Skip to main content

Impart Resources

Product

Impart Product Update - Nov 2025

We’ve delivered a major round of upgrades across the Impart platform, introducing new AI Bot/MCP and LLM Protection dashboards, a refreshed and more intuitive App Experience, a high-performance Inspector v0.42.0 release, expanded Inspector Metrics for deeper operational visibility, and new SQLi and XSS version control, allowing teams to choose between Detection Version 1, Version 2, or always use the latest release. These updates make it easier than ever to understand AI-driven traffic, configure protections with clarity, manage detection behavior with precision, monitor system performance, and optimize your entire Impart deployment.

Read More
This is some text inside of a div block.
OWASP Deep Dive

What Your WAF Misses: Denial of Inventory

OWASP OAT-021 Denial of Inventory bots hold carts, seats, and reservations without ever buying. WAFs can't see the pattern. Here's why, and what closes the enforcement gap.

Read More
This is some text inside of a div block.
Blog

The LLM API Endpoint Is Your New Perimeter. Protect It Like One.

Security engineering teams have spent years hardening application APIs. Auth tokens, rate limits, input validation; the fundamentals are well understood. But when you place an LLM behind that same API surface, the threat model changes in ways standard application security controls weren't built to handle. The endpoint doesn't just serve data anymore. It executes intent.

Read More
This is some text inside of a div block.
News

How Attackers Are Using AI to Outpace Defenses (Video)

Read More
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Events

GPSec

Atlanta, GA

June 25, 2026

Register
In Person

AI Agent Security vs. AI Agent Protection

The AI security market is moving fast to respond to predictions that over 40% of enterprise applications will have embedded AI agents by the end of 2026. Every vendor is packaging their answer under the label "AI agent security." The problem is that "AI agent security" means something different depending on who's selling it. This post defines what each layer does, where each one runs out of road, and why the architecture needs both.

Read More
This is some text inside of a div block.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Filters

Clear all
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

What Your WAF Misses: Card Cracking

Card cracking bots enumerate CVV codes through your payment flow, and your WAF can't see the processor response that makes the pattern legible. Here's what changes when enforcement moves inside the request path.

Read More
Impart Security
4.2.2026
Blog
OWASP Deep Dive

What Your WAF Misses: Scalping

OAT-005 Scalping bots don't trip WAF rules because every request is individually valid. The attack lives in session behavior. Here's what detection and enforcement look like from inside the application.

Read More
Impart Security
3.19.2026
Blog

What Your WAF Misses: Carding

Carding tests thousands of stolen credit cards against your payment flow. Learn why WAFs struggle to stop it and why detection must move into the request path.

Read More
Impart Security
3.5.2026
Blog

What Your WAF Misses: Credential Stuffing

Most teams detect credential stuffing but can't enforce against it. Here's why WAF rules fail and what changes when detection moves inline.

Read More
Impart Security
2.18.2026
Blog
Announcement

Programmable Bot Protection: See What Bots You'd Block Before You Block It

Most security teams detect threats but never block them. Impart's Programmable Bot Protection brings runtime detection and enforcement together, inside the application.

Read More
Impart Security
2.13.2026
Blog

The Security Priorities That Actually Matter in 2026

Read More
Jonathan DiVincenzo
1.8.2026
Blog
API Security Guide

Guide To API Security Best Practices

Learn how to protect customer data and improve security posture with 8 essential API security best practices.

9.1.2023
Read More
API Security Guide

API Security Monitoring

Understand the best practices for monitoring your API, as well as some key features to look for when evaluating an API monitoring solution.

3.18.2024
Read More
API Security Guide

API Attacks

Learn how API attacks, such as Broken Object Level Authorization, can lead to unauthorized access to confidential data and how to protect against them.

3.18.2024
Read More
API Security Guide

API Gateway Security

Learn how to secure your API gateway with 8 best practices, from authenticating users to rate limiting and hardening your apps.

3.18.2024
Read More
API Security Guide

API Authentication Security Best Practices

Learn how to implement robust API authentication security measures with best practices and example solutions.

3.18.2024
Read More
API Security Guide

API Pentesting Methodology

Learn how to scope an API, address the top five attacks, and report and retest vulnerabilities during API penetration testing.

3.18.2024
Read More
API Security Guide

API Discovery

Learn how to discover, document, and manage APIs for organization owners and developers with this article on API discovery best practices.

3.18.2024
Read More
API Security Guide

OWASP Top 10 API

Learn how to prevent API security breaches with OWASP API Security Top 10 and implementing best practices for attack prevention.

3.18.2024
Read More
API Security Guide

Secure API Development

Explore a detailed guide to API development with security at its core, covering the entire SDLC. Gain insights into best practices and practical tips for comprehensive API protection.

3.18.2024
Read More
API Security Guide

API Security Solutions

Learn how to select a robust API security solution with features, best practices, and guidelines to ensure secure data exchange.

3.20.2024
Read More
API Security Guide

API Security Testing

Learn how to evaluate the security of an API and prevent common threats and vulnerabilities with twelve essential API security testing best practices.

5.28.2024
Read More
API Security Guide

API Security Tools

Learn how to use API security tools for offensive and defensive strategies, such as OWASP ZAP, Burp Suite, ffuf, Kiterunner, Postman, Swagger, and Im

5.28.2024
Read More
API Security Strategy Guide

API Security Strategy

Learn how to establish a comprehensive API security strategy, implement defense-in-depth, integrate security into development, and leverage advanced technologies for protection from API attacks.

Read More
4.29.2024
API Security Strategy Guide

API Security Tools

Learn about the importance of API security and the must-have features to consider when choosing an API security platform to safeguard against cyber attacks.

Read More
4.30.2024
API Security Strategy Guide

API Security Checklist

Learn how implementing robust authentication, data encryption, input validation, rate limiting, logging and monitoring, API documentation and versioning, and security testing can protect your APIs from cybercriminals.

Read More
4.30.2024
API Security Strategy Guide

How to Secure API

Learn 8 essential strategies for ensuring the security of your APIs, including adhering to the OWASP Top 10 API Checklist and implementing strong authentication mechanisms and continuous security monitoring.

Read More
4.30.2024
Events

GPSec

Atlanta, GA

June 25, 2026

Register
In Person
6.25.2026
Events

Blackhat

Las Vegas, NV

August 4, 2026

Register
In Person
8.4.2026
Events

OWASP Global AppSec USA

San Francisco, CA

November 2, 2026

Register
In Person
11.2.2026