Skip to content

Products -->-->

ServerDefender VP provides a complete Web Application Security Life Cycle (WASLC) management tool for your Windows Web Server. Granular and intuitive control of security policies for proper assessment, adjustment and deployment of your Web security policies. SDVP is better equipped to handle the advanced security threats that exist on the web, and is built to handle both known and unknown threats.

ServerDefender AI leverages your existing IIS Web Server resources to stop unauthorized access and loss of data; protecting application source code and database layers from malicious attack. SDAI's age and lack of continued development make it incapable of handling more advanced threats, additionally the product is signature based, making it less capable of blocking new zero day threats.
OWASP Top 10 2013 SDVP SDAI
Cross Site Scripting (XSS) X X
Insecure direct object reference X
Injection Flaws (esp. SQL Injection) X X
Cross Site Request Forgery (CSRF) X  
Information Leakage, Improper Error Handling X  
Broken Authentication, Session Management X  
Failure to Restrict URL Access (Broken Access Control) X X
OWASP Top 10 2007 SDVP SDAI
Cross Site Scripting (XSS) X X
Injection Flaws (esp. SQL Injection) X X
Cross Site Request Forgery (CSRF) X  
Information Leakage, Improper Error Handling X  
Broken Authentication, Session Management X  
Failure to Restrict URL Access (Broken Access Control) X X
OWASP Top 10 2004 SDVP SDAI
Unvalidated Input X X
Buffer Overflow X X
Application Denial of Service X X
PCI DSS SDVP SDAI
Logging X X
Notifications X X
Negative Securtiy Model X X
Positive Security Model X  
Inspect HTTP headers and entities X X
Inspect data sent via SSL / TLS X X
Web Application Security Consortium WAFEC SDVP SDAI
HTTP request blocking X X
IP address blocking X X
Protocol validation X X
Protocol restrictions / limits X X
File transfers X  
Normalization X X
Response filtering X  
Brute Force Mitigation (error rate throttling/blocking) X  
Brute Force Mitigation (sessions) X  
Brute Force Mitigation (request frequency) X X
Cookie Tampering Protection X  
Additional Features SDVP SDAI
Log/Alert Only Mode X X
Per Site configuration X  
Granular configuration (per input field) X  
SDVP
ServerDefender VP
Advanced Web Application Firewall

  • Actively developed. Detailed product roadmap.
  • Premium PCI compliant Web application firewall
  • Advanced protection against attacks such as SQL injection, cross-site scripting (XSS), and more
  • Intuitive user-interface for easy configuration
  • Advanced zero-day protection
  • Anti-hijacking control with hardened sessions
  • User input validation and sanitization
  • Advanced Bot detection and control
  • IP Blocking controls
  • Multiple configurable alerting options; including email, SNMP, syslog
  • Detailed daily reports via Web and Email
  • LogViewer with highly detailed searchable and filterable security logs
  • No training or signatures required
  • Multiple configuration wizards to aid with proper set-up and deployment

SDAI
ServerDefender AI
Basic Web Application Firewall
  • Discontinued 2012
  • PCI compliant Web application firewall
  • Protection against common attacks such as SQL injection, cross-site scripting (XSS), & more
  • User input validation and sanitization
  • Request forgery control
  • IP Blocking controls
  • Multiple configurable alerting options; including email
  • Web based reporting and log files
  • Detailed security logs
  • Optional AI based behavioral engine with training mode for signature discovery
Port80 Software stands behind our products 100%. Given the nature of Web server utilities, various environments and third party applications may cause new and unforeseen conflicts. Therefore, Port80 pledges to work with you to ensure our products run in all testing and production environments - if you work with us, we will work with you to make your IIS Web server safer, faster and friendlier.