Imperva Announces Unprecedented Growth

Imperva, the Data Security leader, has set major new benchmarks for company growth for Q3'09. This year's 3rd quarter performance was one of Imperva's largest ever with 45% growth over Q2'08 and with 94 new customers.

"Imperva's 3rd quarter performance is the clearest evidence that companies see SecureSphere as a strategic part of data security," explained Shlomo Kramer, Imperva's CEO. "Our customers recognize the unparalleled capability SecureSphere brings to keeping data safe from insiders and external threats."

Imperva also expanded its executive team with the addition of Daniel Alon, vice president of product management and Yaniv Shaya, vice president of engineering.

Mr. Alon brings to Imperva more than 10 years of technology leadership in information security. Prior to joining Imperva, Alon lead product management and product development for Check Point's VPN & Access products. Most recently, Alon was the Chief of Staff for Check Point's CEO. A 2005 graduate of the Stanford Executive Program, Alon holds a B. Sc. in Computer Science from the Technion, Israel Institute of Technology.

"Imperva's deep understanding of today's cyber crime threats coupled with its focus on delivering data security solutions that are scalable and affordable to address every customer unique needs, makes it a distinguished selection for customers in the market," said Alon.

Mr. Shaya brings to his role as Vice President of Engineering at Imperva more than 15 years of experience in software development management, product definition, team leadership and project management. Shaya joins Imperva from HP Software/Mercury, where he was Director, research and development of the Performance Testing and Change Control product lines. Prior to his work at HP Software he was VP R&D at Orsus Solutions. Before that, Shaya served in the Intelligence Technology unit of the Israel Defense Forces as an officer and system engineer. He earned an MBA, Cum Laude from Tel Aviv University and B.Sc. in Electrical Engineering, Cum Laude from the Technion, Israel Institute of Technology.

"It's a great opportunity to be leading Imperva's world-class development team, working with a revolutionary technology, and helping to build a fast-growing company," said Shaya.

Other highlights from the quarter:

* Strong international performance:
o Europe experienced 88 percent growth
o Asia experienced 36 percent growth
* Imperva added 94 new customers—nearly 50 percent growth over last year
* Imperva, with the Ponemon Institute, released a watershed study on the state of PCI

About Imperva

To Purchase Imperva Products visit www.ImpervaGuard.com

Ponemon Institute and Imperva Survey Shows Companies Still Struggle to Protect

Imperva and the Ponemon Institute today announced the findings of a survey across more than 500 U.S. and multinational IT security practitioners showing that, despite the Payment Card Industry’s (PCI) Data Security Standard (DSS), companies still struggle with data security, putting consumers at continued risk for identity theft. In fact, 71% of companies surveyed admit to not making data security a top strategic initiative, and 55% admit to only securing credit card information and not sensitive information such as Social Security numbers, driver’s license numbers, and bank account details. However, the survey also found that companies taking a strategic approach to PCI compliance have fewer data breaches. Based on these findings, Imperva is making specific recommendations to consumers, businesses and the PCI DSS Council to improve the safety of consumers’ personal information.

The PCI DSS standard was put into effect to provide security guidelines to all businesses that handle credit card information to better protect consumers. Since it was enacted in June 2005, the number of data breaches and amount of credit card fraud has continued to rise.
According to the survey of more than 500 U.S. and multinational IT security practitioners at companies with an average of $5.6 billion in annual revenue:

* 71% of respondents do not treat PCI as a strategic initiative, yet 79 percent have experienced a data breach involving the loss or theft of credit card information.
* 55% of respondents focus only on credit card data protection and do not attempt to secure sensitive information such as Social Security numbers, driver’s license numbers, bank account details and other data about people and families.
* 60% of respondents don’t think they have sufficient resources to comply with PCI and bring about a necessary level of cardholder security.

“Nobody is in business to be compliant. But there is a silver lining to this survey: if you protect consumers as required by the PCI DSS standard, there is an incredible opportunity to improve your overall security posture,” said Shlomo Kramer, Imperva’s CEO.

“Security departments are using PCI compliance as leverage to gain more budget, but these resources are not always translating into greater security for sensitive customer data,” said Larry Ponemon, chairman and founder, Ponemon Institute. “The results of our study indicate that while some companies have figured out how to convert PCI standards into an overall security mandate—many more have not.”
Smaller businesses struggle the most

The survey found that only 28% of smaller companies (501-1000 employees) comply with PCI as opposed to 70% of larger companies (75,000 or more employees).

“Companies devote 35% of their IT security budgets to PCI compliance on average, making cost a significant obstacle, especially for smaller companies,” explained Amichai Shulman, Imperva’s CTO. “This is why Imperva is recommending that the PCI DSS Council modify the requirements for larger and smaller companies to take into account different environments and security needs.”

“The PCI Security Standards and the card brands must update the PCI-DSS so that it’s risk-based, depending on the system configuration of the complying company. The ‘one size fits all’ approach of the current standard imposes unreasonable requirements on many companies that have simple networks, or have implemented security technologies that aren’t included in the PCI standards, but provide equal or greater levels of protection,” said Avivah Litan, Vice President and Distinguished Analyst with Gartner Research in a May 2009 report, “Moving Beyond PCI at Visa’s Global Security Summit.”
Companies that take a strategic approach to PCI compliance have fewer data breaches

The PCI DSS standard has the potential to make a powerful impact to corporate IT security initiatives. The survey shows that 27% of companies believe that PCI-DSS compliance is positively contributing to their organizations’ security posture and are taking a strategic approach to compliance. In fact, companies that were fully PCI compliant had fewer breaches than those that were not compliant. However, the majority (73%) of respondents have achieved PCI compliance using a basic, checklist approach.
Imperva’s recommendations to consumers, businesses and the PCI DSS Council
To coincide with the October 31st deadline for input on changing PCI-DSS standards, Imperva is providing recommendations to consumers, businesses and the PCI DSS Council.

For PCI-DSS Council

* Have a compliance logo for consumers. Today, companies can’t articulate their security efforts to consumers, and consumers are not aware of the compliance status of the retailers they do business with. As a consequence, companies cannot leverage their investment in PCI compliance to gain competitive advantage.
* Modify compliance needs for larger and smaller companies. Smaller companies need to have a modified standard that takes into account different environments and security needs.

Consumer recommendations

Look for PCI compliant companies—In general, companies that were compliant suffered fewer breaches. Although compliance doesn’t guarantee perfect security, it helps the odds.
Business recommendations

* Use PCI to bring about a broader, more effective security program.
* Use PCI as a way to get senior management aware of and involved in IT security. PCI creates a business case that is tightly coupled to information security.
* Assign a clear champion who owns and drives PCI as well as security that is strongly empowered to direct numerous teams for support. Without a clear champion, security—and compliance—will suffer.

To Purchase Imperva Products visit www.ImpervaGuard.com

Imperva Appoints Kane Lightowler as Regional Sales Director

Imperva, the Data Security Leader, today announced the appointment of Kane Lightowler as Regional Sales Director of Australia and New Zealand. Based out of Sydney, Lightowler is responsible for the Business Development and Channel Development initiatives in the ANZ region. He will play a key role in helping Imperva build its presences in ANZ’s data security market.

“Imperva continues our commitment in expanding our international business and ANZ is a focused region in this expansion effort. Lightowler’s solid technical background and proven business development track record are key components to Imperva’s growth in the Australia and New Zealand market,” said Stree Naidu, Vice President of Asia Pacific, Imperva.

Lightowler brings with him a wealth of Information Security knowledge and experience. He has intimate understanding of the ANZ channel having been on both sides of the fence and held prior Distributor, Reseller and Vendor roles. Most recently Lightowler was the Regional Sales Manager for ANZ at Tumbleweed Communications and contributed an integral part of the triple digit growth Tumbleweed accomplished in the region. He has significant knowledge of forming channels and partnerships and built a number of small startup businesses both locally and internationally. He also held previous roles with Alstom It (Now iTX) and Content Security.

To Purchase Imperva Products visit www.ImpervaGuard.com

Imperva Appoints Stree Naidu as Vice President, Asia Pacific

Aims to Propel Imperva to Greater Heights in the Data Security Industry. Imperva, the Data Security Leader, today announced the appointment of Stree Naidu as Vice President of Asia Pacific. Naidu will play a crucial role in helping Imperva expand its reach in Asia Pacific’s data security market.

“Imperva is making a strong commitment to growing our international business and Asia Pacific is a key region in this expansion effort. Naidu’s depth of technical knowledge and a proven track record of effectively executing and growing new territories with great success will help accelerate our footprint in Asia Pacific,” said Shlomo Kramer, CEO, Imperva.

Stree Naidu has more than 15 years of experience and a reputable track record in the channel distribution model within the IT industry. Formerly the Regional Vice President of Asia Pacific and Japan for Tumbleweed Communications, where he drove 100 percent channel revenue sales with a 200 percent year on year growth.

Prior to Tumbleweed Communications, Naidu was Regional Director of Asia for Plumtree Software where he restructured the direct sales approach into a channel distribution model --delivering more than 80 percent of revenue in Asia from the channel in the first quarter it alone.

Before Plumtree Software, Stree was the Channel Director for South Asia at Brio Software. At Brio, he was responsible for growing the Asia customer base with more than 20 partners across South Asia. Naidu has also held executive level positions with other Nasdaq listed companies such as Hyperion Solutions, Sun Microsystems and the Art Technology Group.

To Purchase Imperva Products visit www.ImpervaGuard.com

Imperva Completes Strong Second Quarter, Grows Nearly 30%

Imperva, the leader in Data Security, today announced a strong close to its second quarter 2009, increasing bookings in Q2 2009 nearly 30% over Q2 2008. The company also expanded its executive team in Federal sales.

“The growth in our business signals that organizations recognize the need to implement a comprehensive approach that secures both data and applications,” said Imperva CEO Shlomo Kramer. “We are glad to see our vision validated in difficult economic times.” Independent research firm, Forrester Research, Inc., in the report, “TechRadar™ For SRM Professionals: Application Security, Q3 2009”, noted, “Imperva provides a unique value proposition with a combination of web application firewalls and database monitoring technologies.”

Imperva also expanded its executive team with the addition of Phil Fuster, area vice president of sales for the Federal market. Mr. Fuster brings over 20 years of experience in corporate development in the Federal and commercial information technology markets to Imperva. Mr. Fuster assumes responsibility for managing and expanding the Imperva presence in public sector markets in the United States.

"Phil Fuster has demonstrated the ability to successfully build and manage highly productive teams for technology vendors to the public sector markets," said Kramer. "Phil's industry experience, management skills and public sector contacts will enable us to accelerate the growth of our customer base in this important sector for Imperva."

Prior to joining the Imperva, Mr. Fuster served in various sales and management roles with technology organizations engaging the public sector markets, where he was responsible for agency-level and reseller sales, government affairs, direct marketing, and channel development.

Other highlights of the quarter include:

* Imperva’s customer base expanded beyond 800 customers, including 19 of the F100 across 40 different countries.
* Growth in the Americas reached nearly 40% from Q2’08 to Q2’09.
* A significant increase in sales to state and local governments.
* Closed several major deals in new territories including a leading bank in Colombia and a major Canadian law enforcement agency.
* Won a major deal with the world’s leading cross-border, consumer-to-consumer remittance provider.
* Won a major expansion project with the world’s largest consumer technology provider.

To Purchase Imperva Products visit www.ImpervaGuard.com

ClearPoint Metrics and Imperva Partner to help CISOs

ClearPoint Metrics and Imperva Corporation today announced a collaborative effort to deliver strategic intelligence on organizations data security and compliance initiatives. The partnership will integrate Imperva’s SecureSphere Data Security Suite with ClearPoint Metrics’ Security Performance Manager™ creating a new class of security performance and risk metrics that will provide visibility into the state, quality and effectiveness of data security investments for chief information security officers, auditors as well as business managers concerned about security.

ClearPoint’s Security Performance Manager will leverage information from Imperva’s suite to deliver intelligence in the form of performance metrics to assess the business impact and effectiveness of key information security initiatives. The SecureSphere Data Security Suite delivers a complete lifecycle for Web application and database security in a single platform. By securing transactions from the end user through the Web application to the database, the SecureSphere Data Security Suite offers complete data security and visibility and maps all assets on a network. The combination of these two solutions provides a complete assessment of an organizations data risk posture.

Data intensive businesses, particularly financial and insurance services, but also the energy and retail sectors, depend on Imperva for full visibility and control for business databases and the applications that use them. The award-winning SecureSphere delivers full activity monitoring from the database to the surrounding application and is recognized for its overall ease of management and deployment.

“This strategic partnership with Imperva came about through our mutual work with a global financial services organization,” said Jim Acquaviva, CEO at ClearPoint Metrics. “We look forward to working with them to drive a new class of enterprise performance metrics that enable organization to better understand and communicate the impact of their investments in data security.”

ClearPoint Metrics purpose-built solution for CIO’s and CISO’s enables organizations to implement enterprise wide IT and information security metrics programs. ClearPoint’s portfolio of adapters provides connections to a large number of critical security and business applications, including threat managers, anti-virus, incident managers, intrusion detection and prevention, identity and access managers, asset managers, network/system managers, vulnerability scanners, and vulnerability and patch managers.

“Imperva’s mission is to help organizations secure critical data and achieve regulatory compliance for their Web and database applications,” said Rohit Gupta, vice president of business development for Imperva. “Combining the visibility and control of database activity provided by SecureSphere with ClearPoint’s Security Performance Manager’s customers get a powerful, global view of the state of their security infrastructure,”

To Purchase Imperva Products visit www.ImpervaGuard.com

SuccessFactors Leads Enterprise Cloud Security with Strategic Technology Partnership

WhiteHat Security, the leading provider of website risk management solutions, and Imperva, the data security leader, today announced that SuccessFactors, the global leader in on-demand performance and talent management solutions, continues to raise the bar for enterprise cloud computing with new security standards powered by both companies’ integrated solutions.

SuccessFactors leverages WhiteHat’s Website Vulnerability Management and Imperva’s SecureSphere Web Application Firewall (WAF) as a part of a comprehensive security strategy that delivers unprecedented prevention, mitigation and protection for its on-demand platform.

“We’re continuing to build the biggest cloud computing company in the world and our on-demand applications help more than five million end users and 2,700 customers everyday to bridge the gap between strategy and execution at their organizations. Our high security standards and partnerships with WhiteHat and Imperva ensure the security of our customers’ sensitive data, and really are helping to set the standards for the industry as a whole,” said Joe White, information security architect, SuccessFactors. “Our security is leaps and bounds ahead of on-premise solutions, and it's making the decision to migrate over to cloud solutions even easier for large enterprises.”

The joint solution couples WhiteHat’s industry-leading website vulnerability management solution, WhiteHat Sentinel, with Imperva’s award-winning SecureSphere WAF. The integration provides customers like SuccessFactors with a robust website security program providing benefits including the ability to:

* Eliminate emergency fix and test cycles — immediately remediate discovered website vulnerabilities via a “virtual patch” without the need for development intervention
* Prioritize Web application firewall alerts — based on accurate, verified security risks identified by WhiteHat Sentinel—eliminating false positives
* Build more accurate security and compliance reports — specifically highlight attempts to exploit known vulnerabilities
* Granularly manage security vulnerabilities — unmatched capability for importing specific types of WhiteHat Sentinel application assessment results to the SecureSphere WAF based on severity level or class
* Exceed the minimum PCI DSS 6.6 requirements — provide the best protection available against data compromise

“The partnership between WhiteHat and Imperva is a natural fit given our leadership in website security,” said Amichai Shulman, co-founder and chief technology officer, Imperva. “Our combined solution is the fastest way to mitigate application security risk. Any company deploying sensitive Web applications can benefit from the protection our partnership offers for an enterprise’s entire application stack.”

“There is much discussion about the application security lifecycle and where dollars are best spent,” said Jeremiah Grossman, founder and chief technology officer, WhiteHat Security. “It is critical to implement security in the SDLC as well as on production websites, where risk is greatest. Customers should never have to choose between business operations and security. WhiteHat and Imperva’s integration addresses this challenge by putting mitigation in the hands of security professionals and enabling business continuity.”

“The most damaging threats today are exploiting vulnerabilities in Web-facing applications. Businesses need to prioritize proactive and continuing Web application security programs that reduce application vulnerabilities and shield against targeted attacks,” said John Pescatore, Gartner vice president and distinguished analyst.

Imperva SecureSphere is the only solution that delivers full visibility and control for business databases and the applications that use them. The award-winning SecureSphere delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment.

WhiteHat Sentinel is an on-demand SaaS-based subscription service, combining advanced proprietary automated scanning technology with expert analysis, enabling customers to identify, prioritize, manage and remediate website vulnerabilities as they occur.

To Purchase Imperva Products visit www.ImpervaGuard.com