Security software for Developers Web Application Firewall - WAF
Web Application Firewall - WAF
|
Download Data Sheet: WAF_ENG Innovae works with Web Application Firewall (WAF) of Imperva (Secure Sphere)
Imperva Web Application Firewall Security Console for Web Applications 
Imperva Secure Sphere is the best Web Application Firewall on the market with: - Protection as required with multiple layers of defense - Implemented transparently in any context - Automatic management with automatic dynamic profiling
Drivers - PCI DSS prescribes security standards for web applications. In accordance with best practice, PCI DSS 6 defines the security requirements of web applications. - A new level of security is required: 1• Traditional Firewalls only detect network attacks 2• The IPSs/firewall NG only detect known signatures 3• The Web Application Firewalls on their own detect attacks to the application. - Two problems, two solutions: • Protect the web applications • Understand the application logic: URLs, fields, cookies, Javascript • Apply virtual patching to websites • Evaluate the user's reputation • Use signatures for known attacks • Offer security to the local network • Identify applications • Control user access
Security for web applications - Multiple layers of protection: • Protocol validation: Detect violations of the HTTP protocol • Signatures of attacks: Identify known attacks -+ 6.500 signatures updated weekly • Application profiling: Detect abnormal use of the application • Prevent data leakage: Avoid the escape of sensitive information • ThreatRadar: block malicious users before they can attack - Dynamic application profiling: - Traceabilty of the application user: SecureSphere takes note, dynamically, of • URLs of login • Userid and password • Successful and failed Logins
When a user logs in to a web application, SecureSphere links the UserId to the session • SecureSphere can monitor and block by UserId, not only by IP. - ThreatRadar: Security based on reputability
• Automates against big-scale automated attacks
• Updates defenses continuously
• Provides protection against phishing and offers forensic capabilities
- ThreatRadar in action
- Centre of defense for applications:
- World leader in security for web applications:
• SecureSphere provides:
1- Multiple layers of defense
2- Correlated validation of attacks
3- Clear and detailed security alerts
• For complete protection with laser-like precision against attacks on applications.
Secure Web Development
- Imperva Security and Web Development
Lifecycle Web development software
- Virtual patching reduces the window of exposure:
a) Reduces attempts to exploit known vulnerabilities
b) Reduces the exposure window while the patches are thoroughly tested and implemented
SecureSphere dynamically learns · Login URLs · Username and password · Successful and failed logins  When a user log into a Web application, SecureSphere links the username to the session · SecureSphere can monitor and block per user, not just IP.
- ThreatRadar: Reputation-Based Security · Protection Automate large-scale automated attacks · Update defenses continuously · Provides protection against phishing and forensic capacity
- ThreatRadar in Action:
• SecureSphere provides: 1 - Multiple layers of defense 2 - Validation of attacks correlated 3 - Security Alerts detailed and clear • For complete protection against attacks precision laser applications.
Secure Web Development - Imperva Security and Web Development Lifecycle Web development software  - The virtual patch reduces the window of exposure: a) Reduces attempts to exploit known vulnerabilities b) Reduces the exposure window while the patches are thoroughly tested and implemented 
|
|
|
Para más información pulse aquí |
|
