Security Intelligence Overview

2021 — 2025

Bad Bot Traffic

37%

↑ 9.3pts since 2021

Industry avg: 30%

API Traffic Share

71%

of all web traffic

Up from 54% in 2021

Data Breaches

49%

↑ 28pts YoY

Highest since 2020

API Losses (US)

$23B

annual estimate

Source: Imperva 2025

Internet Traffic Composition (2021–2024)

Source: 2025 Imperva Bad Bot Report

Security Posture Indicators

Orgs Experiencing Cyberattacks85.1%

Believe Threats Increasing93%

Failed Compliance Audit43%

Planning to Increase Security Budget90%+

Experienced Ransomware Attack22%

Source: CyberThreat Defense Report & Thales Data Threat Report

Global Economic Impact

$186B

Annual cost of API & Bot attacks globally

40,000+

API incidents observed (H1 2025)

4.7M RPS

Largest app-layer DDoS (H1 2024)

Live Threat Intelligence

REAL-TIME

Lab Defense Radar

LIVE FROM thlab.studio

Connecting to Imperva Cloud WAF...

Total Threats Blocked

—

Human Visits

—

Bot Visits

—

WAF Status

—

www.thlab.studio

Threat Distribution

Traffic Pattern (Human vs Bot)

WAF Threat Breakdown

Threat Type	Incidents	Action	Status

Source: Imperva Cloud WAF · Site: www.thlab.studio · Auto-refresh: 5 min

WAF Security Configuration

MCP INTEGRATION

Querying WAF config via MCP...

get_sites Protected Sites

get_policies WAF Security Policies

get_rules Custom Security Rules

Rule	Filter	Override	Status

MCP Response (Sanitized)

Source: Imperva Cloud WAF MCP Server · Protocol: Model Context Protocol · Values: Masked

💬

Ask Cloud WAF

NATURAL LANGUAGE

Click a question or type your own — powered by Imperva Cloud WAF MCP Server

MCP

Connected to Imperva Cloud WAF MCP Server. Ready to query your WAF configuration.

Open Source Intelligence

OSINT

Open-Source Threat Intelligence

COMMUNITY FEEDS

Fetching live threat data...

Malware URLs

—

Online Threats

—

Weekly CVEs

—

Last Updated

—

CVE Severity Distribution

Source: NIST NVD (last 7 days)

Hourly Malware Activity

Submissions per hour (last 24h)

Recent Malware URLs

Time	Domain	Threat	Tags	Status

Recent CVEs

CVE ID	Severity	Description

OWASP Security Standards

Frameworks

OWASP Top 10 — 2021

Most critical web application security risks

owasp.org

A01Broken Access Control

A02Cryptographic Failures

A03Injection

A04Insecure Design

A05Security Misconfiguration

A06Vulnerable and Outdated Components

A07Identification and Authentication Failures

A08Software and Data Integrity Failures

A09Security Logging and Monitoring Failures

A10Server-Side Request Forgery (SSRF)

OWASP API Security Top 10 — 2023

API-specific security risks

owasp.org

API1Broken Object Level Authorization (BOLA)

API2Broken Authentication

API3Broken Object Property Level Authorization

API4Unrestricted Resource Consumption

API5Broken Function Level Authorization (BFLA)

API6Unrestricted Access to Sensitive Business Flows

API7Server-Side Request Forgery (SSRF)

API8Security Misconfiguration

API9Improper Inventory Management

API10Unsafe Consumption of APIs

OWASP Automated Threats to Web Applications

21 bot-driven attack categories

owasp.org

OAT-001Carding

OAT-002Token Cracking

OAT-003Ad Fraud

OAT-004Fingerprinting

OAT-005Scalping

OAT-006Expediting

OAT-007Credential Cracking

OAT-008Credential Stuffing

OAT-009CAPTCHA Defeat

OAT-010Card Cracking

OAT-011Scraping

OAT-012Cashing Out

OAT-013Sniping

OAT-014Vulnerability Scanning

OAT-015Denial of Service

OAT-016Skewing

OAT-017Spamming

OAT-018Footprinting

OAT-019Account Creation

OAT-020Account Aggregation

OAT-021Denial of Inventory

OWASP Top 10 for LLM Applications — 2025

Large Language Model security risks

owasp.org

LLM01Prompt Injection

LLM02Sensitive Information Disclosure

LLM03Supply Chain Vulnerabilities

LLM04Data and Model Poisoning

LLM05Improper Output Handling

LLM06Excessive Agency

LLM07System Prompt Leakage

LLM08Vector and Embedding Weaknesses

LLM09Misinformation

LLM10Unbounded Consumption

CRITICAL

Step 0 / 0

Attack Flow IDLE