We’re excited to announce the launch of Upload Scan and Control, an essential new feature for Imperva Cloud WAF. This add-on tackles one of the most critical vulnerabilities facing web applications today—insecure file uploads—offering protection with scalability, simplicity, and enterprise-grade control.

Why Secure File Upload Protection Is Critical for Modern Web Applications

File upload functionality is now a staple in web applications; from job portals accepting résumés to customer support platforms collecting documents.

Unfortunately, attackers exploit this functionality to inject malware, ransomware, and other malicious payloads into systems. This also can become the main source for remote code executions.

With Upload Scan and Control integrated into your Web Application Firewall (WAF), you’ll soon be able to enforce file size and type restrictions, blocking unauthorized or suspicious files before they enter your environment, ensuring your upload capabilities remain safe and compliant.

According to the OWASP Top Ten, insecure file uploads remain one of the most exploited web application vulnerabilities worldwide.

The Growing Risk of Malicious File Uploads

Across the Cloud WAF user base, we process over 20 million file uploads daily, with more than 800 customers across industries like finance, healthcare, retail, and government.

Cyber attackers are becoming more sophisticated and often target file uploads as an initial entry point. The earlier you can block malicious content, before it hits an endpoint or server, the greater your chances of preventing a breach entirely.

×

Apr 9 Upcoming Webinar

Stronger Together: Advanced Bot Protection + API Security = Superior Protection Against Automated API Abuse

Register Now

Why Network-Layer File Upload Security Beats Endpoint-Only Protection

Endpoint antivirus and EDR tools play a critical role in detection, but they typically act after malicious files land on your system. At this stage, it may already be too late. Investigations take longer, the damage may already be done, and attackers may have gained a foothold.

Upload Scan and Control stops threats at the edge, before files are saved or executed, enabling true prevention over delayed remediation before they even reach your network layer.

Advantages of Imperva Upload Scan and Control for Cloud WAF

Our new feature delivers several enterprise-grade benefits:

1. Full visibility across all upload points: Identify which applications allow file uploads and monitor activity from a single dashboard.
2. Instant, one-click activation: Protect all current and future apps automatically, eliminating developer integration work.
3. Scalable security for large enterprises: No additional requirements for app owners or developers to introduce additional integrations significantly reducing operational overheads.

Peace of Mind for Security Leaders and Compliance Teams

With Upload Scan and Control, enterprises can:

• Block threats at the edge before they reach your network.
• Trace file origins and identify the responsible user or IP.
• Maintain audit-ready compliance records (such as GDPR, CCPA, and HIPAA) without adding complexity to existing security stacks.

As cloud-native adoption accelerates and threat actors adapt, features like this are becoming essential to maintaining a secure, compliant perimeter.

Get Ready to Enable Upload Scan and Control

If you’re already using Imperva Cloud WAF today, check your Imperva console to see which apps you currently allow file uploads against and start protecting them today. Get in touch so you can activate Upload Scan and Control within your Cloud WAF environment or to schedule a demo, contact your Imperva account team.

The post Cloud Based WAF Upload Scan and Control: The New Standard for File Upload Security appeared first on Blog.

The surge in AI-driven traffic is transforming how websites manage their content. With AI bots and agents visiting sites at unprecedented rates (often scraping without permission, payment, or attribution) content owners face a critical challenge: how to protect their intellectual property while capitalizing on legitimate AI use cases.

Today, we’re excited to announce Imperva’s integration with TollBit, a groundbreaking solution that enables our Cloud Web Application Firewall (CWAF) customers to monetize traffic from AI bots and crawlers that would otherwise scrape their content without permission or compensation.

Meeting the AI Traffic Challenge

The traditional ad-supported and subscription-based content models are being disrupted by AI. This integration provides a new economic model where value flows fairly between content creators and AI developers, transforming unauthorized scraping into a sustainable revenue stream.

How Imperva and TollBit Work Together

The integration leverages Imperva’s industry-leading Web Application Firewall capabilities alongside TollBit’s analytics and monetization platform to create a comprehensive solution:

1. Detection & Enforcement: Imperva CWAF identifies AI bot traffic at the edge, providing the critical first layer of protection.
2. Intelligent Redirection: Using Imperva’s redirect rules, requests from AI bots are automatically redirected to a TollBit subdomain (e.g., tollbit.example.com), with CWAF returning an HTTP 302 response.
3. Payment Gateway: The TollBit subdomain returns an HTTP 402 response code (payment required), prompting AI bot operators to obtain valid TollBit tokens for authorized access.
4. Analytics & Insights: Through SIEM log integration, Imperva Access and Security logs flow to TollBit’s analytics engine, providing executives with clear, AI-specific analytics that show how bots are engaging with their content and the business impact of that traffic both within Tollbit and Imperva’s UMC.

Implementation Architecture

The integration requires a straightforward setup process:

• Onboard your domain to Imperva Cloud WAF
• Create a TollBit account and verify domain ownership via DNS TXT records
• Configure a TollBit subdomain with appropriate DNS NS records
• Create redirect rules in Imperva’s management console to route AI bot traffic
• Set up AWS S3 bucket integration for log processing and analytics

To ensure compatibility with TollBit’s requirements, an AWS Lambda function prefixes dates to Imperva log file names, enabling seamless ingestion into TollBit’s analytics platform.

A Shared Vision for Fair Compensation

This partnership represents a fundamental shift in how content owners approach AI traffic. Rather than simply blocking all bots or allowing unrestricted scraping, sites now have granular control to enforce access rules and pricing on their own terms.

Content owners deserve fair compensation for how their content powers the AI ecosystem. By combining Imperva’s security capabilities with TollBit’s monetization tools, we’re enabling the transition from unauthorized scraping to sustainable, licensed transactions.

What This Means for Imperva Customers

With this integration, Imperva CWAF customers gain:

• Robust protection against unauthorized AI scraping at the application layer
• Complete visibility into AI traffic patterns and behaviors through dedicated analytics
• Flexible control to decide which AI agents can access content and under what conditions
• New revenue streams that turn scraping attempts into legitimate, paid transactions

The agent economy is here, and autonomous AI visitors are becoming a permanent fixture of web traffic. With Imperva and TollBit, you can ensure these interactions happen on your terms—fairly, transparently, and profitably.

Get Started

If you’re an Imperva Cloud WAF customer and want to activate the integration:

• Create your own Tollbit account on the TollBit platform https://app.tollbit.com/sign-up.
• Create custom rules in the Imperva Cloud WAF platform as instructed in the TollBit Docs.

TollBit is free for publishers and websites so you can be up and running in no time.

Learn more about how Imperva’s integration with TollBit can help you protect and monetize your content in the AI era.

The post Imperva Partners with TollBit to Power AI Traffic Monetization for Content Owners appeared first on Blog.