Facebook
Twitter
LinkedIn
First unified, single-pane-of-glass platform to deliver real-time detection and mitigation of API threats, including Broken Object Level Authorization (BOLA) and other advanced business logic threats
Offers flexible deployment across cloud and on-premise environments, with a privacy-forward design to secure APIs at scale.
Thales Thales today announced new detection and response capabilities in the Imperva Application Security platform to protect against business logic attacks, such as Broken Object Level Authorization (BOLA) - the leading threat in the OWASP API Security Top 10. By integrating real-time detection with automated mitigation of risky APIs, BOLA attacks, unauthenticated APIs, and deprecated APIs, Imperva Application Security platform delivers comprehensive protection against unauthorized data exposure and other complex business logic vulnerabilities across cloud and on-premises environments.
APIs have become the backbone of modern applications, enabling businesses to seamlessly connect services, optimize operations, and deliver personalized experiences at scale. According to Imperva Threat Research, APIs accounted for 71% of all web traffic. More recently, the team observed a sharp rise in API-directed attacks, with 44% of advanced bot traffic targeting APIs, compared to just 10% targeting web applications. This shift underscores how attackers are increasingly exploiting API endpoints that manage sensitive and high-value data.
Why BOLA is a Critical Business Risk
BOLA occurs when APIs fail to properly verify whether users are authorized to access specific data objects. This allows attackers to manipulate requests and gain unauthorized access to sensitive information. As the leading OWASP Top 10 API threat, BOLA exposes businesses to significant risks, including data breaches, compliance failures, and loss of customer trust.
API security is no longer optional - it's fundamental to maintaining business continuity and trust, said Tim Chang, Global Vice President and General Manager of Application Security at Thales. Imperva Application Security bridges the gap by delivering a fully unified platform that identifies business logic threats and actively blocks malicious sessions, setting a new benchmark for API protection.
Empowering Enterprises with a Unified, Flexible, and Privacy-First Solution
Imperva Application Security integrates advanced threat detection engines with automated inline responses and flexible deployment options, enabling security teams to detect and respond to API attacks like BOLA without slowing development or disrupting the user experience. For customers who want to protect their API infrastructure, Imperva Application Security delivers the following benefits:
Unified Platform Architecture: Manage API discovery, risk assessment, detection, and mitigation in a single console, eliminating tool sprawl and operational friction across cloud and on-premises environments.
Real-Time BOLA Detection: Hybrid behavioral and rule-based engines analyze API request patterns, scoring anomalies, and flagging endpoints for immediate action.
Automated Response and Remediation: Integration with Imperva Cloud WAF and WAF Gateway enables a variety of response actions, including inline mitigation actions such as automatically blocking malicious API traffic in real-time. Integration with security automation tools ensures rapid incident orchestration.
Advancing the Imperva Security Anywhere Vision
The integration of API detection and response into Imperva Application Security is foundational to the Imperva Security Anywhere vision, which provides scalable, end-to-end protection for applications and APIs across any environment. This unified solution provides enterprises with a comprehensive view of automated threats targeting APIs and the necessary tools to protect those APIs.
Detection and response to deprecated APIs, unauthenticated APIs, and BOLA attacks are now available as part of Imperva Application Security.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.
The Group invests more than 4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of 20.6 billion.
Contact
Thales Media Relations
Contact our Media Relations team
30 Jun 2025
Thales Alenia Space to develop SOLiS very-high-throughput laser communications demonstrator
Read more
30 Jun 2025
Thales 2025 Global Cloud Security Study Reveals Organizations Struggle to Secure Expanding, AI-Driven Cloud Environments
Read more
27 Jun 2025
Thales and KONGSBERG to establish new major Defence communications joint venture in Norway
Read more
Most recent headlines
05/01/2027
Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...
06/09/2026
June 9 2026, 23:00 (PDT) Dolby and MagentaTV Bring Fans Closer to the FIFA Worl...
04/08/2026
Dalet, a leading technology and service provider for media-rich organizations, t...
04/07/2026
April 7 2026, 19:00 (PDT) Detective Conan: Fallen Angel of the Highway Opens in...
15/06/2026
Detach from Direct-Attached: How Remote Editing with EVO Keeps Creative Teams Mo...
14/06/2026
Library captures 1960s R&B/pop drum sound
Following on from their recent wave of plug-in effects, Iconic Instruments have just launched an all-new virtual d...
14/06/2026
HBO Comedy Rooster Shot with URSA Cine 17K 65
Brie Clayton June 14, 2026
0 Comments
Large format brings viewers intimately close to characters.
Black...
13/06/2026
Latest expansion pack includes 252 presets
Devious Machines have recently introduced another expansion for their powerful multi-effects plug-in, Infiltrator...
13/06/2026
Create custom DAW/plug-in controllers using prompts
MetaGrid have recently introduced an all-new AI Builder function to their touchscreen-based control surf...
13/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
13/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
YES Network and The Gotham Sports App will air seven Athletes Unlimited Softball...
12/06/2026
The United Football League will host its FAST Innovation Suite at the 2026 United Bowl presented by Credit One Bank on Saturday, June 13 at 3:00 p.m. ET at Audi...
12/06/2026
PTZOptics and LayerJot will present live demonstrations at InfoComm 2026 showing how natural-language AI prompting, robotic camera control, and on-device comput...
12/06/2026
MultiDyne Video and Fiber Optic Systems will exhibit at InfoComm 2026, featuring...
12/06/2026
Ateme has announced that Eurovision Services is using Ateme's software-based frame-rate conversion technology for international live event workflows. The de...
12/06/2026
Bitmovin and Simplestream have announced a partnership with Xperi to simplify the launch of OTT streaming services on TiVo OS smart TVs and devices. The collabo...
12/06/2026
Net Insight has announced that a multinational technology company is deploying a...
12/06/2026
MLB Players Inc., the business arm of the MLB Players Association, has announced a partnership with Athletes First to develop and sell brand partnerships across...
12/06/2026
Guntermann and Drunck (G&D) and VuWall have announced the CommandKeyboard-Advanc...
12/06/2026
Comcast Smart Solutions announces a new smart technology deployment with Major L...
12/06/2026
Elevation Worship completed the initial leg of its Elevation Nights 2026 tour ...
12/06/2026
AJA Video Systems has announced KONA IP25 support for Colorfront Transkoder and ...
12/06/2026
Audinate Group Limited (ASX: AD8) will exhibit at InfoComm 2026 (Booth C7321, Ce...
12/06/2026
Pac-12 Commissioner Teresa Gould has announced the appointment of Scott Adametz as Chief Technology Officer. The Pac-12 describes the hire as the first CTO appo...
12/06/2026
Grass Valley has announced AMPP Edge Live, a production system combining Grass Valley hardware, NVIDIA Blackwell GPU acceleration, and AMPP OS in a single platf...
12/06/2026
At one time a trailblazer with the launch of the Longhorn Network, the Universit...
12/06/2026
Ratings Roundup is a rundown of recent rating news and is derived from press rel...
12/06/2026
Chyron has announced PAINT 10.4, an update to its illustrated replay and sports ...
12/06/2026
SVP, Production, Mark Gross: With the new schedule, with not having every Sunday night, it has given us an opportunity to take a step back and reimagine what o...
12/06/2026
For Televisa Technical Engineering Manager Roberto N nez Ibarra and the small team of 12 technicians and two production personnel at the IBC things are already ...
12/06/2026
Simple Steps to Better Acoustics - Taming The Small Room
Most of us mix in spare rooms and small spaces, where the acoustics fight us at every turn. At Gear...
12/06/2026
Latest addition expands vintage-inspired effects palette
Meris' Ottobit pedal range draws its inspiration from vintage gaming consoles, and the latest a...
12/06/2026
Soundbox-based chamber strings series expanded
Sonora Cinematic have just announced the launch of the second instalment in their Soundbox-based chamber stri...
12/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
AJA Announces KONA IP25 Integration with Colorfront Software
Brie Clayton June 12, 2026
0 Comments
Collaboration enables uncompressed SMPTE ST 2110 I/O ...
12/06/2026
URSA Cine 12K LF Used to Create Visuals for STUTS' K-Arena Concert
Brie Clayton June 12, 2026
0 Comments
Organic visuals projected on a giant scre...
12/06/2026
MTI FILM Acquires Mango New Edit, Expanding its Global Post-Production Services ...
12/06/2026
AI Point Tracking Speeds Up Complex VFX Tracks in Mocha Pro
Jessie Electa Petrov June 12, 2026
0 Comments
The 2026.5 release adds automatic point trac...
12/06/2026
Bitmovin, a provider of video streaming solutions, has partnered with Simplestream, a provider of OTT and broadcast solutions, and technology provider Xperi, to...
12/06/2026
Leostream Corporation, creator of the world-leading Leostream Remote Desktop Access Platform, today announced Jigsaw24, a leading B2B IT solutions provider wit...
12/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
12/06/2026
How Aussie indie games and screen are levelling up with IP 11 June 2026
Ari Harrison, Pro Jank Footy
Head of Games Joey Egger and Ari Harrison of Umbrella sha...
12/06/2026
AgentPerf from Artificial Analysis, the industry's first agentic AI benchmark, gives developers, enterprises and infrastructure providers a clear way to com...
Facebook 
