Web application security appliance delivers real-time, continuous protection for production web applications

CARLSBAD, Calif., August 1, 2007 – Breach Security, Inc., the leader in web application security, today announced a new addition to its popular ModSecurity Pro web application firewall appliances product line with the launch of the ModSecurity Pro M1100. This new appliance offers immediate protection for production applications against targeted attacks with plug-andplay installation and enhanced rule sets. The M1100 includes the mature, proven open source ModSecurity software, which is the most deployed web application firewall available today with more than 10,000 deployments worldwide.

Undetected by network security solutions, a successful hacker can manipulate a web application to steal the information behind it with minimal effort. Safeguards to reduce these attacks, such as secure coding initiatives, vulnerability scanning and penetration testing, are necessary, but have significant limitations. They are costly and do not provide a true security assessment of the web application in a live, real-time production environment.

Providing out-of-the-box security for web applications, the ModSecurity Pro M1100 features prepackaged rule sets that prevent information leakage and assist organizations with compliance efforts such as the Payment Card Industry Security Standards Council Data Security Standard (PCI DSS). The standard sets a deadline of June 2008 for any organization gathering or storing credit card numbers to implement regular code scans or deploy a web application firewall.

Individual rule sets can be applied on a per-web application basis for more customized protection. Included rule sets address:

• Information leakage protection;
• Automated detection of malicious activity;
• Payment Card Industry Data Security Standard (PCI DSS) compliance;
• Open Web Application Security Project (OWASP) Top 10 vulnerabilities;
• Platform-specific protection for Apache™, IIS, PHP, ASP, ASP .NET, and others;
• Anti-virus protection for file uploads through integration with Clam AV™

Key ModSecurity Pro M1100 product features include:

• Multiple web server protection. The ModSecurity Pro M1100 can be deployed as a transparent proxy or reverse proxy in front of multiple web servers to insulate web applications from a broad range of security vulnerabilities. In this deployment mode, the M1100 monitors traffic and performs a wide set of checks for web application attacks and reacts in real time. • Ease of deployment. When installed using a transparent bridge, the appliance does not require a network reconfiguration for deployment.
• Intuitive, web-based management interface. Delivers alerting, event analysis, and reporting capabilities in an easy-to-use remote console for event viewing and sensor configuration.
• Does not present a point of failure. Protects the flow of mission-critical web traffic in the event of a power or hardware failure with its embedded bypass card that enables the device to fail open.
• High availability option. For organizations supporting strict web application security requirements, a high availability option is available. This option includes a second M1100 that would take over security operations should the primary appliance fail.

The M1100 includes the open source ModSecurity software, a highly flexible web application firewall that can be used for a wide range of functions including web application monitoring, web intrusion detection and prevention, as well as “just in time” patching of known vulnerabilities.

“Organizations are under constant pressure to safeguard customer information and meet compliance standards. The ModSecurity Pro web application firewalls offer affordable, proven security that is easy to deploy and reliable, ” said Marc Shinbrood, chief executive officer, Breach Security, Inc. “Our web application firewalls go beyond what secure coding and scanning can offer because our security is effective 24-hours a day, 365 days a year. We provide continuous, real-time detection and blocking of attacks and data leakage.”

For organizations with broad ModSecurity deployments, the ModSecurity Management Appliance supports multiple remote sensors. The appliance is built upon a reliable, highperformance framework that can securely collect log and alert data for events from up to 50 opensource and commercial sensors in real time.

This support provides administrators with a single source for web application security information so they can remediate issues immediately.