New Page 1
IIS web application firewall, web application security, personal firewall, intrusion prevention, security data analytics   Home | News | Company | Contact   
 

>> In The News

 

>> Press Releases

 
September 15, 2008
Privacyware and SoftMail Announce Agreement to Deliver Web Application Security to Korea Market.
 
August 28, 2008
Privacyware and PC Stars Team to Deliver Web Application Security to China Corporate Market.
 
July 2, 2008
Privacyware Named to CRN Emerging Tech Vendors List.
 
June 24, 2008
Privacyware Enhances SQL Injection and XSS Defense with Updated IIS Web Application Firewall.
 
June 4, 2008
ThreatSentry
Receives Network Products Guide 2008 Product Innovation Award.
 
March 10, 2008
Privacyware Renews Gold Certified Status in Microsoft Partner Program.
 
December 4, 2007
Privacyware Releases Latest Threat Prevention Software for Vista PCs.
 
August 17, 2007
Privacyware Wins 2007 Tomorrow's Technology Today Award.
 
June 15, 2007
Privacyware Announces New AI-based Security Data and Log Analyzer.
 
February 21, 2007
Privacyware Attains Gold Certified Partner Status in Microsoft Partner Program.
 
January 31, 2007
Info Security Products Guide Honors Privacyware with “Hot Companies” Award 2007.

  >> News Archives

 

 

 


Privacyware Enhances SQL Injection and XSS Defense with Updated IIS Web Application Firewall


— Web Application Firewall and AI-based Behavioral Modeling/Analysis Delivers Broad IIS/SQL Defense and Reinforces PCI DSS Compliance —


RED BANK, NJ – June 24, 2008 – Privacyware (http://www.privacyware.com), an innovative provider of web application security, intrusion prevention and security data analytics software, today released the latest version of ThreatSentry, a software-based IIS Web Application Firewall and Intrusion Prevention solution. In response to customer and general market demand for more effective protection against Structured Query Language (SQL) Injection, cross-site scripting (XSS) and other web application and database related attacks, Privacyware has expanded ThreatSentry’s Parameter parsing and URL Query String inspection capabilities at the Web Application Firewall and behavioral analysis layers.

“In recent months, we’ve witnessed the attack landscape SQL injection exploits in particular expand exponentially”, said Privacyware CEO, Greg Salvato. “This problem is largely a result of the swift adoption of automated tools now in common use by hackers to rapidly identify vulnerable websites and servers. More urgent, however, is the evolving sophistication of the evasion techniques used which can render ineffective traditional rules-based (keyword and signature pattern-matching) technologies.”

An ISAPI filter hosted in MMC, ThreatSentry is comprised of a Web Application Firewall and behavior-based Intrusion prevention component founded on specialized artificial intelligence and machine learning technologies specifically designed to address internal and external unauthorized system access and cyber-criminal threats on Web servers utilizing Microsoft Internet Information Services (IIS). Since its introduction, IIS has grown in popularity and ranks as one of the most widely used platforms for enabling simple to sophisticated Web sites and Web-based applications. While it is well-regarded for its ease of use and range of features, it is frequently targeted by hackers due to a variety of server and database vulnerabilities and the inherently open nature of many Web applications – many of which manage sensitive information such as credit card numbers, passwords, or other private data.

“In response the alarming rise in frequency of SQL-based attacks, we’ve expanded ThreatSentry’s Parameter parsing and URL Query String inspection capabilities at the Web Application Firewall layer,” said Privacyware CTO, Konstantin Malkov. “In addition, we’ve enhanced ThreatSentry’s cognitive components, which are capable of detecting similarities to known malicious patterns or revealing behavioral deviations among normal traffic, to deliver improved protection against known or new SQL Injection and other threats to the web infrastructure.”

The latest version of ThreatSentry detects and blocks known and new attacks and unwanted web application traffic and also helps customers comply with section 6.6 of the Payment Card Industry Data Security Standard (PCI DSS). Other key ThreatSentry features include email alert notification, compliance and security reporting, centralized management for multiple servers and protection from an array of documented exploitive techniques including SQL Injection, Directory Traversal, Cross-site scripting, Parameter Manipulation, Buffer Overflow, Denial of Service, and other exploitive techniques.

ThreatSentry is available for purchase or 30-day trial download via the Privacyware web site: www.privacyware.com or through an authorized Privacyware reseller. ThreatSentry pricing starts at $649 per server and supports Microsoft Windows Server 2000/2003 and Internet Information Services (IIS) 5.0/6.0. To locate a reseller, please visit Privacyware at http://www.privacyware.com/sales.html or call 732-212-8110 x235.


About Privacyware
Privacyware (www.privacyware.com) is an innovative provider of web application security, intrusion prevention and security data analytics software. Privacyware security data analytics products help enterprise security and compliance personnel overcome the increasingly critical challenge of security data overload, better understand the environments for which they are responsible and more effectively identify and comprehend malicious, unauthorized and/or deviant activity. Privacyware web application security and desktop defense offerings increase the level of protection from new and known malware, intrusions and other threats to individual, small business and large enterprise computing environments. Privacyware is a Microsoft Gold Certified Partner.

CONTACT: Gregory Salvato - Privacyware, (732)-212-8110, x235. sales@privacyware.com


Privacyware, Adaptive Security Analyzer, ThreatSentry, Endpoint Security Console, Privatefirewall and Dynamic Security Agent are registered trademarks of Privacyware/PWI, Inc. in the United States and other countries. All other trademarks mentioned are the property of their respective owners.


 

 

 

©1999-2008 PWI, Inc. All rights reserved. Privacy policy


personal firewall, intrusion prevention, security information management