Imperva is the leader in application data security, delivering data governance and protection solutions that monitor, audit, and secure business applications and databases. Imperva's practical solutions provide full visibility into all data access, enabling operationally efficient granular control and maintenance of critical data. An increasing number of government organizations worldwide rely on Imperva's automated, scalable, and business-relevant solutions to prevent data theft and data abuse, and to ensure data integrity.

The Imperva award-winning SecureSphere products protect web applications, databases, and enterprise applications, including Oracle and SAP, from both internal and external threats. Imperva's SecureSphere Web Application Firewall and Database Security Gateway provide defense in depth.

SecureSphere's Dynamic Profiling technology automatically examines live application and database traffic to create a comprehensive profile of the structure and dynamics of the application and database. Valid application and database changes are automatically recognized and incorporated into the profile over time. Dynamic Profiling also creates a model of legitimate user behaviors. By comparing profiled elements to actual traffic, SecureSphere is able to detect and block malicious activity and usage policy exceptions of any kind.

SecureSphere offers real-time alerts and blocking for unauthorized, illegitimate activity including SQL injection, cross-site scripting, cross-site request forgery, parameter tampering, privilege abuse and numerous other types of attacks. In addition to protecting applications and databases, SecureSphere also tracks all data access and usage and can provide the following:

  • An automated system to track, control, and log all access to sensitive data, including all activity by the DBA, developers, and other privileged users
  • Defense against application and database misuse and attacks, well in advance of vendor fixes
  • Real-time detection and alerts for unauthorized, illegitimate activity
  • Ease of deployment and on-going management
  • No impact on applications and IT infrastructure
  • Scalability and centralized management


GSA Schedule Contracts

GSA Schedule 70

GSA Schedule 70 GSA Schedule No. GS-35F-0119Y Term: December 20, 2011- December 19, 2021

Federal Contracts


Vendor(s): CoN Certified Term: March 2015 - March 2020

State & Local Contracts

City of Seattle Contract

Contract #0000003265 Term: December 19, 2021


Contract # CMAS 3-12-70-2247E Term: through March 31, 2022

eVA- Virginia's Total e-Procurement Solution

Vendor ID #: E51768

Fairfax County IT Hardware, Software, & Services

Virginia- Fairfax County CONTRACT EXPIRATION: October 4, 2020 (with 5 option years)

Ohio State Contract- 534354

Contract # 534354 Term: December 19, 2021

Orange County National IPA Co-Op

Through May 31, 2020 (with 2 option years)


Contract Number: UVA1482501 Contract Term: May 2, 2014– December 19, 2021

VITA Contract

Term: through March 31, 2018


Archived Events


Databases store extraordinarily valuable and confidential data. An increasing number of regulations compel organizations to audit access to this sensitive data and protect it from attack and abuse. Award-winning Imperva SecureSphere Database Security products automate database audits and instant...

Because they are easily accessible and often serve as an entry point to valuable data, web applications are now—and always will be—a prime target for attack. Indeed, it is not surprising that hacktivist attacks taking down corporate and government sites, DDoS attacks against major financial i...

Advanced targeted attacks are more focused and persistent than ever before, and they continue to increase in sophistication. These next generation threats are multi-phased and organized explicitly to bypass the security perimeter, most often targeting individuals as an entry point. It only takes one...

Web application firewalls have become an essential component of the modern organization’s security infrastructure, providing scalable high-fidelity protection of business-critical web applications from a broad spectrum of cyber threats. As with any must-have enterprise security solution, there ...