NEW ALBANY, OH, September 3, 2014 – Privacyware,
developer of the leading software–based Web Application
Firewall and Host IPS for Microsoft Internet Information
Services (IIS), announced today an update to its
ThreatSentry Web Application Firewall and Intrusion
Prevention solution. The new release features enhanced
protection from SQL Injection attacks, improved system
performance and expanded database and configuration
Privacyware Enhances SQL Injection Attack Defense with Latest Release of ThreatSentry Web Application Firewall
"The combined impact of the most recent
series of hacker-related data breaches, affecting
consumers of product and services ranging from banking
to healthcare. utilities, groceries, restaurants and
more makes clear the urgency for stronger, more flexible
web application and database security capabilities,"
said Greg Salvato, CEO of Privacyware. "The product
enhancements provided in our latest ThreatSentry Web
Application Firewall enable our customers to design and
employ multi-layered security policies that deliver
deep, proactive protection at the moment of attack or
any suspicious behavior."
ThreatSentry is the
leading software–based Web Application Firewall and Host
IPS for Microsoft Internet Information Services (IIS).
Utilizing three distinct and fully integrated Web
application security technologies, ThreatSentry
identifies and blocks web application threats such as
Structured Query Language (SQL) Injection, DDoS, Cross
Site Request Forgery (CSRF/XSRF), Cross-Site Scripting
(XSS) and other types of attacks. ThreatSentry defense
capabilities are based on the OWASP Top Ten Project and
helps system administrators comply with regulatory
demands such as Section 6.6 of the Payment Card Industry
Data Security Standard (PCI DSS).
The new release
offers the following key new features and enhancements:
Performance and Stability:
multi-threaded components for IIS6 and later to address
race and other related conditions.
- Optimized NDIS
driver (port/network-level firewall) communication.
Added Boost (C++ libraries) to improve internal
processing of RegEx-based request filtering.
Security and Defense:
- Enhanced filter options for
large request parameters.
- Expanded/tuned default
rule set specifically to reinforce protection against
SQL Injection attacks.
Added support for MySQL open source database (community
and commercial editions).
- Enhanced support for
remote SQL Server on Azure.
Added “Redirect Blocked Requests to” url/page option.
- Added IP Address notification exclusion option.
Added task bar notification to display ThreatSentry
operating issues, i.e. service stopped, license
expire/fail, SAL size, SQL server issues, etc.
Enhanced central management options.
delivers proactive defense to secure IIS and prevents
attacks from exploiting web application vulnerabilities
through a complementary set of integrated components.
- State-of-the-art Web Application Firewall:
Provides configurable rules-based control over
HTTP/HTTPS request methods (OPTIONS, GET, POST, HEAD),
URL Query String length, Parameters, and
HTTP Request Headers, rule-specific URL/s exclusion
capabilities, URI Encoding support, Regular Expression
support for parameter rules/filtering, etc.
Fully integrated Firewall: Proprietary NDIS driver
delivers flexible network IP blocking (featuring white
list, black list and duration control) at TCP/IP and UDP
layers for all ports.
- Behavior-based Intrusion
Prevention: Adaptive, behavior-based engine (with
sensitivity control) analyzes Web traffic patterns to
detect new threats and behavioral anomalies and
- AntiDos/DDoS: onfigurable request
frequency monitor blocks successive requests to
individual or all site pages to reduce the risk of DoS
and DDoS attacks.
Pricing and Availability
available for purchase or 30-day trial download via the
Privacyware web site:
or through business partners worldwide. Starting at just
$649 per server, ThreatSentry is priced to maximize
constrained IT budgets and supports Microsoft Windows
Server 2012/R2, 2008/R2, 2003, 2000 and Internet
Information Services (IIS) versions 8/8.5, 7, 6, and 5.
For more information, including special plans for data
centers and Web hosting providers, please contact
Privacyware directly or visit us online.
develops the leading
software–based Web Application Firewall and Host IPS for
Microsoft Internet Information Services (IIS).
Privacyware products leverage conventional and advanced
analytics technologies to help systems administrators,
IT security and compliance personnel more effectively
identify, understand and prevent malicious, unauthorized
and/or deviant computing system activity. Privacyware is
a member of the Microsoft Partner Network with Silver
OEM and Application Development competencies.
Privacyware and ThreatSentry are registered
trademarks of PWI, Inc. All other registered or
unregistered trademarks are the sole property of their
respective owners. ©2014 PWI, Inc. All rights reserved.