Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protecting Customer Websites and Web Applications Web Application Security.

Published byLionel Dorsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Protecting Customer Websites and Web Applications Web Application Security."— Presentation transcript:

1 Protecting Customer Websites and Web Applications Web Application Security

2 The Application Security Market Challenge Data theft Data leakage Compliance

3 The Damage E-payment site breach compromises 5 million customers Around five million customers of CheckFree Corp. and some banks that use its electronic bill payment service may be affected by a hack that gave criminals control of several of the company's Internet domains. 1/8/2009 Heartland Payment Systems disclosed that intruders hacked into the computers it uses to process 100 million payment card transactions per month for 175,000 merchants. 1/22/2009 Hackers breach Heartland Payment credit card system FAA says info on 45,000 workers stolen in data breach The compromise resulted from an intrusion into the system that was storing the data, the FAA said in a brief statement. 2/10/2009

4 What Enables Strong Application Security? Provide active protection Stop multi-vector attacks Inspect all requests – even encrypted ones Read the entire request - headers and content View the request as the application will Counter emerging threats

5 Web Application Firewall (WAF) Examines user interaction with the application Performs deep inspection of HTTP traffic content Blocks harmful requests Complements network security measures, e.g., firewall, IDS/IPS

6 Why Security Rules? Security rules define patterns that indicate hacking Generic rules based on hacking techniques, not specific applications Main benefits Low false-positive rate Strong security with low maintenance

7 Software plug-in for IIS and Apache dotDefender Positioning

8 dotDefender Security Engines

9 Typical Implementation

10 Technology Overview Software plug-in Multiple security engines Rule-based Low maintenance High efficiency, low impact Central Management Open API

11 dotDefender delivers: Award-winning Web application security Solution for a wide customer base - enterprise, SME, SMB, service providers Support for IIS and Apache Locks down virtual and cloud environments Affordable security and compliance Variety of licensing/pricing models Best TCO in the industry

12 Business Drivers eBusiness Transactions Sensitive data Active content Compliance – e.g., PCI Already under attack!

13 Target Markets Enterprise SME SMB Service Providers

14 Opportunities Reselling Services Consulting Implementation Integration Additional touch points

15 Sample Customer List

16 Applicure Technologies Jan 2004 Incorporated Apr 2007 IPO TASE: APCR Offices US Offices: NY & Atlanta Israel R&D office Worldwide network of business partners

17 dotDefender and You Provide better security to your clients Add premium security service to your portfolio Gain additional customer touch point Enhance your reputation Good for your customers’ security… and your bottom line! Good for your customers’ security… and your bottom line!

Download ppt "Protecting Customer Websites and Web Applications Web Application Security."

Similar presentations

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.

Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
Chapter 10: E-Branding – Building the brand online

Chapter 10: E-Branding – Building the brand online
Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)

Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
E-business Infrastructure

E-business Infrastructure
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
Company Information & Services

Company Information & Services
Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.

Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.

External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
PCI requirements in business language What can happen with the cardholder data?

PCI requirements in business language What can happen with the cardholder data?
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

Similar presentations

Ads by Google