| |
DragonSoft offers first low cost IIS web application firewall DragonWAF 2010 in English, Traditional Chinese and Simplified Chinese versions. The official version is released on Jan. 1, 2010, there are free trial versions available on the DragonSoft website for downloading.
70% of world’s top 100 websites face info-sec threats and legal issues unstoppable by firewalls
According to info-sec expert studies, 70% of the world’s top 100 websites contain malicious links that re-direct visitors to malicious websites, let alone ordinary individual and small business websites. There is not one single Web Application Firewall(WAF) product catered for them in the market, it is estimated at least 2 million websites face serious info-sec threats that could lead to unbearable legal issues.
Famous websites have major concerns on OWASP Top 10 web vulnerability when they tackle web application development, they are aware of the importance of firewalls, most webmasters are able to deploy firewalls in place on their own, but what they do not realize is that conventional firewalls only protect layer 2 and layer 3 of the network communication protocol. The latest cyber attacks (SQL Injection, cross-site scripting) intrude web application directly. International Gartner Research Institute indicated that 75 percents of the website attacks are targeted at web applications that conventional firewalls cannot protect. Individual and small business websites become vulnerable targets to hackers and become the stepping stone to more website attacks. Furthermore, PCI-DSS 6.6 recommends adoption of WAF practice to bridge the last mile gap between web application code review with total web security if they are to deal with customers’ confidential business transactions.
Although webmasters are aware of the importance of WAF, existing WAF products in the market are made for corporate customers that are too expensive to acquire for small scale website owners. To increase the security of those small scale website owners, DragonSoft introduces an easy-to-install, affordable WAF product to this segment. DragonWAF is selling at USD 99 during promotion period, and customers can get corporate level web application security at affordable anti-virus price. DragonWAF offers multi-intellectual website protections, working jointly with conventional firewalls, the individual and small business websites are protected effectively against malicious codes, website defacement, customer data leaks, following by immense legal responsibilities.
Excellent protection features on DragonWAF 2010
The signature-based DragonWAF activates defense mechanism when IIS server is under attack. It records all attack patterns using intellectual filtration techniques, webmasters are able to add more filtration strings by themselves, and customize warning messages. The multiple graphic reports facilitate log management, making optimal security control an easy task. DragonWAF 2010 is capable of blocking any SQL Injection target at database (Oracle, MySQL…). DragonSoft offers an online updater and updates the database constantly.
DragonWAF 2010 effectively prevents 18 common web application attack methods:
1. SQL Injection
2. Server-Side Include
3. Directory Indexing
4. Path Traversal
5. Cross-Site Scripting
6. Buffer Overflow
7. LDAP Injection
8. Phishing
9. HTTP Response Splitting
10. Content Spoofing
11. Predictable Resource Location
12. Denial of Service
13. Application Fingerprinting
14. Insufficient Session Expiration
15. Session Fixation
16. Web Server Fingerprinting
17. Abuse of Functionality (emails, spiders, data theft)
18. Command Injection
Free DragonWAF 2010 Basic Edition website:
http://www.dragonsoft.com/FreeTool/WAF/validation.php
DragonSoft Official Website: http://www.dragonsoft.com
|
