Filed under: Uncategorized
We have been mentioning a new Web app firewall since this spring at TechEd, and we are happy to announce that the new ServerDefender Artificial Intelligence (or ServerDefender AI for short) Web application firewall for Microsoft IIS Web servers (and the app layer) is ready for your review at our site!
Building on the security layers of defense from ServerMask and LinkDeny, ServerDefender AI offers solid attack signatures from SANS, OWASP and our own research to protect against the myriad attacks we have all come to know and loath like SQL injection, buffer overflows, cross-site scripting (XSS) and request forgery (CSRF), directory traversal, zero-day, brute force, dictionary, denial of service and others (here is our new Port80 review of Web app attacks and countermeasures). ServerDefender AI then employs a learning Web app firewall that maps your normal traffic and then begins to use this data to detect and block anomalies. You can get involved in this training process or set the AI to train without your supervision. This Web app firewall not only protects IIS, but your app server layer(s) like .NET, .asp, .php, .cfm, Java server pages, etc. — and of course your database’s precious gems as well.
Other key features include request throttling (controlling frequency of requests to a given page to block bots and other attacks), network-layer IP blocking (threats never even get to IIS), threat management options (a configurable framework to customize Web app sec), notification alert management (get paged, texted or even stop IIS in the event of an attack), detailed logging (you will be surprised how many hacker requests your site is getting right now), and much more.
We kept the price low for a Web app firewall that works at $649.95 per IIS instance, and this is a first tool from Port80 Software to offer centralized deployment (install/activate) and management from a single console. Server Defender AI will even stop IIS in a very bad hack attempt (based on your preferences). Check out ServerDefender AI today, and let us know what you like and what we can change to make this security solution more robust.
At the same time, we are working on a sister Web app firewall, ServerDefender Vulnerability Protection (VP), that will focus on input sanitization and attack vectors like error information leakage — adding effective Web app security with less frills than ServerDefender AI, but at a lower price (we are targeting $349.95/server for ServerDefender VP).
We appreciate your interest and feedback on ServerDefender AI and IIS security. Let’s make it a bad day for hackers, indeed.
P.S. We also have a current promotion ($600 down from $850) on the ServerMask ip100 security appliances for intrusion defense and anti-reconnaissance. Check out this deal for better network-edge defense that works in tandem with Port80 origin server security tools (and your existing hardware firewall and IPS solutions)!