Imperva Application Security Integrates API Detection and Response, Setting A New Standard in API Security
MEUDON, France--(BUSINESS WIRE)-- Thales today announced new detection and response capabilities in the Imperva Application Security platform to protect against business logic attacks, such as Broken Object Level Authorization (BOLA) – the leading threat in the OWASP API Security Top 10. By integrating real-time detection with automated mitigation of risky APIs, BOLA attacks, unauthenticated APIs, and deprecated APIs, Imperva Application Security platform delivers comprehensive protection against unauthorized data exposure and other complex business logic vulnerabilities across cloud and on-premises environments.
APIs have become the backbone of modern applications, enabling businesses to seamlessly connect services, optimize operations, and deliver personalized experiences at scale. According to Imperva Threat Research, APIs accounted for 71% of all web traffic. More recently, the team observed a sharp rise in API-directed attacks, with 44% of advanced bot traffic targeting APIs, compared to just 10% targeting web applications. This shift underscores how attackers are increasingly exploiting API endpoints that manage sensitive and high-value data.
Why BOLA is a Critical Business Risk
BOLA occurs when APIs fail to properly verify whether users are authorized to access specific data objects. This allows attackers to manipulate requests and gain unauthorized access to sensitive information. As the leading OWASP Top 10 API threat, BOLA exposes businesses to significant risks, including data breaches, compliance failures, and loss of customer trust.
'API security is no longer optional – it's fundamental to maintaining business continuity and trust,' said Tim Chang, Global Vice President and General Manager of Application Security at Thales. 'Imperva Application Security bridges the gap by delivering a fully unified platform that identifies business logic threats and actively blocks malicious sessions, setting a new benchmark for API protection.'
Empowering Enterprises with a Unified, Flexible, and Privacy-First Solution
Imperva Application Security integrates advanced threat detection engines with automated inline responses and flexible deployment options, enabling security teams to detect and respond to API attacks like BOLA without slowing development or disrupting the user experience. For customers who want to protect their API infrastructure, Imperva Application Security delivers the following benefits:
Unified Platform Architecture: Manage API discovery, risk assessment, detection, and mitigation in a single console, eliminating tool sprawl and operational friction across cloud and on-premises environments.
Real-Time BOLA Detection: Hybrid behavioral and rule-based engines analyze API request patterns, scoring anomalies, and flagging endpoints for immediate action.
Automated Response and Remediation: Integration with Imperva Cloud WAF and WAF Gateway enables a variety of response actions, including inline mitigation actions such as automatically blocking malicious API traffic in real-time. Integration with security automation tools ensures rapid incident orchestration.
Advancing the Imperva Security Anywhere Vision
The integration of API detection and response into Imperva Application Security is foundational to the Imperva Security Anywhere vision, which provides scalable, end-to-end protection for applications and APIs across any environment. This unified solution provides enterprises with a comprehensive view of automated threats targeting APIs and the necessary tools to protect those APIs.
Detection and response to deprecated APIs, unauthenticated APIs, and BOLA attacks are now available as part of Imperva Application Security.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.
The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.
Thales Group
Cybersecurity Solutions | Thales Group
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Business Wire
4 hours ago
- Business Wire
Aurinia Pharmaceuticals to Host Conference Call to Discuss AUR200 Phase 1 Study Results on June 30, 2025
ROCKVILLE, Md. & EDMONTON, Alberta--(BUSINESS WIRE)--Aurinia Pharmaceuticals Inc. (NASDAQ: AUPH) today announced that it will host a webcast and conference call on June 30, 2025, at 8:30 a.m. ET to discuss AUR200 Phase 1 study results. The link to the webcast is available here. To join the conference call, please dial 877-407-9170/+1 201-493-6756. Click here for participant International Toll-Free access numbers. A replay of the webcast will be available on Aurinia's website. About Aurinia Aurinia is a biopharmaceutical company focused on delivering therapies to people living with autoimmune diseases with high unmet medical needs. In January 2021, the Company introduced LUPKYNIS ® (voclosporin), the first FDA-approved oral therapy for the treatment of adult patients with active lupus nephritis. Aurinia is also developing AUR200, a dual inhibitor of B cell-activating factor (BAFF) and a proliferation-inducing ligand (APRIL) for the potential treatment of autoimmune diseases.
Business Wire
2 days ago
- Business Wire
Rocket Lab Completes Record Launch Turnaround From Launch Complex 1, Successfully Deploys 68 th Electron Mission
MAHIA, New Zealand--(BUSINESS WIRE)--Rocket Lab Corporation (Nasdaq: RKLB) ('Rocket Lab' or 'the Company'), a global leader in launch services and space systems, today successfully launched its 68th Electron rocket to deploy a single satellite to space for a confidential commercial customer. The mission was the second of two launches from the same launch site in less than 48 hours, a new launch record for the Company as it continues to deliver dedicated, repeatable and reliable access to space for satellite operators. The 'Symphony In The Stars' mission lifted-off from Rocket Lab Launch Complex 1 in Mahia, New Zealand on June 28 th (7:08 p.m./07:08 UTC) to deploy a single spacecraft to a 650km circular Earth orbit. The mission was the first of two dedicated launches for the new customer on Electron booked less than four months ago, with a second mission scheduled before the end of 2025. Rocket Lab has now completed four launches in June for commercial satellite constellation operators, underscoring Electron's consistent performance and rapid deployment capabilities as the world's leading small launcher: the 'Full Stream Ahead' mission on June 3 rd; 'The Mountain God Guards' mission on June 11 th; 'Get The Hawk Outta Here' launched on June 26 th UTC, and today's 'Symphony In The Stars' mission. Rocket Lab Founder and CEO, Sir Peter Beck, says: 'Electron has demonstrated once again that it is the gold standard for responsive and reliable space access for small satellites. The future of space is built on proven performance, and Electron continues to deliver against a stacked launch manifest this year. Congratulations to the team on achieving its fastest launch turnaround yet between two missions from Launch Complex 1. This launch was also a quick-turn mission to meet our customer's mission requirements, and we're looking forward to doing it again later this year.' 'Symphony In The Stars' was Rocket Lab's tenth Electron mission of 2025 and its 68th launch overall. With 100% mission success so far this year, Electron continues to deliver reliable deployment amid an increasing launch cadence and rapid contract-to-launch timelines. Launch images: About Rocket Lab Founded in 2006, Rocket Lab is an end-to-end space company with an established track record of mission success. We deliver reliable launch services, satellite manufacture, spacecraft components, and on-orbit management solutions that make it faster, easier, and more affordable to access space. Headquartered in Long Beach, California, Rocket Lab designs and manufactures the Electron small orbital launch vehicle, a family of spacecraft platforms, and the Company is developing the large Neutron launch vehicle for constellation deployment. Since its first orbital launch in January 2018, Rocket Lab's Electron launch vehicle has become the second most frequently launched U.S. rocket annually and has delivered over 200 satellites to orbit for private and public sector organizations, enabling operations in national security, scientific research, space debris mitigation, Earth observation, climate monitoring, and communications. Rocket Lab's spacecraft platforms have been selected to support NASA missions to the Moon and Mars, as well as the first private commercial mission to Venus. Rocket Lab has three launch pads at two launch sites, including two launch pads at a private orbital launch site located in New Zealand and a third launch pad in Virginia. Forward Looking Statements This press release contains forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. We intend such forward-looking statements to be covered by the safe harbor provisions for forward looking statements contained in Section 27A of the Securities Act of 1933, as amended (the 'Securities Act') and Section 21E of the Securities Exchange Act of 1934, as amended (the 'Exchange Act'). All statements contained in this press release other than statements of historical fact, including, without limitation, statements regarding our launch and space systems operations, launch schedule and window, safe and repeatable access to space, Neutron development, operational expansion and business strategy are forward-looking statements. The words 'believe,' 'may,' 'will,' 'estimate,' 'potential,' 'continue,' 'anticipate,' 'intend,' 'expect,' 'strategy,' 'future,' 'could,' 'would,' 'project,' 'plan,' 'target,' and similar expressions are intended to identify forward-looking statements, though not all forward-looking statements use these words or expressions. These statements are neither promises nor guarantees, but involve known and unknown risks, uncertainties and other important factors that may cause our actual results, performance or achievements to be materially different from any future results, performance or achievements expressed or implied by the forward-looking statements, including but not limited to the factors, risks and uncertainties included in our Annual Report on Form 10-K for the fiscal year ended December 31, 2024, as such factors may be updated from time to time in our other filings with the Securities and Exchange Commission (the 'SEC'), accessible on the SEC's website at and the Investor Relations section of our website at which could cause our actual results to differ materially from those indicated by the forward-looking statements made in this press release. Any such forward-looking statements represent management's estimates as of the date of this press release. While we may elect to update such forward-looking statements at some point in the future, we disclaim any obligation to do so, even if subsequent events cause our views to change.
Business Wire
2 days ago
- Business Wire
KBRA Releases Research – Potential OBBBA Implications for Litigation Finance ABS
NEW YORK--(BUSINESS WIRE)--KBRA releases research examining the potential implications for litigation finance ABS stemming from proposed measures under the Tackling Predatory Litigation Funding Act (TPLFA), which is currently included in the U.S. Senate's One Big Beautiful Bill Act (OBBBA). Litigation finance has a long history and, in recent years, has established itself as a niche segment in the asset-backed securities (ABS) market. However, the TPLFA could significantly alter the economics of this evolving structured finance asset class, as it proposes substantial new taxes on profits from third-party litigation funding. Litigation finance ABS transactions, which are typically backed by nonrecourse advances to plaintiffs in personal injury and other civil cases, could face meaningful structural and liquidity challenges if the legislation is enacted. Click here to view the report. Related Publication Litigation Finance ABS: Not Settling for Less About KBRA KBRA, one of the major credit rating agencies, is registered in the U.S., EU, and the UK. KBRA is recognized as a Qualified Rating Agency in Taiwan, and is also a Designated Rating Organization for structured finance ratings in Canada. As a full-service credit rating agency, investors can use KBRA ratings for regulatory capital purposes in multiple jurisdictions. Doc ID: 1010181
