DenyAll Web Application Firewall is the foundation for our next generation application security products. It combines ease of configuration – with its workflow engine and management APIs – with a proven ability to secure web applications. It embeds negative and positive security, in-context, user behaviour analysis, and soon-to-be-added rWeb advanced security engines, to efficiently protect your web applications while minimizing false positives.
OVERVIEWEasy. Efficient. Extensible.
BENEFITSDiscover why relying on DenyAll WAF is the right decision for you.
Ease of Administration
Because you need your administrators to be productive and agile, not loose time in unnecessarily complex, repetitive tasks.
Because you need to actually block application-layer attacks and don’t want another false positive-prone intrusion detector.
Application Security Innovation
Because you know old recipes don’t work and want to take advantage of innovative approaches in application security.
Because you need to discover those unprotected, vulnerable web applications and protect them at the lowest possible cost.
Because we provide template-based, actionable reports for executives, operational and technical stakeholders.
NextGen Application Security
Because protecting your IT requires an integrated solution, combining scanning, web application & services security and user access.
FEATURESWith DenyAll Web Application Firewall, protect your web sites & applications from defacement, denial of service, data leakage, identity theft and intrusion attempts.
Configuring policy is as simple as dropping boxes and dragging arrows. Changes are made in a few clicks. Policy can be easily understood by managers, even if they are not application security experts.
Automate key administrative tasks, from the initial creation of tunnels and applications, the configuration of policy, and on-going monitoring and reporting activities.
ICX’s generic blacklist signatures, based on known attack techniques, block key OWASP Top 10 attacks such as injections, scripts, etc. Combine it with application learning and whitelisting for maximum security.
Configurable time-based checks help prevent authentication brute force and application-layer denial-of-service attacks, while preconfigured filters limit bots and search engine crawler requests.
Check all incoming URIs, each parameter and all possible values to understand how the site works. Add rules to validate other parts of incoming requests, such as headers.
Use WAF or web server logs to simulate the data running through a new version of the security policy, before validating it, make sure legal requests are not blocked. Or understand what happened, after the fact.
Test the efficiency of your WAF policy using DenyAll Vulnerability Manager. Integrate the scan report into DenyAll WAF to virtually patch application-layer vulnerabilities and prevent exploits.
DenyAll WSF adds Web Services specific security features. DenyAll WAM handles Web SSO for users, beyond the authentication methods supported by our WAF (client certificates, SAML, Radius, LDAP)