Thales Enhances Imperva Platform with Unified Real-Time API Threat Detection and Automated Mitigation

Thales Enhances Imperva Platform with Unified Real-Time API Threat Detection and Automated Mitigation

(IN BRIEF) Thales has upgraded its Imperva Application Security suite to include real-time detection and automated mitigation of API threats, with a focus on the leading BOLA vulnerability. Leveraging a hybrid behavioral and rule-based engine, the platform scores anomalies, flags high-risk endpoints, and triggers inline blocking through Cloud WAF and WAF Gateway. Designed for both cloud and on-prem deployments, the unified console manages API discovery, risk assessment, and response, reducing tool complexity and enhancing privacy. As API traffic now comprises 71 % of web requests and draws 44 % of advanced bot attacks, these enhancements align with Thales’s Imperva Security Anywhere vision for comprehensive application and API protection.

(PRESS RELEASE) LA DÉFENSE, 24-Jun-2025 — /EuropaWire/ — Thales today unveils enhanced detection and response capabilities within its Imperva Application Security platform, delivering the industry’s first unified, single-pane-of-glass solution for real-time identification and mitigation of API threats—including Broken Object Level Authorization (BOLA) and other sophisticated business-logic vulnerabilities. By combining hybrid behavioral and rule-based engines with automated inline blocking, the platform safeguards cloud and on-premises environments against unauthorized data exposure, unauthenticated and deprecated APIs, and advanced bot-driven attacks.

APIs now drive 71 % of global web traffic and attract 44 % of advanced bot activity—underscoring their criticality and the urgency of robust protection. BOLA, the top OWASP API Security Top 10 threat, exploits gaps in object-level authorization to expose sensitive data. Imperva Application Security addresses this risk through real-time anomaly scoring, instant flagging of risky endpoints, and seamless integration with Cloud WAF and WAF Gateway for automated remediation. This privacy-forward, flexible platform unifies API discovery, risk assessment, detection, and mitigation in a single console, eliminating tool sprawl and operational friction.

Underpinning Thales’s Imperva Security Anywhere vision, the platform now offers end-to-end API threat management—covering BOLA, deprecated, and unauthenticated APIs—within one cohesive ecosystem. Enterprises gain a centralized view of automated threats, automated incident orchestration via security-automation integrations, and the ability to protect APIs at scale without disrupting development or user experience.

About Thales

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.

The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.

Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

Media Contact:

Tel: +33 (0) 1 57 77 80 00

SOURCE: Thales