Incapsula

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Imperva Incapsula
FoundedNovember 2009 (2009-11)
FounderGur Shatz[1]
Marc Gaffan[2]
Headquarters,
Key people
Chris Hylen, CEO, Imperva[3]
ServicesWebsite Performance
Security as a Service[4]
ParentImperva
Websitewww.imperva.com

Imperva Incapsula is an American cloud-based application delivery platform. It uses a global content delivery network to provide web application security, DDoS mitigation, content caching, application delivery, load balancing and failover services.[2]

History[edit]

Incapsula was founded in 2009 by Gur Shatz and Marc Gaffan.[5][better source needed] The company has its origins in Imperva (NYSE:IMPV), an American-based cyber security firm which owned 85% of Incapsula.[2] It was spun out from Imperva in 2009. While reported to be growing at a rate of between 50%, 76% and 102% per quarter as of August 2013, the company lost over $1.7 million in the second quarter of that same year.[2] In February 2014[citation needed] Imperva bought the remaining part of Incapsula and it became a product line within the parent company.

In October 2013 Incapsula was credited with having protected against one of the Internet's largest attacks on a website. The September 24, 2013 attack was said to have lasted nine hours with 100Gbit/s of traffic at its peak.[6] The attack was against BTC China, a bitcoin and yuan trading platform.[7]

In December 2016 Incapsula reported that it had defended against the largest DDoS attack then recorded, which peaked at over 650Gbit/s and 200Mpps.[non-primary source needed]

Service and features[edit]

Incapsula has multiple features that are used in the security and performance of websites:

Incapsula WAF protects websites by changing their Domain Name System (DNS) records to route traffic through Incapsula.[8] Incapsula then filters out malicious attacks from bots and website scrapers.[8] As of 2011 it was effective against cross site scripting, illegal resource access and all other OWASP top 10 threats, SQL injections, and web 2.0 threats including academic web archiving, comment spam, fake registrations, malicious bots, referrer spam, and site scraping.

Incapsula also has a content delivery network that caches websites on their server network to speed up website load time. The cached information is returned from a server closest to the end user to provide fast page loads. This also allegedly mitigates against slow responses due to heavy server traffic.[non-primary source needed]

Incapsula launched a tool named "Backdoor Protect" in 2013. The tool is reported to detect and block malicious back-doors and "webshells". The tool works by comparing a website's traffic against a database of known back-doors.[9] Later that year, the company announced a two factor authentication feature called Login-Protect, as an integrated feature of its products.[10] Incapsula also announced in 2013 that it would be implementing Layer 7 load balancing capabilities.[11]

Awards and recognition[edit]

In 2011, Incapsula was chosen as one of the Top 10 companies to participate in RSA Conference Innovation Sandbox.[12] The same year, they were a finalist for the Red Herring Top 100 North America Award.[13]

In 2013, Incapsula was named #1 for Best Cloud Based Security CDN by WeRockYourWeb.[14]

The 2017 Forrester Wave for DDoS Service Providers named Imperva as the leader with top scores on both "Current Offering" and "Strategy" out of all evaluated DDoS service providers.[15]

References[edit]

  1. ^ Shatz, Gur (25 April 2012). "9 Things Businesses Need to Know About Web Security". Mashable. Retrieved 28 October 2013. CS1 maint: discouraged parameter (link)
  2. ^ a b c d Cohan, Peter (13 August 2013). "Incapsula's Growing 50% A Quarter By Blocking DDoS Attacks". Forbes. Retrieved 28 October 2013. CS1 maint: discouraged parameter (link)
  3. ^ "Management". Incapsula Website. Retrieved 21 May 2018. CS1 maint: discouraged parameter (link)
  4. ^ Schwartz, Matthew J. (9 January 2013). "US Bank Hack Attack Techniques Identified". Information Week. Retrieved 28 October 2013. CS1 maint: discouraged parameter (link)
  5. ^ Reilly, Allison Midori (20 October 2011). "Protect Your Website, and Boost Its Speed, With Incapsula". Small Biz Technology. Archived from the original on 14 December 2018. Retrieved 12 December 2018. CS1 maint: discouraged parameter (link)
  6. ^ Kerner, Sean Michael (1 October 2013). "Latest 100 Gigabit Attack Is One of Internet's Largest". eWeek. Retrieved 12 December 2018. CS1 maint: discouraged parameter (link)
  7. ^ Leyden, John (17 October 2013). "How mystery DDoSers tried to take down Bitcoin exchange with 100Gbps crapflood". The Register UK. Retrieved 11 December 2018. CS1 maint: discouraged parameter (link)
  8. ^ a b Cohan, Peter (11 September 2001). "Incapsula's Cloud Shields, Accelerates Your System". Forbes. Retrieved 28 October 2013. CS1 maint: discouraged parameter (link)
  9. ^ Kumar, Mohit (30 January 2013). "Incapsula Introduces Backdoor Protect". The Hacker News. Retrieved 28 October 2013. CS1 maint: discouraged parameter (link)
  10. ^ Selvan, Sabari (1 July 2013). "Incapsula Login Protection – Boost Your Website Security with Two Factor Authentication". ehackingnews.com. Retrieved 1 November 2013. CS1 maint: discouraged parameter (link)
  11. ^ "Incapsula Brings Layer 7 Load Balancing Into the Cloud". Broadway World. 15 October 2013. Retrieved 1 November 2013. CS1 maint: discouraged parameter (link)
  12. ^ "2011 RSA Conference Innovation Sandbox". 365.rsaconference.com. RSA Conference. January 2011. Archived from the original on 2012-08-25. Retrieved 2011-12-19. CS1 maint: discouraged parameter (link)
  13. ^ Wedel, Xenia Von (8 May 2013). "Finalists Announce for the 2013 Red Herring Top 100 North America Award". Virtualization Journal. Retrieved 28 October 2013. CS1 maint: discouraged parameter (link)
  14. ^ "2013 Best Cloud Based Security Reviews and Comparison". We Rock Your Web.
  15. ^ "The Forrester Wave Ranks Imperva as a Leader for DDoS Mitigation Providers". www.incapsula.com.

External links[edit]