Pitch Deck

Jane Doe
Chief Slide Officer
Aug 04, 2022

Proprietary and confidential. Do not distribute. 1

DDoS Challenges

60% 91%
of all security incidents are denial of of orgs have experienced downtime
service 1 from DDoS2

$
1 million+
55% The hourly cost of downtime for
of DDoS targets hit more than once3 44% of firms4

1. Verizon Data Breach Investigation Report 2. 215th Annual Worldwide Infrastructure Security Report (WISR) 3. Imperva Global DDoS Threat Landscape Report, Q2 2022 4. Information Technology Intelligence Corp ITIC 2021
Global Server Hardware, Server OS Reliability Report 2021 (ITIC).

Proprietary and confidential. Do not distribute. 2

 DDoS attacks hit the headlines

Proprietary and confidential. Do not distribute.

Attacks increasing in
number and in force
+12%

3.9M
RPS
+87%

856K
690K
RPS
RPS

Proprietary and confidential. Do not distribute.

DDoS Equates to Lost Business
Decreased Brand Value
Broken SLAs, stock price Journal of INFORMATION SECURITY AND CYBERCRIMES RESEARCH, 2019

Impacted Performance
Threat to consistent, reliable web presence

Higher costs
Paying for attack traffic

Proprietary and confidential. Do not distribute. 6

Protecting data
and all paths to it.
Network Security Application Security Data Security
Ensure performance and data Prevent data skimming, compromise, and Analyze all data access to stop
delivery to customers lateral movement insider threats

Proprietary and confidential. Do not distribute. 8

Imperva DDoS Protection Portfolio
DDoS Protection DDoS Protection
for Websites for Networks

● Part of Imperva’s Cloud WaaP ● Part of Imperva’s Network Security

● Applications protection ● Networks, subnets, IP protection
● Integrated with WAF, CDN, Bot, DNS, and API ● Any infrastructure asset:
Security Email/ File/ Web/ Gaming/ VoIP servers
● Network / Protocol attacks (Layer 3/4)

● Always-on ● Always-on, On-demand, Contingency

Proprietary and confidential. Do not distribute. 9

DDoS Protection for Websites
Layers Application Security, Performance & Delivery Engines
Cloud

Bad Bot Advanced

DDoS Bot API Load
CDN Protection Protection Security WAF Balancing

ATO

ATO
User

Web Application
or API

Hacker

Proprietary and confidential. Do not distribute. 10

Imperva Global Network
50 Global scrubbing centers as
close to the bad traffic as possible

Millions
of applications and IPs
protected

1.03 Trillion
requests analyzed

3,500,000
bad requests
blocked/minute

Proprietary and confidential. Do not distribute. 11

 DDoS Protection Across the Imperva Network

Millions 3-sec mitigation SLA

of apps & IPs protected

Websites 100% uptime SLA

365 days / year 10 Tbps / 65 billion PPS

Networks
we see attacks on our network
50+ global scrubbing centers

Proprietary and confidential. Do not distribute. 12

 The Best DDoS Mitigation in the Industry

Accurate Fast Full-managed Highly Visible

Single stack Global mesh Zero-touch Instant notifications

SD-SOC Fully 3 second SLA Self-adaptive Network traffic and
automated Application analytics
Advanced edge All new attack vectors
Crowdsourced routing SIEM integration
reputation intelligence
Performance
Monitoring*

* DDoS Protection for Networks

Proprietary and confidential. Do not distribute. 13

The right defense against any DDoS attack

Network/Volumetric (Layer 3&4) Proprietary Behemoth Devices

Regularly as big as 1 Tbps
Saturate network bandwidth
Requires: high capacity automated network

Application (Layer 7)
Impersonate human behavior
Application awareness Cloud WAF
Bring application servers down
Virtual patching Progressive challenges
Requires: advanced traffic classification
Detection & classification Custom rules

Proprietary and confidential. Do not distribute. 14

 The Imperva Difference
Imperva DDoS Protection Others

Accurate Single stack cloud architecture Disjointed DDoS, WAF, bot mitigation

Fastest Time-to-Mitigation 3-second mitigation SLA for all attacks No mitigation SLA or 5-10 minutes

Software defined network with 9 Tbps and 65 Billion pps cloud Tied to specific scrubbing centers; reliance on hybrid failover
Highest Scrubbing Capacity scrubbing capacity

50 strategically located scrubbing centers for carrier-grade Only < 10-20 scrubbing centers max
Optimal Performance availability and optimal <50ms latency towards 95% of the
globe

Fully automated detection and mitigation via advanced rules and Require manual SOC intervention to profile new attacks and
Response Automation self-adaptive DDoS policy. deploy rules

Integrated Attack Analytics on L3 and L7 attacks, whether No or limited attack visibility

Visibility and Investigation DDoS or application

Proprietary and confidential. Do not distribute. 15

Imperva vs Basic ISP DDoS Protection

Prioritize your Fast Time To

infrastructure to stay Protect against Mitigation (TTM)
online when under protocol (PPS) and
attack other advanced attacks 3 Second SLA

Security specialists Consistent DDoS

with expertise in Protection across the
DDoS Mitigation globe

Proprietary and confidential. Do not distribute. 16

Analyst Recognition

Proprietary and confidential. Do not distribute.

 The Imperva Difference

“DDoS Protection with exceptional “Simple, Fast And Safe;

mitigation capabilities” Need Something More?”
Information Security Unit Head, Finance Industry Gerente Cumplimiento Seguridad TI, Finance Industry

“Best Cloud Security Product”

IT Platform, Government Industry “Easy To Deploy DDoS Service With
Instant Advanced Protection”
Cybersecurity Chief, Finance Industry
“Enterprise DDoS That Requires Less
Day To Day Intervention From
Operational Teams”
Security and Risk Management Head, Finance Industry

Proprietary and confidential. Do not distribute. 18

Global Threat Landscape
Imperva Research Labs

Attack Volume Analyzed

https://www.imperva.com/cyber-threat-index/

Proprietary and confidential. Do not distribute. 19

 “When a large attack happened over a holiday,
watching Imperva automatically handle it was a
giant sigh of relief for myself and our entire
executive team.”
Aaron Blakely
Digicert

Proprietary and confidential. Do not distribute.

DDoS Protection
for Networks
Proprietary and confidential. Do not distribute. 21
Imperva DDoS Protection Portfolio
DDoS Protection
for Networks

● Network Security
● Networks, subnets, IP protection
● Any infrastructure asset:
Email/ File/ Web/ Gaming/ VoIP servers
● Network / Protocol attacks (Layer 3/4)

● Available as Always-on, On-demand,

Contingency

Proprietary and confidential. Do not distribute. 22

DDoS Protection for Networks

Legit Traffic

1.2.3.0/24 BGP Announcement

Protected
Subnet

Imperva Network GRE Tunnel

Customer Customer
DDoS Router Infrastructure

Proprietary and confidential. Do not distribute. 23

DDoS Protection for Individual IPs

L3 / L4 Traffic

DDoS Imperva Network

Anycast Edge IP Origin Assets
GRE / IP in IP

PoP PoP PoP PoP IP @ IP @ IP @ IP @

Scrubbing Centers
Legit Traffic

Legit Traffic

Proprietary and confidential. Do not distribute. 24

Quick Onboarding
DNS Routing BGP Routing
Nothing on-prem

Simple configuration Legit Traffic DDoS Legit Traffic DDoS

ISP Imperva Network

Self-service
GRE Tunnel/
Operational Flexibility Layer 2 Connection

– Always On
– On-Demand Imperva Network Customer Router

Deployment Flexibility
– DNS Routing
Origin Server Customer Subnet
– BGP Routing

Proprietary and confidential. Do not distribute. 25

Performance Monitoring
DDoS Protection for Networks

Continuous visibility
of network connectivity
Providing insights
for troubleshooting and optimizing end
user experience

Proprietary and confidential. Do not distribute. 26

Contingency DDoS Protection

Ensures business continuity with a global and state-of-the-art network

1 infrastructure provider

Guarantees fast onboarding, seamless operation and industry leading

2 DDoS mitigation

Allows a flexible dual vendor strategy with networks operation shared

3 between providers

4 True peace of mind combined with an optimal TCO

Proprietary and confidential. Do not distribute. 27

How Contingency DDoS Protection works
DDoS PROTECTION

Outbound

Inbound

1.2.3.0/24
Protected Subnet

Primary/ GRE Tunnel Customer Router Customer Infrastructure

DDoS Competitor DDoS

GRE Tunnel

Netflow Data
Contingency DDoS

Proprietary and confidential. Do not distribute. 28

RedWolf Security
Threat simulation for Proof of Value

● Imperva Technology Partners

● Live Testing Tool for DDoS L3, L4, and L7

● Generates live DDoS traffic over the internet

● Showcases Imperva DDoS Protection in action

● Customers purchase a tried and tested solution

Proprietary and confidential. Do not distribute. 29

DDoS Protection for Networks Pricing
Available as Always-on or On-demand

Included in each package

○ 8 Network Prefixes (/24, Class C)

○ 8 Router connections (a minimum 2 per router is advised)

○ 4 Individual IPs

○ 100 Mbps Base Package

Proprietary and confidential. Do not distribute. 30

Direct Connect Options

Proprietary and confidential. Do not distribute. 31

Thank You

Proprietary and confidential. Do not distribute. 32