|
Download AppShield's Product Datasheet [PDF format].
Secured Environment for Apps
- AppShield ensures that users follow the application logic.
- Applications protected with AppShield do not need to be built to cope with application hacking.
- Secured applications can safely assume that:
- Selections are always within a legal range (hyperlinks, form options, etc.)
- Read-only client-side data remains unmodified (hidden field, cookies, etc.)
- Free-format input is bound to be valid (text fields, password fields, etc.)
Automatic Application Security- No modification required to secure applications, as protection is provided during run-time, both to internally developed code, as well as third-party products (web servers, etc.)
- Policy Recognition Engine (patent-pending) dynamically recognizes the application-security policy by analyzing the outbound HTML pages on the fly
- Adaptive Reduction Technology (patent-pending) enforces users' HTTP requests to conform to the dynamic security policy
- Formal Verification, typically used in military-grade software, was used during AppShield design to provide unparalleled security
Preventing Application Hacking- Here are a few samples of common hacking techniques addressed by AppShield:
- Buffer overflow attacks
- Modification of hidden fields
- Manipulation of CGI parameters
- cookie poisoning
- Utilizing server-side include
- Activating debug options
- Third-party infrastructure vulnerabilities (web servers, application servers, etc)
- Third-party code vulnerabilities (CGIs, shopping carts, etc.)
- Sending invalid input within a text field to activate shell commands, run illegal SQL query, etc.
- And many more...
Deployment - Installed between web servers and routers.
- Acts as a proxy for HTTP and HTTPS
- Runs on top of NT and Solaris.
- Supports three different deployment options:
- Web Server Version runs on each web server
- Stand Alone Version runs on a dedicated computer
Performance and Scalability- Millions of hits per day.
- Less than 20ms latency.
- Unlimited concurrent users.
- Scales up using SMP and/or multiple copies.
Interoperability- Any web servers (Netscape,
IIS, ...)
- Any web browser (Netscape, Internet Explorer, ... )
- Any load Balancer (Cisco, Resonate, ...)
- Any application Server (Sun, Oracle, ...)
- Any web Statistics utility (WebTrends, ...)
- SSL
Installation and Management- Installation consists mostly of defining the starting URLs.
- Swift installation
- Centralized management
- Java-based console
- Detailed application-level logging
- SNMP compliant
- Sophisticated alert mechanism
A complete, AppShield installs in minutes.
Download AppShield's Product Datasheet [PDF format]
|
