Book IndexHideShow
Back to topic

Cloud Application Security

March 8, 2020 Release

March 8, 2020 Release

In this release:

New Features

DDoS Protection for Networks: Analytics for Monitored Networks

Analytics capabilities are now available for network traffic on monitored network ranges (via NetFlow/xFlow/IPFix protocols).

Where it’s located: To display analytics for monitored networks:

  1. In the Infrastructure Protection Dashboard, click Monitored Networks.
  2. Select a network from the Ranges table.
  3. Select a previous time period or a custom time period. (Analytics are not displayed in real-time view.)

Availability: Available for network traffic occurring after March 4, 2020 13:00 UTC.

For more details on analytics, see Analytics: DDoS Protection for Networks and IPs.

Enhancements

Attack Analytics: View the CVEs associated with your incidents

Attack Analytics now provides a list of the CVEs (Common Vulnerabilities and Exposures) that are associated with your incidents.

CVE associations are based on ongoing investigation and monitoring by Imperva Research Labs. An incident is associated with a CVE if one or more its events triggered a security rule determined by Imperva to be associated with that specific CVE.

Note that an event may be blocked by general mitigation rules even though it was not found to be associated with any specific CVEs.

What changed: You can now view associated CVEs for an incident, and filter your incidents according to all or specific CVEs.

Where it’s located:

Location Details
Attack Analytics Dashboard

In the Highlights widget, click the arrow to view the associated incidents.

Incidents view

Select and incident and view the details in the right pane.

Click the CVE link to go to the CVE site for more information.

Filter to view incidents according to associated CVEs using the advanced filter:

Incident details view

Hover over a CVE tag to view details.

Click the CVE link to go to the CVE site for more information.

For more details on Attack Analytics, see Attack Analytics.

GeeTest CAPTCHA support added for Advanced Bot Protection

Advanced Bot Protection customers can now opt to use GeeTest instead of the default reCAPTCHA used for bot access control.

Availability: Applies to customers subscribed to both Cloud WAF and Advanced Bot Protection. We are rolling out the feature over the next two weeks.

Where it’s located:

1. On the Cloud Security Console sidebar, navigate to Websites > Settings > Security.

2. Under Bot Access Control > CAPTCHA Provider, select GeeTest and choose the difficulty level setting.

For details, see Web Protection - Security Settings.

Fixes

None.

Known Issues

None.

 

 

 

Tip: Open the latest release notes directly from the Cloud Security Console's Help menu.

 

To subscribe to updates about weekly releases, add the following link to your RSS feed reader: https://docs.imperva.com/bundle/cloud-application-security/page/release-notes.rss

Join the Discussion