This article covers how to connect Imperva Web Application Firewall (WAF) to Expel Workbench.

Quick Links

Step 1: Create an Expel SOC Account in the Imperva Cloud Security Console

  1. Log into your Imperva Cloud Security Console as an Administrator.

  2. Navigate to Account > Account Management.

    Screenshot_2023-07-24_at_10_45_10_PM.png
  3. On the left side, click Users.

    Screenshot_2023-07-24_at_10_45_19_PM.png
  4. Click Add User, then fill out the Name and Email for the Expel SOC Account.

    Use “soc+<Your Organization Name>@expel.io”.

    Assign the Reader role to the account, then click Save.

    Screenshot_2023-07-24_at_10_45_27_PM.png

Step 2: Generate an API Key for the Expel SOC User

  1. Click the new user you just created, a Settings menu will appear on the right.

    Click the API keys drop-down, then click Add API key.

    Screenshot_2023-07-24_at_10_45_38_PM.png
  2. Add a Name and Description for the API Key.

  3. Select the Never expire option.

  4. Move the Status slider to Enabled, then click Save.

    Screenshot_2023-07-24_at_10_45_47_PM.png
  5. Your API ID and API Key will show on the screen. Copy and store the API ID and API Key to a secure location. Be sure to do this as this is the ONLY time these values are shown.

    Screenshot_2023-07-24_at_10_45_59_PM.png

Step 3: Add Imperva as a Security Device in Workbench

  1. Log in to Workbench.
  2. In the side menu, navigate to Organization Settings > Security Devices.
  3. Select Add Security Device.
  4. In the search box, type “Imperva” and then select the Imperva integration.
  5. A configuration pane displays. Complete the fields as follows:
    1. Name - enter a name that might help you more easily identify this integration, such as “CompanyName Imperva WAF”; this name will display in Workbench under the Name column, and is a text string that you can filter on.
    2. Location - enter the location of your integration, for example, “cloud.” This is also a text string that you can filter on, so we recommend being consistent with location naming across your Expel integrations.
    3. Connection Settings - provide the appropriate information:
      • Expel Imperva API ID - enter the API ID you generated in Step 2.5.
      • API key for Expel Imperva email - enter the API key you generated in Step 2.5.
  6. Select Save.
  7. Your device should be created successfully within a few seconds.

    You can see if the device is healthy on the Security Devices page in Workbench. It may take a few minutes to see the device listed as healthy.

Step 4: Edit the Device to Add Console Access