Business Wire

Imperva Application Security Integrates API Detection and Response, Setting A New Standard in API Security

24.6.2025 10:00:00 EEST | Business Wire | Press release

Share

Thales today announced new detection and response capabilities in the Imperva Application Security platform to protect against business logic attacks, such as Broken Object Level Authorization (BOLA) – the leading threat in the OWASP API Security Top 10. By integrating real-time detection with automated mitigation of risky APIs, BOLA attacks, unauthenticated APIs, and deprecated APIs, Imperva Application Security platform delivers comprehensive protection against unauthorized data exposure and other complex business logic vulnerabilities across cloud and on-premises environments.

APIs have become the backbone of modern applications, enabling businesses to seamlessly connect services, optimize operations, and deliver personalized experiences at scale. According to Imperva Threat Research, APIs accounted for 71% of all web traffic. More recently, the team observed a sharp rise in API-directed attacks, with 44% of advanced bot traffic targeting APIs, compared to just 10% targeting web applications. This shift underscores how attackers are increasingly exploiting API endpoints that manage sensitive and high-value data.

Why BOLA is a Critical Business Risk

BOLA occurs when APIs fail to properly verify whether users are authorized to access specific data objects. This allows attackers to manipulate requests and gain unauthorized access to sensitive information. As the leading OWASP Top 10 API threat, BOLA exposes businesses to significant risks, including data breaches, compliance failures, and loss of customer trust.

“API security is no longer optional it’s fundamental to maintaining business continuity and trust,” said Tim Chang, Global Vice President and General Manager of Application Securityat Thales. “Imperva Application Security bridges the gap by delivering a fully unified platform that identifies business logic threats and actively blocks malicious sessions, setting a new benchmark for API protection.”

Empowering Enterprises with a Unified, Flexible, and Privacy-First Solution

Imperva Application Security integrates advanced threat detection engines with automated inline responses and flexible deployment options, enabling security teams to detect and respond to API attacks like BOLA without slowing development or disrupting the user experience. For customers who want to protect their API infrastructure, Imperva Application Security delivers the following benefits:

  • Unified Platform Architecture: Manage API discovery, risk assessment, detection, and mitigation in a single console, eliminating tool sprawl and operational friction across cloud and on-premises environments.
  • Real-Time BOLA Detection: Hybrid behavioral and rule-based engines analyze API request patterns, scoring anomalies, and flagging endpoints for immediate action.
  • Automated Response and Remediation: Integration with Imperva Cloud WAF and WAF Gateway enables a variety of response actions, including inline mitigation actions such as automatically blocking malicious API traffic in real-time. Integration with security automation tools ensures rapid incident orchestration.

Advancing the Imperva Security Anywhere Vision

The integration of API detection and response into Imperva Application Security is foundational to the Imperva Security Anywhere vision, which provides scalable, end-to-end protection for applications and APIs across any environment. This unified solution provides enterprises with a comprehensive view of automated threats targeting APIs and the necessary tools to protect those APIs.

Detection and response to deprecated APIs, unauthenticated APIs, and BOLA attacks are now available as part of Imperva Application Security.

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

PLEASE VISIT

Thales Group

Cloud Protection & Licensing Solutions | Thales Group

Cybersecurity Solutions | Thales Group

View source version on businesswire.com: https://www.businesswire.com/news/home/20250624052385/en/

Contacts

Thales, Media Relations
Security & Cybersecurity
Marion Bonnet
+33 (0)6 60 38 48 92
marion.bonnet@thalesgroup.com

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

www.businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

U.S. FDA Approves Expanded Indication for VONVENDI ® [von Willebrand factor (Recombinant)] for Adults and Children with Von Willebrand Disease6.9.2025 03:45:00 EEST | Press release

Takeda (TSE:4502/NYSE:TAK) today announced that the U.S. Food and Drug Administration (FDA) has approved the supplemental Biologics License Application (sBLA) for VONVENDI® [von Willebrand factor (Recombinant)], expanding the indication to include routine prophylaxis to reduce the frequency of bleeding episodes in adults with von Willebrand Disease (VWD), including those with Type 1 and 2 disease, and on-demand and perioperative management of bleeding in pediatric patients with VWD. VONVENDI was previously approved for on-demand and perioperative use in adults with VWD and routine prophylactic use in adults with severe Type 3 VWD receiving on-demand therapy.1 VONVENDI is now available for use in a broad range of VWD patients and is the only recombinant von Willebrand Factor (VWF) replacement therapy with approved indications in both adults and children with VWD.1 VWD is the most common bleeding disorder impacting more than 3 million people in the U.S. alone. It occurs equally among men

Samsung Unveils “AI Home: Future Living, Now” Vision at IFA 20256.9.2025 00:34:00 EEST | Press release

At Innovation For All (IFA) 2025, Samsung Electronics showcased its vision for “AI Home: Future Living, Now”. Samsung’s AI Home aims to be a reality people can experience today — not just in the future — and one designed for everyone, not just a select few. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250905654772/en/ Cheolgi Kim, Head of Digital Appliances, presents Future Living Now at Samsung’s IFA 2025 press conference in Berlin “At Samsung, we’re not just imagining the future of AI; we’re building it into everyday life. Samsung’s AI Home moves beyond smart devices to homes that truly understand you, adapt to your needs, and care for what matters most,” said Cheolgi Kim (CK), Executive Vice President and Head of Digital Appliances (DA) Business. “This is the beginning of a new era - where technology supports your life in the background so that you can live it more fully.” Samsung’s AI Home experience is designed to mak

NetApp named a Leader by Gartner® in the 2025 Magic Quadrant™ for Enterprise Storage Platforms5.9.2025 18:15:00 EEST | Press release

NetApp® (NASDAQ: NTAP), the intelligent data infrastructure company, today announced it has been recognized by Gartner as a Leader in the 2025 Gartner Magic Quadrant for Enterprise Storage Platforms. NetApp believes this recognition reflects how the company’s continuous innovation helps customers build Intelligent Data Infrastructure to face modern technology challenges, including protection from cyber threats and using AI to drive data-based decisions. The evaluation was based on specific criteria that analyzed the company’s overall Completeness of Vision and Ability to Execute. According to Gartner, “Enterprise storage platforms offer platform-native service capabilities and product features for both structured and unstructured data workloads. Heads of infrastructure and operations should use this research to assess vendors in deploying a modern IT infrastructure platform for block, file and object storage.” This report combines the previous Gartner Magic Quadrant reports for the Pri

Capcom’s Popular Title Street Fighter’s Live-Action Movie Starts Filming!5.9.2025 16:00:00 EEST | Press release

Capcom Co., Ltd. (TOKYO:9697) today announced that filming has commenced on a live-action film adaptation of its popular fighting game series Street Fighter, in collaboration with Legendary Entertainment (Legendary), with both companies jointly financing the project. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250905806122/en/ Street Fighter Movie Title Logo To expand global sales of its core home video game software business, Capcom is actively promoting the branding of its proprietary IP under the Single Content Multiple Usage strategy. Particularly, the adaptation of game content into visual media is a valuable opportunity to broaden awareness of Capcom’s IP beyond the gaming audience. With filming of the upcoming film Street Fighter now starting, the casting of the main characters—Ken, Ryu, and Chun-Li —has been finalized. Through joint financing with Legendary, a company renowned for producing numerous blockbuster fi

Motive’s Entitlement Server Acknowledged as a Pacesetter in Counterpoint Research’s 2025 Rankings5.9.2025 16:00:00 EEST | Press release

Motive, a global leader in device management, today announced its recognition as a Pacesetter in Counterpoint Research’s 2025 Entitlement Server Rankings. Counterpoint placed Motive in its highest top-right Pacesetter quadrant: the most advanced recognition in the ranking. This accolade reflects Motive’s decisive investment in entitlement orchestration at a time when operators face urgent deadlines, including Apple’s September 2025 RCS requirement. Motive has taken the lead, proving ability to deliver at scale, currently deployed in large mobile service providers across North America, Europe, Africa, the Middle East, Asia-Pacific, and Latin America. Removing Barriers to RCS and Beyond The industry has long wrestled with the lack of a commercial framework for Rich Business Messaging (RBM) and lack of cross platform support between Android and iOS. Motive addresses this by ensuring operators can enable RCS on both Apple and Android devices securely without delay. This approach derisks op

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom
World GlobeA line styled icon from Orion Icon Library.HiddenA line styled icon from Orion Icon Library.Eye