Imperva’s Fifth Annual Web Application Attack Report Reveals That Malicious Traffic and Web Attacks Have Significantly Increased

Retail Applications, Websites Containing Consumer Information and WordPress are Today’s Biggest Attack Targets

October 11, 2014

3 Min Read


REDWOOD SHORES, Calif., October 9, 2014 – Imperva, Inc. (NYSE: IMPV), pioneering the third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual data centers, today released the results of its fifth annual Web Application Attack Report (WAAR).  Produced by the company’s Application Defense Center (ADC) research team, the report is the result of ADC analysis of a subset of 99 applications protected by Imperva’s Web Application Firewalls (WAF) over a period of nine months, from August 1, 2013 to April 30, 2014. Key findings in this year’s report include a significant increase in malicious traffic exposure over the period from June 1, 2012 to November 30, 2012 covered in the fourth annual WAAR; that retail applications suffer from the greatest number of attacks; that WordPress is the most attacked application target; and that the U.S. generates the majority of web application attack traffic worldwide.

This year’s fifth annual report reveals an increase of 10% in SQL Injection (SQLi) attacks, as well as an increase of 24% in Remote File Inclusion (RFI) attacks.  In addition, the ADC research team also found that attacks have gotten dramatically longer in length; 44% longer than they were in the period covered in the fourth annual WAAR.  Other key findings include:

·         48.1% of all attack campaigns targeted retail applications, with financial institutions next in line at 10%. 

·         Websites running WordPress were attacked 24.1% more than websites running on all other content management systems (CMS) combined, and WordPress suffers 60% more Cross Site Scripting (XSS) incidents than all other CMS-running websites combined.

·         PHP applications suffer three times as many XSS attacks as .NET applications.

·         Websites that have log-in functionality, and hence contain consumer specific information, suffer 59% of all attacks, and 63% of all SQL Injection attacks.

“After years of analyzing attack data and origins, one of the things we propose in this year’s report is that attackers from other countries are using U.S. hosts to attack because they are geographically closer to targets. As a result, the U.S. generates the majority of the web application attack traffic worldwide,” said Amichai Shulman, Chief Technology Officer at Imperva.  “Looking at other sources of attacks, we were also interested to find that infrastructure-as-a-service (IaaS) providers are on the rise as attacker infrastructure.  For example, 20% of all known vulnerability exploitation attempts have originated from Amazon Web Services. They aren’t alone; with this phenomenon on the rise, other IaaS providers have to worry about their servers being compromised.  Attackers don’t discriminate when it comes to where a datacenter lives.”

For a full copy of Imperva’s Web Application Attack Report, please visit


About Imperva

Imperva, pioneering the third pillar of enterprise security, fills the gaps in endpoint and network security by directly protecting high-value applications and data assets in physical and virtual data centers. With an integrated security platform built specifically for modern threats, Imperva data center security provides the visibility and control needed to neutralize attack, theft, and fraud from inside and outside the organization, mitigate risk, and streamline compliance. Over 3,100 customers in more than 90 countries rely on our SecureSphere® platform to safeguard their business. Imperva is headquartered in Redwood Shores, California. Learn more:, our blog, on Twitter.


Forward Looking Statements
This press release contains forward-looking statements. These forward-looking statements are subject to material risks and uncertainties that may cause actual results to differ substantially from expectations.  Investors should consider important risk factors, which include: the risk that our products are not adopted at levels that we anticipate; the risk that competitors may be perceived by customers to be better positioned to help handle security threats and compliance; and other risks detailed under the caption "Risk Factors" in the company's Form 10-Q filed with the Securities and Exchange Commission, or the SEC, on August 8, 2014 and the company's other SEC filings. You can obtain copies of the company's SEC filings on the SEC's website



Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights