Gartner MQ for Web App Firewall Webinar
-
Upload
imperva -
Category
Technology
-
view
729 -
download
0
Transcript of Gartner MQ for Web App Firewall Webinar
© 2016 Imperva, Inc. All rights reserved.
2016 Gartner MQ for Web Application Firewall (WAF)Results and Customer Insights
Terry Ray, Chief Product Strategist, Imperva
© 2016 Imperva, Inc. All rights reserved. Confidential2
Speaker and Customer Panel
Terry Ray,Chief Product Strategist,Imperva, Inc.
Ryan McElrath,Chief Technology Officer,americaneagle.com
Michael Boucher,Director, Information Risk ManagementFTD, Inc.
Richard Kim,Application Security Engineer,Kellogg Company
© 2016 Imperva, Inc. All rights reserved.3
Agenda
• Gartner MQ Results • Gartner Market Definition, Market Trends• Imperva Solution and Vision• Customer Insights • Conclusions
4 © 2015 Imperva, Inc. All rights reserved.
Web Application Firewalls
2016 Gartner MQ Results1
5 © 2016 Imperva, Inc. All rights reserved.
THE ONLY LEADER
THREE CONSECUTIVE YEARS
2016 Gartner Magic Quadrant for
Web Application Firewalls
Gartner “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Claudio Neiva, 19 July 2016.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Imperva. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
© 2016 Imperva, Inc. All rights reserved. Confidential6
Gartner WAF Market DefinitionProtects public or internal web applications against a variety of attacks, when the
applications are deployed on-premises or in cloud infrastructure
Q1: What business problems are you addressing with the Imperva WAF? How long have you been an Imperva customer?
Source: Graphics created by Imperva based on Gartner report: “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Claudio Neiva, 19 July 2016.
Web Application Firewall
• Purpose-built physical/virtual appliances
• Modules embedded in App Delivery Controllers
• Virtual appliance in cloud Infrastructure (IaaS)
• Cloud-based managed service (SaaS)
Adjacent Technologies
• API gateway, Bot management
• Application Self Testing (AST), DB monitoring
• Security Information and Event Mgmt. (SIEM)
• Runtime Application Self Protection (RASP)
© 2016 Imperva, Inc. All rights reserved. Confidential7
Gartner WAF Market OverviewWW Market Size in 2015 is $516M growing at 21%
Q2: What are your top 3 WAF use cases in your current Imperva WAF deployment? What other use-cases you are planning to enable in the near future?
Source: Graphics created by Imperva based on Gartner report: “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Claudio Neiva, 19 July 2016.
Basic WAF use-cases:• OWASP Top-10 blocking• IP Reputation based blocking• Virtual Patching• SIEM integration• On-premise and cloud app protection
NextGen WAF use-cases:• Policies derived from application profiling• Bot mitigation with DDoS and CDN• Alerting/reporting for security analysts• Unified mgmt. for SaaS and On-premises• Mobile application security (API)
© 2016 Imperva, Inc. All rights reserved. Confidential8
Why Customers Choose Imperva Over Other WAF Solutions
Q3: What are your main reasons for choosing Imperva WAF?
• Highest Accuracy of Detection
• Most Comprehensive Protection
• Broadest Deployment Options
• Seamless integration with Security Operations
• Simplified management for Enterprise Scalability
© 2016 Imperva, Inc. All rights reserved. Confidential9
Gartner Market Trends – WAF Moving to the Cloud with the Apps
Web Servers
WAF
On-Premises
Q4: What are your top concerns when moving or considering to move your apps to the cloud?
Source: Graphics created by Imperva based on Gartner report: “Magic Quadrant for Web Application Firewalls” by Jeremy D'Hoinne, Adam Hils, Claudio Neiva, 19 July 2016.
2016
2020
75%
30%
Cloud-based WAF Cloud Infrastructures
Cloud
25%
70%
10 © 2015 Imperva, Inc. All rights reserved.
Web Application Firewalls
Imperva Solution and Vision2
11 © 2016 Imperva, Inc. All rights reserved. Confidential
Targeted Attacks
Access Control
Logic Attacks
Application Profile
Generic Attacks
Reputation and BotsDDoS
Imperva Hybrid WAF – Functional ViewHigh Operational Risk
Power of ManyHigh Security RiskSpecialized Policy
© 2016 Imperva, Inc. All rights reserved. Confidential12
Imperva Vision: SecureSphere WAFMarket Trends
Fraud& functional
abuse is becoming common
Attack automation is dramatically
increasing
Underlying application
protocols are changing
Cloud Adoption is accelerating
DevOps methodology is
being embraced in leading enterprises
© 2016 Imperva, Inc. All rights reserved. Confidential13
Imperva Vision: IncapsulaMarket Trends
DDoS attacks breaking records
CDNs morphing into application delivery clouds
CISOs focus on high risk
attacks
Customers want to improve agility
and coverage
Q5: What other application security challenges do you see in the future?
14 © 2015 Imperva, Inc. All rights reserved.
Web Application Security
Imperva WAF Solutions - Summary3
© 2016 Imperva, Inc. All rights reserved.15
Imperva Web Application Security
Highest Accuracy of detection of both technical and automated attacks, with customizable policies and correlation of multiple attack conditions
Broadest Deployment Options – on-premises, in cloud (AWS/Azure), out-of-band/in-line, transparent-bridge, and reverse proxy
In-depth Threat Intelligence crowdsourced from customers worldwide and curated by Imperva Defense Center (research team)
Comprehensive Protection including IP Reputation, Bot mitigation, Account Takeover protection, and Fraud Prevention services
Cloud-based DDoS, WAF content delivery network provides network DDoS protection, load balancing and web app. protection
Access Control and Bot Mitigation blocks unwanted IP’s, geo-locations, automated attackers, bad bots, scrapers, spammers
© 2016 Imperva, Inc. All rights reserved. Confidential16
Q & A: Speaker and Customer Panel
Terry Ray,Chief Product Strategist,Imperva, Inc.
Ryan McElrath,Chief Technology Officer,americaneagle.com
Michael Boucher,Director, Information Risk ManagementFTD, Inc.
Richard Kim,Application Security Engineer,Kellogg Company
© 2016 Imperva, Inc. All rights reserved. Confidential17
Web Application Firewall Resources