We were facing issues related to web servers and OWASP Top 10. We had bots rather than human traffic. We went with Imperva for a single-stack solution. We have bot protection, DDoS protection, web application firewall, and database security from Imperva. It is one of the best solutions that I have worked with. After deploying it, bot attacks have completely stopped. When it comes to OWASP Top 10, it responds very clearly when we do testing, so we are not facing any threats. Compliance is also very good. So, overall, it is very good for security and compliance. Imperva is known in the market for customization and deployments according to the use cases of the customers. You can deploy it the way you want. You can deploy it in the inline mode, reverse proxy mode, or transfer and bridge mode. You can deploy it according to the environment or infra of the company. In terms of integration, with one click of a button, you can integrate it with your SIEM solution. You have preconfigured SIEM codes. You just need to run that code in the SIEM application, and that is it. You will start getting the logs. It is pretty easy. For certain web servers, I have it on-prem, and for certain web servers, I have it on the cloud. A basic use case of the customers is that they want a single dashboard for the cloud WAF or on-prem WAF. There is a solution called attack analytics in Imperva. It integrates with on-prem and the cloud, so in a single dashboard, you can see what is happening in your on-prem as well as cloud setup. It is very easy. When it comes to reporting, you can take reports anywhere anytime and you can take logs anywhere anytime. Someone who does not know about cybersecurity can understand the logs. Logs are in English instead of the raw format. Anybody who knows English can understand them. Reporting is very easy. These reports can also be used for audit and compliance. We use SIEM solutions. We use Splunk, and we use Elastic. We use Datadog and Securonix. I integrated Imperva with Elastic and Splunk. We have a pre-written code. We just have to download that code and run the code in the SIEM solution server. After that, the logs start showing. It is that easy. Integration is that easy. I have also done integration with multifactor authentication, security key, HSM, etc. I have worked with RSA and YubiKey. Both of them were very easy. The integration happened with the click of a button. The integration is seamless and is working perfectly. Our clients are happy. We are happy.
