This integration enables Veracode’s
Dynamic Application Security Testing (DAST) service to feed detailed information about application vulnerabilities to the WAF, so that it can instantly detect and block attacks. It also simplifies compliance with security standards such as PCI-DSS, which specifies that proper implementation of both technologies provides the best multi-layered defense against common web vulnerabilities such as SQL injection.
According to
breach data compiled by the Verizon Business RISK team, there is a 75 percent chance that web application exploits will affect larger organizations and governments. In addition to enabling faster and more accurate protection against these exploits, the use of both DAST and WAF technologies together allows organizations to better prioritize their remediation efforts based on suspicious attack patterns observed by the WAF.
“Given the prevalence of web application vulnerabilities and the ease with which they can be exploited, the importance of protecting against these threats cannot be overstated,” said Sam King, EVP product strategy and corporate development, Veracode. “The knowledge sharing and correlation provided by this integration enables a new type of closed-loop security intelligence that is a logical evolution for both solutions.”
“We are pleased that Veracode has joined our PartnerSphere Technology Alliance program to offer a certified solution to our joint customers,” said Mark Kraynak, senior vice president of worldwide marketing at Imperva. “This solution enables our customers to virtually patch vulnerabilities identified by Veracode’s DAST service, reducing the window of exposure.”