The modular service taps the firm's SecureSphere Web Application Firewall and is designed to intercept an attack before it reaches the client's IT platform.
Using this approach – which essentially routes company-bound IP traffic via Imperva's cloud resources, Infosecurity notes – allows the company to filter up to 4 Gbps of data traffic, which is enough for all but the largest of major corporates, who would probably be using diversified routes in any case.
The most interesting feature of the new service is that it is billed as adapting to what Imperva calls 'tuned attacks' where hackers tune an active DDoS attacks.
According to Amichai Shulman, the firm's CTO, over the last year his research team has seen a number of significant DDoS attacks that have caused major downtime for websites.
The Imperva Cloud DDoS service, he explained, combines scalable protection that is tuned in real time by a team of DDoS experts with technology powered by Imperva’s cloud-based subsidiary Incapsula.
This tuning involves what the company calls a centralised attack analysis, whereby Imperva's SOC - security operations centre - tunes security policies on a granular basis using collective knowledge about DDoS threats, including new and emerging attack methods and known malicious users.
When a client site is under attack, Imperva says its SOC monitors the client's application performance in order to keep the website accessible to as many users as possible. Using this approach, adds the company, means that client's do not have to over-provision their site bandwidth, as is normally required to defend against DDoS attacks.
Imperva claims that underground chat rooms advertise DDoS attack services starting from as low as $50.00, making it easy for malevolent users to disrupt and even disable a victim’s web site. In parallel with this, the firm says that attacks have become more sophisticated than ever, with some attack vectors even evading firewall detection by exploiting application vulnerabilities.