Imperva API Security
Imperva API Security is an API protection solution that provides continuous monitoring and security for APIs across cloud, on-premises, and hybrid environments. The tool performs automated discovery and classification of public, private, and shadow APIs to maintain a comprehensive API inventory. It includes capabilities for identifying design flaws and vulnerabilities associated with OWASP API Security Top 10. Key functionalities include: - Continuous API discovery and risk assessment - Detection of business logic vulnerabilities like Broken Object Level Authorization (BOLA) - Integration with WAF and bot protection systems - Support for both agent-based and agentless deployment options - API traffic inspection across encrypted applications and microservices - Classification of APIs based on sensitivity and data types - Integration capabilities with API gateways and management platforms The solution can be deployed as: - Cloud-managed through Imperva Cloud WAF - Self-managed via local management console - API Security Add-on for existing Imperva WAF users It provides monitoring for both north-south and east-west API traffic, enabling organizations to maintain visibility and security across their entire API infrastructure.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Akamai Client-Side Protection & Compliance is a security tool that monitors and protects against client-side threats on websites, aiding in PCI DSS v4.0 compliance.
An integrated application security platform that combines software composition analysis, container scanning, and runtime security monitoring to identify and prioritize vulnerabilities based on actual usage and risk.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A DAST solution that performs automated security testing of APIs and web applications within development workflows and CI/CD pipelines.
An AI-powered application security platform that provides automated discovery, testing, and continuous monitoring of applications and APIs with minimal operational impact.
A static analysis tool for Android apps that detects malware and other malicious code
A PHP/MySQL web application designed to aid security professionals in testing their skills and tools in a legal environment.
Kiterunner is a tool for lightning-fast traditional content discovery and bruteforcing API endpoints in modern applications.
IronBee is an open source project building a universal web application security sensor.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.