--- title: "Imperva WAF" slug: "imperva-waf-1" updated: 2023-10-30T11:03:39Z published: 2023-10-30T11:03:39Z --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.safe.security/llms.txt > Use this file to discover all available pages before exploring further. # Imperva WAF ## About this document --- This document describes the step-by-step procedure to configure Imperva WAF in SAFE. ## Introduction --- SAFE integrates with Imperva WAF, allowing you to assess the configuration of web applications protected by the Imperva WAF service. This integration checks for any misconfigurations in the WAF rules and includes them in the overall risk posture of the organization. The WAF controls in SAFE are included in different risk scenarios, such as DDoS, and having these controls in place can prevent certain types of cyber attacks. ## Prerequisites --- To configure Imperva in SAFE, you need the following details: - **API ID** and **API****Key**: You need the Imperva WAF API ID and API Key to configure it in SAFE. You need an Imperva Console Administrator role to create these connection details. ## Generate Connection Details --- Follow the below steps to generate the **API ID** and **API** **Key** from Imperva WAF. 1. Log in to your **Imperva Cloud Security Console**as**Admin**. 2. Click the account drop-down available at the top-right corner of the home page and click **Account Management**. ![IW1](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW1.png) 3. Click **Users** under **User Management** from the left navigation. 4. Click the **Add** **User** button available at the top-right corner of the screen. ![IW2](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW2.png) 5. Enter the **Name** and **Email**. 6. Assign the **Reader** **Role** to the user by selecting the “Assign a role” radio button and selecting **Reader** from the drop-down. ![IW3](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW3.png) 7. Click the **User** created on the **Users** **Page**. 8. In the right panel, click the **Actions** option and click the "**Set as API-only use"** option. ![IW4](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW4.png) 9. In the right panel, click the **API Keys** and then click the **Add** **API** **Key**. ![IW5](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW5.png) 10. Enter the **Name**, **Description**, and **API** **Key** **Expiry** time. 11. Enable the **Status** button. 12. Click the **Save** button to generate the API Key. The system displays the **API ID** and **API** **Key**. ![IW6](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW6.png) 13. **Copy** and **save** the **API ID** and the **API Key** to use while configuring Imperva WAF in SAFE. ![IW7](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW7.png) ## Configure Imperva WAF in SAFE --- 1. Navigate to **SAFE Hooks**. 2. Search and click the **Imperva WAF** card. 3. Enter the **Imperva API URL**. 4. Enter the **API ID** and **API** **Key**. 5. Select the **Auto-sync frequency**. 6. Click the **Test** **Connection** button. 7. Once the connection is verified, click the **Save** button to save the configuration. 8. Click the **Sync Now** button available at the bottom-right corner of the screen. ![IW8](https://cdn.document360.io/23dc20b8-a989-48c0-8653-f1d3e4abc734/Images/Documentation/IW8.png) ## View Result --- After a successful sync, the Imperva web application assets are automatically imported into SAFE. **View Assets** To view the assets pulled from Imperva: 1. Click the **See Updated Assets** button available at the top-right of the History table. 2. The system displays a filtered list of assets pulled from Imperva WAF. **View Findings** To view the findings: NoteTo view findings related to assets, they should be assigned to at least one group and its associated risk scenarios. The Findings view on the Risk Scenario page will present the findings list along with their respective details. 1. Navigate to the Risk Scenario created for the Imperva WAF assets. 2. Scroll down to the Findings section. Here you can see the finding details of the Imperva WAF assets.