NSFOCUS Introduces Comprehensive Web Application Security Solution
January 24, 2017
NSFOCUS Web Application Firewall and Web Vulnerability Scanning System identify vulnerabilities to enable smart patching and ensure protection against web attacks, data breaches and downtime
Santa Clara, Calif., January 24, 2017 – Complex attacks on web-based applications are on the rise, accounting for approximately 40 percent of all data breaches in 2016. To combat this growing threat, NSFOCUS, an intelligent hybrid security solutions provider, today introduced its Web Application Security solution – to ensure enterprises are equipped with the most comprehensive application-layer protection against web attacks that can result in data breaches.
The NSFOCUS Web Application Security solution combines industry-leading Web Application Firewall (WAF) technology to prevent attacks and protect web applications, with proactive vulnerability assessment via its Web Vulnerability Scanning System (WVSS) and real-time global threat intelligence. The WAF and WVSS products are available separately and offered as an integrated system, working together to continuously identify application vulnerabilities, and implement protections in real-time. Each product can be deployed either on-premises or in the cloud.
“As organizations rely more heavily on critical web-based applications and continue to migrate valuable and sensitive data to the cloud, the number of security risks they face continues to grow exponentially; and as we saw in 2016, a frightening number of these attacks are aimed at the application layer,” said Allan Thompson, COO of NSFOCUS. “Web application attacks are relentless, and unfortunately, hackers understand many companies are woefully unprepared to address this risk; which is why it has quickly become the number one attack vector. This is where NSFOCUS can help – our fully integrated Web Application Security solution proactively identifies vulnerabilities and automatically mitigates by way of WAF smart patching.”
NSFOCUS WVSS protects websites by identifying vulnerabilities in web applications that can be exploited by hackers. Following identification, it provides the WAF with actionable analysis and reporting, including a remediation plan to improve the overall security of the website.
Through seamless integration with the WVSS, the WAF automatically generates and applies smart patches according to the data it receives from the scanning reports. These protections are often deployed even before vendor-supplied patching is complete. It is through this approach that NSFOCUS can provide full protection for critical web servers and applications against the top 10 threats identified by the Open Web Application Security Project (OWASP) and Web Application Security Consortium (WASC).
NSFOCUS WVSS key features and benefits:
- Efficient and Stable Scanning: Easily scans over 100,000 pages per day by leveraging next-gen technology such as intelligent page crawling, proxy caching, URL-level load balancing and more.
- Closed-Loop Management: The findings of WVSS can be fed into the WAF to generate a “smart patch” to provide closed–loop detection and defense for websites. This closed-loop system ensures the best and most timely protection possible; further reducing operational expenses.
- Virtualized Deployment: Offers flexible implementations and can be installed on-premises as a network appliance or delivered as a cloud service to support a wide range of compliance and security requirements.
NSFOCUS WAF key features and benefits:
- Prevents Theft of Critical Data: Offers a complete set of signatures for web vulnerabilities and the ability to detect unauthorized file uploads. WAF enforces access control policies from layer 4 though 7 to prevent non-authorized access. During an attack, the WAF also provides outbound data leakage detection.
- Ensures Website Availability: Provides a built-in anti-DDoS module to protect against TCP flood attacks, HTTP/S GET/POST flood attacks and slow rate attacks up to 1 Gbps. Coupled with the NSFOCUS ADS anti-DDoS product line, higher rates of DDoS attacks can be thwarted.
- Meets Compliance with PCI DSS: Compiles reports for PCI audits as well as suggestions for policy tuning and configuration to help ensure compliance with PCI-DSS 3.2 and beyond.
To learn more about the NSFOCUS Web Application Security solution visit:
About NSFOCUS IB
NSFOCUS IB is a wholly owned subsidiary of NSFOCUS, an award-winning enterprise application and network security provider, with operations in the Americas, Europe, the Middle East and Asia Pacific. NSFOCUS IB has a proven track record of combatting the increasingly complex cyber threat landscape through the construction and implementation of multi-layered defense systems. The company’s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide unified, dynamic protection from advanced cyber threats.
NSFOCUS has sixteen years of success and experience working with Fortune 500 companies, including four of the world’s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS IB has technology and channel partners in more than 60 countries, and is a winner of the Microsoft Bug Bounty Program for 4 consecutive years, a member of the Microsoft Active Protections Program (MAPP), StopBadware.org, and the Cloud Security Alliance (CSA).
Enterprise- and carrier-grade products undergo rigorous evaluation and testing to Veracode VL4 and ISO 27001 certification, delivering powerful and effective threat management combined with advanced data analytics and intrusion prevention and detection capabilities.
A research arm, the NSFOCUS Security Labs, is a renowned technical research center that tracks and analyzes global intelligence while identifying new network vulnerabilities and security trends.
Visit NSFOCUS: www.nsfocusglobal.com
Read the blog: http://staging.nsfocusglobal.com/category/blog/
Follow on Twitter: https://twitter.com/NSFOCUS_Intl
Follow on LinkedIn: https://www.linkedin.com/company/nsfocus
Follow on Facebook: https://www.facebook.com/nsfocus/
NSFOCUS; NSFOCUS, INC. and NSFOCUS Anti-DDoS System (ADS) are trademarks or registered trademarks of NSFOCUS, Inc. All other names and trademarks are property of their respective firms.