Business Editors/High-Tech Writers
SANTA CLARA, Calif.--(BUSINESS WIRE)--Jan. 13, 2003
Open Web Application Security Project (OWASP) Exposes Critical
Threats Not Detected by Network Level Security Systems
Stratum8 Networks, the company that secures Web-based systems from application level attacks, announced that its Application Protection System (APS)-100 addresses each of the "Top 10" web application vulnerabilities defined today by the Open Web Application Security Project (OWASP). The OWASP Top 10 List was compiled by leading application security experts to expose vulnerabilities that require immediate remediation by government agencies and enterprises which have connected sensitive applications to the Internet. The full list -- including a description of each vulnerability, assessment techniques, and how to protect applications -- is available at www.owasp.org. Stratum8 is a sponsor of OWASP, which is an Open Source community project staffed entirely by volunteers from around the world.
The Stratum8 APS-100 uses a dynamic learning engine and behavior blocking technology to secure web applications from virtually all vulnerabilities including those in the OWASP Top 10 vulnerability areas. By learning what constitutes acceptable application behavior and blocking all other behaviors, the APS-100 protects against known and undocumented application level attacks without relying on signatures. The APS-100's positive security model also prevents false positives and eliminates the need for manual configuration. As a result, customers deploying the APS-100 have been able to eliminate many security administration tasks and lower their IT operating costs.
"The OWASP Top 10 List is a call to action for corporations and government agencies with high risk Internet-based applications that contain classified information, customer records and business transaction data," said Abhishek Chauhan, Chief Technology Officer for Stratum8 Networks. "This list is an important first step for evaluating application security, yet clearly demonstrates the need for an application level protection system like the APS-100. These vulnerabilities are the reason why leading companies in the financial services, healthcare, government and application hosting businesses have purchased our product."
Stratum8 APS-100
The Stratum8 APS-100 hardens security for Web applications by protecting against threats that are not detected by network based firewalls and intrusion detection systems. The APS-100 operates at the application layer and uses patent-pending behavior blocking technology that learns an application's behavior, inspects incoming and outgoing traffic, and allows acceptable behaviors to be executed while blocking unacceptable behaviors. As a result, it protects against known and undocumented attacks without relying on signatures. As applications change and new functionality is added, the APS-100 dynamically learns new behaviors and adjusts security parameters accordingly. The APS-100 is a 1U rack-mountable device that typically installs in one hour. It is available from Stratum8 and its business partners worldwide. Pricing for the APS-100 starts at $25,000.
About Stratum8
Founded in 2000, Stratum8 Networks develops quick-to-deploy, self-configuring security products that protect Web servers, Web applications and databases from known and undocumented vulnerabilities. Stratum8's customers are Fortune 1000 companies, leading Internet and e-commerce players, and government agencies that need to protect sensitive Web-based applications and data from unauthorized access or malicious use. Stratum8 is privately held and headquartered in Santa Clara, California. To contact Stratum8 call 408-850-0800, visit us on the Web at www.stratum8.com, or write to info@stratum8.com.
Комментариев нет:
Отправить комментарий