Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Web application protection

Privacyware : 25 June, 2008  (New Product)
ThreatSentry provides firewall and intrusion detection for IIS web applications
Privacyware has released the latest version of ThreatSentry, a software-based IIS Web Application Firewall and Intrusion Prevention solution. In response to customer and general market demand for more effective protection against Structured Query Language (SQL) Injection, cross-site scripting (XSS) and other web application and database related attacks, Privacyware has expanded ThreatSentry's Parameter parsing and URL Query String inspection capabilities at the Web Application Firewall and behavioral analysis layers.

"In recent months, we've witnessed the attack landscape — SQL injection exploits in particular — expand exponentially", said Privacyware CEO, Greg Salvato. "This problem is largely a result of the swift adoption of automated tools now in common use by hackers to rapidly identify vulnerable websites and servers. More urgent, however, is the evolving sophistication of the evasion techniques used which can render ineffective traditional rules-based (keyword and signature pattern-matching) technologies."

An ISAPI filter hosted in MMC, ThreatSentry is comprised of a Web Application Firewall and behavior-based Intrusion prevention component founded on specialized artificial intelligence and machine learning technologies specifically designed to address internal and external unauthorized system access and cyber-criminal threats on Web servers utilizing Microsoft Internet Information Services (IIS). Since its introduction, IIS has grown in popularity and ranks as one of the most widely used platforms for enabling simple to sophisticated Web sites and Web-based applications. While it is well-regarded for its ease of use and range of features, it is frequently targeted by hackers due to a variety of server and database vulnerabilities and the inherently open nature of many Web applications - many of which manage sensitive information such as credit card numbers, passwords, or other private data.

"In response the alarming rise in frequency of SQL-based attacks, we've expanded ThreatSentry's Parameter parsing and URL Query String inspection capabilities at the Web Application Firewall layer," said Privacyware CTO, Konstantin Malkov. "In addition, we've enhanced ThreatSentry's cognitive components, which are capable of detecting similarities to known malicious patterns or revealing behavioral deviations among normal traffic, to deliver improved protection against known or new SQL Injection and other threats to the web infrastructure."

The latest version of ThreatSentry detects and blocks known and new attacks and unwanted web application traffic and also helps customers comply with section 6.6 of the Payment Card Industry Data Security Standard (PCI DSS). Other key ThreatSentry features include email alert notification, compliance and security reporting, centralized management for multiple servers and protection from an array of documented exploitive techniques including SQL Injection, Directory Traversal, Cross-site scripting, Parameter Manipulation, Buffer Overflow, Denial of Service, and other exploitive techniques.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo