Privacyware Enhances Web Application Security and Eases Solution Deployment with Updated IIS Web Application Firewall

Summary: Privacyware released the latest version of its award-winning IIS Web Application Firewall - ThreatSentry. The product update adds native module architecture for IIS 7, enhanced database support, expanded filtering capabilities and domain-specific configuration options.

NEW ALBANY, OH, January 24, 2012 – Privacyware, an innovative provider of pc security, web application firewall and security data analytics software, today announced the availability of the latest update of its award-winning IIS Web Application Firewall and Intrusion Prevention solution, ThreatSentry. The product update adds native module architecture for IIS 7, enhanced database support, expanded filtering capabilities and domain-specific configuration options.

ThreatSentry identifies and blocks web application threats such as Structured Query Language (SQL) Injection, DDoS, Cross Site Request Forgery (CSRF/XSRF), Cross-Site Scripting (XSS) and other types of attacks and helps system administrators comply with regulatory demands such as Section 6.6 of the Payment Card Industry Data Security Standard (PCI DSS). ThreatSentry’s core defense modules are augmented by an integrated driver-level firewall that delivers full port blocking of untrusted IP Address and a behavior-based Intrusion prevention component that profiles typical request activity and can detect unusual events and patterns indicative of zero-day and targeted attacks. ThreatSentry supports Windows Server 2008/R2, 2003 and 2000 and IIS 7.x (native IIS7 module), 6 (ISAPI Extension) and 5 (ISAPI Filter) on 32 and 64 bit systems. ThreatSentry was recently awarded the 2011 Golden Bridge Award for Innovation in Information Technology in the Web Application Firewall Category.

The ThreatSentry software update offers significant enhancements that ease deployment and improve implementation. Key highlights of the new release include:

- Converted ISAPI filter and extension based architecture to a native IIS7 module to reduce errors and streamline the deployment process for administrators.

- Added support for multiple ThreatSentry installations on a single SQL instance to enhance solution deployment flexibility.

- Added domain-specific URL Exclusion options to improve control over request filtering.

“ThreatSentry’s enhanced web server request filtering capabilities enable administrators to better target malicious traffic and reduce the risk of web server breach,” said Privacyware CEO Greg Salvato. “Beyond the improved web security benefit, this update also delivers significant efficiencies through new or expanded deployment and maintenance options. This software release exemplifies our ongoing commitment to delivering consistently improved Web Application Firewall technology to our compliance and system administrator clientele.”

ThreatSentry delivers proactive, multi-layered defense for IIS and prevents attacks from exploiting web application vulnerabilities through a complementary set of integrated components.

- State-of-the-art Web Application Firewall: Provides configurable rules-based control over HTTP/HTTPS request methods (OPTIONS, GET, POST, HEAD), URL Paths, URL Query String length, and HTTP Request Headers, rule-specific URL/s exclusion capabilities, URI Encoding support, Regular Expression support for parameter rules/filtering, etc.

- Fully integrated Firewall: Proprietary NDIS driver delivers flexible network IP blocking (featuring white list, black list and duration control) at TCP/IP and UDP layers for all ports.

- Behavior-based Intrusion Prevention: Adaptive, behavior-based engine (with sensitivity control) analyzes Web traffic patterns to detect new threats and behavioral anomalies and deviations.

- Anti-DoS/DDoS: Configurable request frequency monitor blocks successive requests to individual or all site pages to reduce the risk of DoS and DDoS attacks.

Pricing and Availability
ThreatSentry is available for purchase or 30-day trial download via the Privacyware web site: www.privacyware.com or through business partners worldwide. Starting at just $649 per server, ThreatSentry is priced to maximize constrained IT budgets and supports Microsoft Windows Server 2008/R2, 2003, 2000 and Internet Information Services (IIS) 7/7.x, 6, and 5. For more information, including special plans for data centers and Web hosting providers, please contact Privacyware directly or visit us online.

About Privacyware
Privacyware (www.privacyware.com) is an innovative provider of award-winning pc security, web application firewall and security data analytics software. Privacyware products leverage conventional and advanced analytics technologies to help systems administrators, IT security and compliance personnel more effectively identify, understand and prevent malicious, unauthorized and/or deviant computing system activity. Privacyware is a member of the Microsoft Partner Network with Gold Independent Software Vendor (ISV), Silver Business Intelligence and Data Platform Competencies.

Privacyware and ThreatSentry, Privatefirewall, and Adaptive Security Analyzer are registered trademark of PWI, Inc. All other registered or unregistered trademarks are the sole property of their respective owners. ©2012 PWI, Inc. All rights reserved.