Skip to content
Brief
Incapsula was rebranded to Imperva (Jan 2014)— see Imperva for current status.
Incapsula

Incapsula

Cybersecurityimperva.com

Incapsula provided enterprise-grade web application security and DDoS protection through a globally distributed cloud platform, enabling organizations to defend against sophisticated threats without on-premise hardware.

Last updated Jul 3, 2026 by ATDb automated enrichment · Connections updated Jul 6, 2026

Founded
2009
HQ
Redwood Shores, California, United States
Connections
10

At a glance

Employees
201-500
Funding
$48M
6integrations3competitors

About

Incapsula was a leading cloud-based WAF and DDoS protection provider before being absorbed into Imperva's unified platform, where its technology continues to underpin Imperva's Application Security offerings.

Incapsula was founded in 2009 as a cloud-based security service offering web application firewall (WAF), DDoS mitigation, content delivery network (CDN), and bot management capabilities. The platform was designed to protect websites and web applications from a wide range of cyber threats, including SQL injection, cross-site scripting, and volumetric DDoS attacks, all delivered through a globally distributed network of scrubbing centers and points of presence. Incapsula quickly gained recognition for making enterprise-grade security accessible to businesses of all sizes through a SaaS delivery model.

Business model

SaaS

Target market

Enterprise

What they offer

  • Web Application Firewall (WAF)

    Cloud-based WAF protecting against OWASP Top 10 threats including SQL injection and XSS.

  • DDoS Protection

    Volumetric and application-layer DDoS mitigation delivered via a global scrubbing network.

  • CDN

    Content delivery network for performance acceleration alongside security.

  • Bot Management

    Detection and mitigation of malicious bot traffic to protect web resources.

  • Load Balancing

    Global server load balancing to optimize availability and performance.

Key features

Cloud-based WAF with OWASP Top 10 coverageAlways-on DDoS mitigation with global scrubbing centersIntegrated CDN for performance and securityAdvanced bot detection and managementSSL/TLS offloading and managementReal-time traffic analytics and dashboardsAPI security protectionIP reputation and threat intelligence feeds

Use cases

Protecting e-commerce sites from application-layer attacksMitigating large-scale DDoS attacks on financial servicesSecuring APIs from automated abuse and scrapingAccelerating web performance while enforcing security policiesProtecting SaaS platforms from bot-driven credential stuffing

Customer segments

Enterprise organizationsFinancial servicesE-commerce and retailMedia and publishingSaaS providersGovernment and public sector

Tech & specs

Technology stack

Globally distributed cloud infrastructureAnycast network routingMachine learning-based threat detectionBGP routing for DDoS scrubbingSSL/TLS terminationThreat intelligence and IP reputation databases

Security & compliance

SOC 2PCI DSSGDPRISO 27001HIPAA

Deployment

Cloud

API

Yes

Explore further

2 views