The ProtectPoint® Web Application Firewall Service protects your web-based applications from attack by monitoring input, output and access attempts, and blocking any malicious activity. It brings you into compliance with the web app security guidelines specified in the PCI Data Security Standard.

When attacks are detected, the web application firewall alerts analysts in our Security Operations Centers, where blocks are immediately initiated against the originating IP address. The service protects against the full range of application vulnerabilities, including:

• Cross-site scripting (XSS)
• Injection flaws (SQL, LDAP, Xpath, and others)
• Malicious file execution
• Insecure direct object references
• Cross-site request forgery (CSRF)
• Information leakage and improper error handling
• Broken authentication and session management
• Insecure cryptographic storage
• Insecure communications
• Failure to restrict URL access

Compliance Reporting

We provide detailed security event reporting through RADAR, our secure customer portal. You can filter event reports on numerous relevant parameters, including the client IP, responsible analyst, actions taken, request method, and more, and drill down for specific event details. Additionally our web application firewall summary report presents the most frequent and the specific number of firewall rule matches. It includes in-depth details on each event.

Our Security Alert Team (SAT) monitors dozens of sources for discovered vulnerabilities and continually updates the Web Application Firewall rules in accordance with PCI DSS v1.2 requirement 6.2.

Features:

• In-line, out-of-band, and virtual deployment options
• Satisfies PCI DSS v1.2 requirement 6.6 by protecting against all vulnerabilities listed in requirement 6.5 and the OWASP Top Ten.
• Supports customer-specific rules sets.
• Includes automatic rule updates and enhanced rule set from StillSecure's Security Alert Team.
• Monitors both clear text and SSL encrypted traffic.
• Supports both white list and black list source IP address security models.
• Inspects web page content, such as HTML, Dynamic HTML, and CSS, along with the underlying protocols such as HTTP and HTTPS.
• Inspects web services messages including SOAP and XML, both document- and RPC-oriented models.
• Includes configuration change process that is in compliance with PCI DSS v1.2, requirement 1.1.1.
• Logs all activity for any external facing implementation; offloads logs in accordance with PCI DSS v1.2, requirement 10.5.4.
• Available in high availability configurations.
• Protects multiple web application servers simultaneously.
• Correlates intrusion detection and web app firewall alerts during incident handling and in reporting when deployed with ProtectPoint Intrusion Detection/Prevention Service.