative Drug Development
DNP to Take Controlling-Stake in Laxton
1GLOBAL and Odido Redefine On-Demand 5G Connectivity With SimWallet
METAZ at Aptos Horizon, Osaka: A Successful Web3 Debut
Sinovac Shareholders Vote to Remove Current Directors and Elect SAIF Partners Nominees to Board at Special Meeting
LG Acquires Premium Water Heating Solutions Provider OSO to Strengthen HVAC Portfolio

 
Invivoscribe Expands Flow Cytometry to Accelerate CAR-T Development Wi...
Tecnotree Recognized in Two 2025 Gartner¢ç Hype Cycle¢â Reports
Parse-Enabled Study Maps Neuronal Pathways with Potential Implications...
Zycus Named a LEADER in 2025 IDC MarketScape for Source-to-Pay
Revolutionizing Healthcare: Ubitus and MacKay Memorial Hospital Presen...
LambdaTest Enables Playwright Testing on iOS Real Devices to Enhance M...
Brightcove Unveils Its New Vision for the Future of Video Engagement, ...
SiPearl: Final closing of ¢æ130m Series A with Cathay Venture (Taiwan)...
Omdia: Nintendo Switch 2 to Drive Gaming Console Display Shipments up ...
Vanderbilt Selects Parse Biosciences GigaLab to Generate Atlas of Earl...

 

 

60, Gamasanro 27gil, Guro-gu, Seoul, Korea, e-mail: news@newsji.com

Copyright, NEWSJI NETWORK.