Posts

Apr 08, 2026 WAFHTTP Request SmugglingProtocol EnforcementImpervaHoneypotBlue Team

Content-Length: 33 — What a Real HTTP Request Smuggling Probe Looks Like

The Alert That Made Me Look Twice Running Imperva WAF Gateway in front of this lab, I started seeing repeated violations under the Illegal Content-Length policy — an HTTP protocol compliance check that flags requests where the Content-Length header is malformed, contradictory, or structurally anomalous. What caught my eye wasn’t the volume. It was the consistency: every single one carried a Content-Length of exactly 33 bytes. That’s not noise. That’s a fingerprint.

Read post →

Mar 15, 2026 WAFMITRE ATT&CKZero TrustFederal

Mapping Imperva WAF Gateway to MITRE ATT&CK — What It Actually Defends

Most WAF discussions stay at layer 7. Here’s a tighter mapping of what WAF Gateway actually covers in ATT&CK terms — and where the gaps are.

Read post →

Mar 08, 2026 API SecurityFISMAFederalZero Trust

API Shadow Risk in Federal Environments — What FISMA Auditors Are Starting to Ask About

Shadow APIs are the new shadow IT. Federal agencies are carrying undocumented API surface they can’t see, can’t inventory, and can’t control — and auditors are catching on.

Read post →

Jan 20, 2024 MITRE ATT&CKD3FENDNIST 800-53Zero TrustFederal

ATT&CK → D3FEND → NIST 800-53 Mapper

Interactive reference tool for security architects — browse the full ATT&CK matrix, see D3FEND countermeasures, and map to NIST 800-53 Rev 5 controls.

Read post →