In this release:

New Features

None.

Enhancements

Attack Analytics: Filter incidents based on the action taken (Alert or Block)

You can now filter incidents based on the action taken on the events in the incident.

For example, you can filter for incidents that include alerted events, while hiding incidents that include only blocked events. This enables you to direct your attention to areas that may require configuration adjustments, such as changing a policy from alert to blocking mode in your account’s WAF settings.

Action:

  • All: All incidents
  • Blocked events only: Incidents in which 100% of the events were blocked
  • Has alerted events: Incidents that include both blocked and alerted events

Where it’s located:

Location Description
Dashboard

Under Action

Incidents view

In the Advanced filter > Action

For more details on Attack Analytics, see Attack Analytics.

New rule filter parameter: Site Request Rate

The new Site Request Rate parameter enables you to create rules that run based on the current RPS (requests per second) rate of your website.

For example, you can create a rule to divert traffic to a different server when the request rate (i.e. HTTP load) on this website exceeds a specified value.

Where it’s located: In the Cloud Security Console Rules page. For more details, see Rule Filter Parameters.

Availability: The new parameter is being rolled out and will be available to all customers within the next two weeks.

Updated cache and delivery settings API

We are starting to roll out updated APIs for managing cache and delivery settings for websites in your account.

  • Get/Change cache settings
  • Create/Read/Update cache rules
  • Get/Change delivery settings

Availability: The rollout process is expected to take two weeks.

For details, see Imperva Performance Settings APIv2 .

Imperva version 2 API introduces naming and formatting conventions for the HTTP requests that are consistent with REST API standards and best practices. To learn more about Imperva v2 APIs for the Cloud Security Console, see API Version 2.

Two-factor authentication is disabled when logging in with SSO

If two-factor authentication is enabled for a user in the Cloud Security Console, it is no longer activated if the user logs in with SSO.

When login is carried out via your organization’s SSO, the authentication flow is handled by the SSO provider.

Suspected Bots statistic renamed and clarified

For clarity and consistency, the Suspected Bots statistic was renamed and the displayed data was adjusted to more accurately reflect the functionality.

What changed:

  • Suspected Bots was changed to Suspected bots that triggered a CAPTCHA.
  • The count of suspected bots is now always displayed on the Dashboard Security page, regardless of whether the Require all suspected bots to pass additional challenges option on the Security Settings page is enabled or disabled. Previously, it was listed as N/A on the Dashboard Security page when the “Require” option was disabled.

The count is always relevant because suspected bots can be challenged with a CAPTCHA by the default Imperva process, even when the “Require” option, which enforces a stricter policy against unknown clients, is disabled.

Where it’s located:

  • In the Cloud Security Console, on the Websites > Dashboard > Security page:

    For more details, see Website Dashboard.

  • In the Weekly Report (which is sent by email when the option is enabled in your Account Settings):

Audit Trail and Role Management open directly in the Cloud Security Console

The Audit Trail and Role Management UI are now displayed directly in the Cloud Security Console.

What changed: Previously, these features opened in a separate browser window after clicking the Launch button.

 

Fixes

None.

Known Issues

None.

 

 

 

Tip: Open the latest release notes directly from the Cloud Security Console's Help menu.

 

To subscribe to updates about weekly releases, add the following link to your RSS feed reader: https://docs.imperva.com/bundle/cloud-application-security/page/release-notes.rss