Imperva API Security

Additional Info

Company size (employees)1,000 to 4,999
Headquarters RegionNorth America
Type of solutionSoftware


APIs are a ripe target for cybercriminals because they act as a pathway for attackers to reach the underlying infrastructure and data layer. What’s more, security teams often don’t have visibility into the APIs that DevOps teams are creating or deploying, making them a blindspot. Imperva API Security takes an entirely different approach to solving this growing challenge by putting the focus on API discovery and data classification. By doing so, Imperva API Security empowers customers to protect critical applications and infrastructure from online fraud, API abuses, and DDoS attacks.

Imperva API Security provides continuous protection of all APIs. The product enables deep discovery and classification of sensitive data to detect all public, private and shadow APIs. Through machine learning and automation, Imperva API Security continuously detects and classifies changes to the API in production, identifying potential risks. Most importantly, the product automatically discovers each API’s full schema while identifying and classifying the data that flows through it. This enables organizations to treat API security as a direct extension of their strategy for securing sensitive data.

The product mitigates the risk of data breaches and data leakage by uncovering shadow APIs, and suggests remediation for software developers and security administrators. Simply knowing how many APIs you have in your environment isn’t enough. With the focus on protecting the underlying data, Imperva API Security is designed to help security and development teams work cooperatively without altering code or slowing down the development lifecycle.

How we are different

- Positive security model built from OpenAPI specifications: Imperva API Security protects your APIs against critical security attacks with enforcement of a positive security model, built from your own API inventory. This helps to remove the burden of API specification validation on developers and the load on your application in runtime.

- In-depth protection against OWASP API Top 10: Imperva API Security also protects against the latest Open Web Application Security Project (OWASP) API Security Top 10 as developers build microservices and APIs across different environments.

- Shift left by empowering developers with real-time insight into API behavior. By aligning with DevOps and other modern development practices, security teams can offer agile quality assurance services as the code moves through the CI/CD pipeline. Imperva API Security helps organizations solve for the challenge of mitigating busines logic and object level attacks, which are among the most complex threats to mitigate. The product is a direct extension of an organization’s strategy for securing sensitive data. Imperva API Security automatically discovers each API’s full schema while identifying and classifying the data that flows through it.