Imperva has announced Incapsula. The cloud-based, web application firewall service gives small businesses an easy and affordable way to manage website security and performance for any domain that they own, even if it's hosted by a third party. For hosting and other service providers, Incapsula enables website security to be extended to an entire customer base.  Imperva will resell this service to complement Incapsula’s own sales efforts.

Marc Gaffan, Incapsula's Vice President of Marketing and Business Development, has written a blog post detailing the need for a WAF service. The post is featured below.

The Ford Model T of Web Application Security

Consider these not-so hypothetical scenarios:

• I write a non controversial cooking blog with 5000 monthly readers - Why would anyone hack my website?
• I am a small online merchant who doesn't even store credit card data - Why would anyone hack my website?
• It’s not connected to any backend systems with access to sensitive data - Why would anyone hack my company’s website? 

Plenty of small businesses experience hacking.  The reason is simple: it’s easy, practically free and the chances of getting caught are slim to none.

These days, regardless of your size, purpose or nature, if humans can find your website - so will the hackers. With the cost of launching an automated attack on thousands of sites being negligible and the chances of getting caught so slim – even the smallest benefit, makes it a viable proposition.

For hackers, the benefits of attacking SMB websites include:

• Distribution of malware by infecting an innocent website.
• Gaining information that can be used to launch even better attacks (like a simple email address list). Inserting links to your site to improve their search rankings.
• Have bots click on ads to drain a competitor’s marketing budget. 

These are the reasons why we founded Incapsula - Incapsula was spun out of and is backed by Imperva to help websites of any size adopt enterprise grade application security or as someone elegantly put it “Be the Ford Model T of Web Application Security”.  

Why a Model T?  According to Wikipedia, “The Ford Model T is generally regarded as the first affordable automobile, the car that opened travel to the common middle-class American”.

Back in July, when our first Alpha users started adding their sites to the service, we saw it happen for the first time: A real Distributed SQL Injection Attack on a small and innocent website. That’s when we got our first customer thank you and knew we were on to something. 


 
Three bots, come out of nowhere and within two minutes, executed a series of SQL Injection attacks.

Incapsula is a new cloud-based service that makes websites safer, faster and more reliable. Adding a website to Incapsula is a simple five-minute process that does not require installation of hardware or software, just a simple DNS change. The service offers an enterprise-grade, web application firewall to safeguard sites from the latest threats, a network of globally distributed servers to speed-up the delivery of the site across the globe and an array of performance monitoring and analytics tools to provide website owners with the best insight on how to improve the delivery of the site. Try it out at http://www.incapsula.com/.

Next post in Imperva's Cloud Security blog series: Meet the New Boss, Sort of the Same as the Old Boss