PRESS RELEASE

REDWOOD SHORES, Calif., Dec. 6, 2010 /PRNewswire/ -- Imperva, the leader in data security, today unveiled a comprehensive strategy to help cloud providers, enterprises and small to medium sized businesses (SMBs) protect sensitive data against external and internal threats and comply with regulations such as PCI, SOX and HIPAA. Additionally, Imperva spinoff Incapsula will help web hosters give SMBs affordable web application protection.

"Cloud computing has created a paradigm shift in the way organizations view their data center architecture," explained Imperva CTO Amichai Shulman. "Imperva is stepping up to the challenge of protecting cloud-based data from hackers and cloud insiders with a comprehensive data security solution."

For SMBs, Imperva spun off Incapsula, a web application firewall service. Incapsula gives small businesses an easy and affordable way to manage website security and performance. For hosting and other service providers, Incapsula enables website security to be extended to an entire customer base. Imperva will resell this service to complement Incapsula's own sales efforts.

"Incapsula's service helps web hosting companies provide SMBs with an easy, affordable way to defend their web applications against external hackers," explained Gur Shatz, CEO of Incapsula. "Given the nature of today's indiscriminate, bot-based attack methods, small businesses are subject to significant cyber attacks and require enterprise-class protection."

Subscribing to Incapsula's web protection service is a simple five-minute process that does not require installation of hardware or software, just a simple DNS change. Incapsula inspects all incoming traffic to any subscriber's website, keeping hackers out while accelerating outgoing traffic. The Incapsula service is suitable for the SMB and cloud market, requiring minimal setup with service beginning in the first quarter 2011. The list price for this service is expected to start at $50 per month.

Incapsula complements Imperva SecureSphere's cloud capabilities, such as those leveraged by web hosting company, FireHost. "SecureSphere gives FireHost a scalable web application security platform that can handle our rapid customer growth. As part of our core service, all customers are protected from web attacks using the SecureSphere Web Application Firewall. We're also excited to offer premium data security services for HIPAA and PCI compliance based on SecureSphere Database Activity Monitoring and File Activity Monitoring products," explained Chris Drake, CEO of FireHost.

Imperva's high-level cloud capabilities include:

Attack Protection and Access Control for the Cloud: SecureSphere Web Application Firewall (WAF) provides market-leading protection for cloud-based web applications against complex and sophisticated attacks. SecureSphere WAF enables a quick and easy route to PCI 6.6 compliance and the ability to instantly mitigate known application vulnerabilities.

Data Access Auditing for the Cloud: SecureSphere Database Activity Monitoring (DAM) and File Activity Monitoring (FAM) provide sensitive data access auditing for cloud-based databases and file-sharing systems.

SecureSphere supports all major cloud deployment models and is available by deploying physical or virtual SecureSphere appliances within a cloud data center:

-- Infrastructure as a Service (IaaS) providers: IaaS providers offer state-of-the-art flexible and secure cloud data centers. SecureSphere enables IaaS providers to offer web attack protection and regulatory compliance readiness to their customers and generate incremental business. Imperva customers include Savvis and FireHost. -- Platform as a Service (PaaS) providers: PaaS providers offer application development and delivery platforms that accelerate time-to-market of new applications and services. SecureSphere enables PaaS providers to give their customers web attack protection as part of the underlying platform. -- Software as a Service (SaaS) providers: SaaS providers deliver cloud-based business applications for sales, financial, HR and other functional areas. These applications host large amounts of sensitive data across many organizations. As organizations adopt cloud applications to streamline their IT operations, SaaS providers are expected to ensure data security and address regulatory compliance - as would be the case for on-premise data. -- Enterprise Private Clouds: Private clouds are a replacement or an extension of the traditional data center and must address the security of publicly facing web applications. SecureSphere Web Application Firewall (WAF) provides the industry-leading protection against Internet attacks targeting web applications and enables rapid mitigation of web application vulnerabilities.

Media Contact Katherine Nellums 415.321.2347 [email protected]