Facebook
Twitter
LinkedIn
First unified, single-pane-of-glass platform to deliver real-time detection and mitigation of API threats, including Broken Object Level Authorization (BOLA) and other advanced business logic threats
Offers flexible deployment across cloud and on-premise environments, with a privacy-forward design to secure APIs at scale.
Thales Thales today announced new detection and response capabilities in the Imperva Application Security platform to protect against business logic attacks, such as Broken Object Level Authorization (BOLA) - the leading threat in the OWASP API Security Top 10. By integrating real-time detection with automated mitigation of risky APIs, BOLA attacks, unauthenticated APIs, and deprecated APIs, Imperva Application Security platform delivers comprehensive protection against unauthorized data exposure and other complex business logic vulnerabilities across cloud and on-premises environments.
APIs have become the backbone of modern applications, enabling businesses to seamlessly connect services, optimize operations, and deliver personalized experiences at scale. According to Imperva Threat Research, APIs accounted for 71% of all web traffic. More recently, the team observed a sharp rise in API-directed attacks, with 44% of advanced bot traffic targeting APIs, compared to just 10% targeting web applications. This shift underscores how attackers are increasingly exploiting API endpoints that manage sensitive and high-value data.
Why BOLA is a Critical Business Risk
BOLA occurs when APIs fail to properly verify whether users are authorized to access specific data objects. This allows attackers to manipulate requests and gain unauthorized access to sensitive information. As the leading OWASP Top 10 API threat, BOLA exposes businesses to significant risks, including data breaches, compliance failures, and loss of customer trust.
API security is no longer optional - it's fundamental to maintaining business continuity and trust, said Tim Chang, Global Vice President and General Manager of Application Security at Thales. Imperva Application Security bridges the gap by delivering a fully unified platform that identifies business logic threats and actively blocks malicious sessions, setting a new benchmark for API protection.
Empowering Enterprises with a Unified, Flexible, and Privacy-First Solution
Imperva Application Security integrates advanced threat detection engines with automated inline responses and flexible deployment options, enabling security teams to detect and respond to API attacks like BOLA without slowing development or disrupting the user experience. For customers who want to protect their API infrastructure, Imperva Application Security delivers the following benefits:
Unified Platform Architecture: Manage API discovery, risk assessment, detection, and mitigation in a single console, eliminating tool sprawl and operational friction across cloud and on-premises environments.
Real-Time BOLA Detection: Hybrid behavioral and rule-based engines analyze API request patterns, scoring anomalies, and flagging endpoints for immediate action.
Automated Response and Remediation: Integration with Imperva Cloud WAF and WAF Gateway enables a variety of response actions, including inline mitigation actions such as automatically blocking malicious API traffic in real-time. Integration with security automation tools ensures rapid incident orchestration.
Advancing the Imperva Security Anywhere Vision
The integration of API detection and response into Imperva Application Security is foundational to the Imperva Security Anywhere vision, which provides scalable, end-to-end protection for applications and APIs across any environment. This unified solution provides enterprises with a comprehensive view of automated threats targeting APIs and the necessary tools to protect those APIs.
Detection and response to deprecated APIs, unauthenticated APIs, and BOLA attacks are now available as part of Imperva Application Security.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.
The Group invests more than 4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of 20.6 billion.
Contact
Thales Media Relations
Contact our Media Relations team
30 Jun 2025
Thales Alenia Space to develop SOLiS very-high-throughput laser communications demonstrator
Read more
30 Jun 2025
Thales 2025 Global Cloud Security Study Reveals Organizations Struggle to Secure Expanding, AI-Driven Cloud Environments
Read more
27 Jun 2025
Thales and KONGSBERG to establish new major Defence communications joint venture in Norway
Read more
Europe Stories
06/10/2025
France T l visions, France's leading broadcaster, has received the 2025 EBU ...
04/09/2025
Monumental Sports & Entertainment (MSE), in collaboration with Dalet, has been a...
30/06/2025
Star Studded Ensemble Cast Are Joined by Richard Rankin as Filming Begins on the Second Season
[June 12, 2025 - Boston, MA]: The Forsytes, Debbie Horsfield�...
30/06/2025
Eurorack sequencer module reimagined
California-based modular synth innovators Qu-Bit have announced the launch of a new module that offers a fresh new take...
30/06/2025
Improved dynamic behaviour, improved audio quality & more
Techivation have announced the release of an upgraded edition of their very first premium plug-in,...
30/06/2025
The Focusrite Summer Sale is now on Don't miss unbeatable deals on Scarlett, Vocaster, and more.
Whether you're an artist, a producer, or a podcaste...
30/06/2025
All 8 episodes of Season 1 of 1923 will be available on RT Player from Tuesday ...
30/06/2025
Facebook
Twitter
LinkedIn
52% report AI security spending is displacing tr...
30/06/2025
Facebook
Twitter
LinkedIn
Cannes, June 30th, 2025 - Thales Alenia Space, t...
29/06/2025
Handpan-inspired instrument announced
Roland have announced the launch of the Mood Pan, a unique electronic hand percussion instrument that has been designe...
28/06/2025
Music theory plug-in updated
Three months on from the release of the latest version of their renowned music theory plug in, Scaler Music have launched an up...
27/06/2025
K-Pop remains one of the biggest genres globally, and many fans just can't get enough of it. That's why Spotify has launched a new series of K-Pop perf...
27/06/2025
In our latest blog post, Rafael Rivera highlights the rising threat of online scams, and the important role cybersecurity plays in protecting families across ge...
27/06/2025
From grounded realism to bending, impossible geometries
Klevgrand have announced the release of a new algorithmic reverb plug-in which they say deconstruct...
27/06/2025
Learn to use REW for room analysis
Acoustic treatment is one of the most important factors in any studio, and with the extensive range of products available...
27/06/2025
Second edition of parallel clipper plug-in announced
Soundtheory have announced the launch of Kraftur Focus, a new edition of their parallel clipper plug-in...
27/06/2025
Facebook
Twitter
LinkedIn
Thales, a global high-tech leader, and Kongsberg...
27/06/2025
Friday 27 June 2025
Combination of RTL Deutschland and Sky Deutschland (Germany, Austria, Switzerland) to create a unique proposition in entertainment, sports ...
26/06/2025
Bilbao Linz, June 26th 2025 - AgileTV, a European leader in TV and video technology solutions, has signed an agreement this week with the Austrian telco LIWES...
26/06/2025
aconnic AG (ISIN: DE000A0LBKW6), Munich, has resolved, based on the decisions ma...
26/06/2025
Three new entry-level models introduced
Catering to everything from casual listening to professional content creation, KRK's new Kreate Series monitors ...
26/06/2025
Registration closes on 8 July 2025
The deadline for entires into the fifth annual MIDI Innovation Awards is now just two weeks away. Product submissions are...
26/06/2025
Entire plug-in range updated
Waves have announced the launch of Waves V16, the latest version of their extensive plug-ins collection. Along with compatibili...
26/06/2025
Facebook
Twitter
LinkedIn
Madrid, June 26, 2025 - The European Space Agenc...
26/06/2025
UKTV and Talented People are delighted to announce the renewal of their successf...
26/06/2025
THE EXTRAORDINARY GENERAL MEETING OF MAGYAR TELEKOM DECIDES ON THE SEPARATION OF...
26/06/2025
Keeper Pictures, the Dublin-based scripted production company whose credits include The Gone and Striking Out, has optioned the exclusive TV adaptation rights t...
26/06/2025
This July, RT presents The Phone Box Babies, a documentary revealing new insigh...
25/06/2025
Last week, content creators from all over the world flocked to Anaheim for VidCon 2025, one of the largest creator conferences in the U.S. As an official sponso...
25/06/2025
eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({ content_source:......
25/06/2025
Sales proceeds from 25 - 26 June 2025 donated to Lambda Legal
Soundtoys have announced that 100% of all sales made on 25 and 26 June 2025 will be donated to...
25/06/2025
No Apollo or UAD hardware required
Universal Audio have announced that their software recreation of Dolby's renowned multiband enhancer - which was laun...
25/06/2025
Recreates AKGs sought-after C24
Warm Audio have announced the launch of a new stereo valve microphone that offers a modern take on AKG's sought-after C2...
25/06/2025
Save up to 50% on Kontakt instruments
Emergence Audio have announced that their Infinite Summer Sale promotion is now live, with savings of up to 50% applie...
25/06/2025
Rohde & Schwarz selected by Collins Aerospace to upgrade oceanic communications ...
25/06/2025
Arqiva will engage with fellow members to explore the latest developments in sensor innovation, environmental monitoring and data analytics
Arqiva is proud to ...
25/06/2025
Continuing its commitment to creating technology that enriches users' lives while helping them stay safe online and protect their privacy, Apple today share...
25/06/2025
Apple Sports - the free app for iPhone that gives sports fans access to real-time scores, stats, and more, delivered with speed and simplicity - today added ten...
25/06/2025
RT has confirmed its Monday night television series, Upfront with Katie Hannon has come to an end and will not be returning in September following three season...
24/06/2025
Have you got what it takes to be Thomson's Young Journalist of the Year 2025? If youre a journalist aged 30 or under, this is your moment. Entries are now o...
24/06/2025
Last week, Spotify returned to the Croisette for our 11th year at the Cannes Lio...
24/06/2025
SGL Carbon is expanding its product portfolio with a new battery felt for redox flow batteries. The innovative electrode material, marketed under the name SIGRA...
24/06/2025
Argo M and ImPulseV took the audio lead, powering the live audio for the
AWS Cloud Sports Production and Esports Racing Challenge at NAB...
24/06/2025
Offers complete recall of all processing, routing, gain and pan settings
SSL have announced the launch of the Oracle, a fully analogue in-line mixing consol...
24/06/2025
The new gold standard for compact column PA
Developed with DJs, musicians, event managers and business users in mind, the latest iteration of HK Audio'...
24/06/2025
Aims to simplify FM synthesis
The last few releases from GForce have centred around their official partnership with Oberheim, offering authentic emulations ...
24/06/2025
Your End-To-End Music Production Suite
Discover SOS FOR ARTISTS: A Complete Platform for Modern Music Creators Designed to support independent artists, prod...
24/06/2025
Features 188 new sound sources
Sound-design specialists The Very Loud Indeed Co. have announced the launch of their latest expansion for Spectrasonics Omnis...
24/06/2025
Facebook
Twitter
LinkedIn
New capability gives instant visibility to detec...
24/06/2025
Facebook
Twitter
LinkedIn
First unified, single-pane-of-glass platform to ...
Facebook 
