Our release notes provide information on changes and enhancements in each release.

Note: Unless otherwise specified, the changes described here are rolled out throughout the week and may not be immediately available in all accounts.

In this release:

Website performance statistics API

Introducing a new, easy to use API for website performance statistics with flexible retrieval options.

Previously available for beta use only, this feature is now generally available for all accounts.

Key features and benefits

  • Easily retrieve statistics for specific websites, or all websites in your account
  • Focus on specific metrics of interest to you or retrieve all available statistics
  • Proactively monitor performance through integration with your preferred SIEM or other observability tools
  • Statistics updated every minute

Available statistics

  • PoP latency
  • Origin server response time
  • Error response count for each error type

For details, see:

Client-Side Protection: Subscribe to PCI compliance reports

Prove compliance to your auditor with the new exportable report for Cloud WAF and Client-Side Protection.

Imperva audits your configuration in WAF and Client-Side Protection and generates the report to assist you in demonstrating compliance with PCI DSS requirements 6.4.2, 6.4.3, and 11.6.1.

You can subscribe to receive the report weekly, monthly, or quarterly by email. You can also view the report online, or download a PDF version.

Availability:

  • The unified Cloud WAF/Client-Side Protection report is available in accounts subscribed to Client-Side Protection.
  • The report for other accounts covers Cloud WAF only.

Where it’s located: The PCI Compliance report is available from the Cloud Security Console

  • In the Application area, select a website and navigate to Website Settings > Notifications > Reports > PCI Compliance Report.
  • You can also navigate to the report page directly from Client-Side Protection. On the PCI Compliance tab, click the PCI Report Settings link.

Known issues

DDoS Protection for Networks: Allowlist traffic visibility in historical view

In the November 24, 2024 release, we added the ability to view historical data on allowlist traffic. This traffic was displayed on the Security Dashboard as a separate traffic type called Custom.

An issue with this enhancement was recently identified. Until it is resolved, we are temporarily disabling the Custom traffic type in the historical view. We will update in future release notes when it is fixed and enabled.

The Custom traffic type continues to be displayed in the real-time view.

For more details, see:

Recently mitigated CVEs

Mitigation for new Common Vulnerabilities and Exposures (CVEs) is added weekly by Imperva Research Labs.

To view the latest CVEs for which coverage was added, see Recently Mitigated CVEs.

 

 

More about the release notes

  • Tip: Open the latest release notes directly from the Cloud Security Console's Help menu.

  • Subscribe: Choose one of these options to subscribe to updates about weekly releases: