The Latest in IT Security

Imperva Makes Three Acquisitions, Unveils New Cloud Strategy


Imperva, a provider of enterprise data security solutions, on Thursday announced its plans to acquire three security firms in a move that will help extend its data center security strategy across the cloud.

Redwood Shores, California-based Imperva said it has agreed to acquire Skyfence, a cloud security gateway startup, and has also agreed to purchase the remaining shares it does not already own in Incapsula, a cloud-based website performance and security service that Imperva invested in years ago and was already a majority owned subsidiary.

Imperva also said it was acquiring Tomium Software, a former OEM partner that enabled Imperva to provide z/OS mainframe monitoring solutions for DB2TM and IMSTM. By acquiring Austin, Texas-based Tomium, Imperva says it will be able to extend these capabilities to its full data security suite.

In addition to the acquisition news, Imperva released a new Web Application Firewall (WAF) for Amazon Web Services (AWS).

“Our acquisition strategy for Skyfence and Incapsula are very similar. We seeded Incapsula four years ago because we recognized that cloud delivery would change the web application security landscape,” said Shlomo Kramer, CEO of Imperva. “In the case of Skyfence, we believe that Software as a Service (SaaS) delivery models for internally facing corporate applications will substantially change the landscape for data center security and compliance.”

Skyfence protects internal corporate applications, such as employee and back office-oriented applications that are moving to SaaS delivery models. Despite being internal, these applications often allow access from the internet, which exposes them to the vulnerabilities intrinsic to public facing applications.

Skyfence has developed a solution providing real time visibility and control over corporate use of SaaS applications, which enforces security policy, protects sensitive data from external and inside threats, and ensures compliance with standards. Through a single, central gateway, the solution provides organizations with the power to discover all of the cloud assets that are in use and to uniformly enforce security and compliance policies in addition to controlling user access to sensitive data, privileged user activity and API access to the service.

For externally facing production applications, the cloud is changing deployment in two ways, Imperva said. Some customers prefer a SaaS model for WAF delivery. Incapsula offers an application-aware global CDN platform that provides DDoS protection, load balancing, and failover solutions. Other customers prefer an Infrastructure as a Service (IaaS) model by which they can leverage the economies of scale of their cloud provider to realize significant cost savings. For these customers, SecureSphere for AWS allows them to move their applications with added security.

Imperva said it plans to bring Incapsula fully in house in order to allow for scale as the demand for Incapsula technology grows.

Imperva’s new SecureSphere Web Application Firewall version for Amazon Web Services is designed for customers that want to take their on-premise solution to the cloud or that prefer a “do it yourself” model for application security. With SecureSphere for AWS, customers can replicate their existing on-premise security controls as they migrate to the cloud.

SecureSphere for AWS has been in limited availability since late 2013 and will be generally available in March 2014, Imperva said.

“For some time now, we’ve seen our customers take advantage of cloud-based services to reduce costs and increase flexibility. However, moving applications and data off-premise causes new and very significant risk exposure for organizations,” said Mark Kraynak, Senior Vice President, Worldwide Marketing, Imperva. “The strategy we are unveiling today comprehensively addresses the dangerous security gaps raised by the move to the cloud.”

The acquisitions of Skyfence and Incapsula are expected to close in the first quarter of 2014.


Managing Editor, SecurityWeek.Previous Columns by Mike Lennon:Imperva Makes Three Acquisitions, Unveils New Cloud StrategyJudge Denies Juniper Motion for Infringement Against Palo Alto NetworksSyrian Electronic Army Claims Control Over Facebook.Com DomainKaspersky Lab Details Exploits Targeting Just-Patched Adobe Zero-dayOpenDNS Teams With FireEye to Boost Threat Protection

sponsored links


Cloud Security

Data Protection

Management Strategy

Comments are closed.



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments