Partners

Breach Security – integrated WAF solution

WhiteHat Security and Breach Security have joined forces to offer a solution for more comprehensive Web site security. The offering combines WhiteHat’s intelligent Web application vulnerability assessment technology with Breach Security’s automated, real-time protection against application-level threats. Available now, the new solution closes the gap between accurately identifying vulnerabilities and blocking targeted Web attacks.

The joint solution combines Breach Security’s ModSecurity Web application firewall, the most widely deployed application firewall with more than 15,000 commercial and open source deployments worldwide, with the WhiteHat Sentinel Service, the industry’s only SaaS-based Web site vulnerability management solution. WhiteHat Sentinel automatically generates blocking signatures for identified vulnerabilities, mapping a customer’s specific security vulnerabilities to defined ModSecurity rules for the most common forms of attack such as SQL Injection and Cross-Site Scripting.

“The WhiteHat and Breach Security solution is another great stride toward total Web site security,” said Stephanie Fohn, chief executive officer, WhiteHat Security. “Our integrated offering allows customers to be proactive against vulnerabilities that pose a great risk to the integrity of a company’s Web sites. There is no doubt that the number and variety of vulnerabilities are on the rise, and we are helping customers effectively protect themselves from attack.”

Organizations of all sizes are taking a more proactive approach to protect mission-critical, Web-based business applications. Transitioning from an identification-only to prevention-centric security posture is only possible with a high confidence level in the accuracy of vulnerability data. A Web-based subscription service, WhiteHat Sentinel combines advanced proprietary scanning technology with expert analysis, enabling customers to identify, prioritize, manage and remediate Web site vulnerabilities as they occur. All vulnerabilities discovered by WhiteHat Sentinel are verified and prioritized, virtually eliminating false positives and simplifying remediation.

Available as both a security appliance and open source Web server extension, ModSecurity protects the Web application by detecting and blocking attacks, including those intended to steal sensitive information such as credit card numbers, social security numbers and health records. ModSecurity’s Enhanced and Payment Card Industry (PCI) rule sets deliver the broad-based coverage required to thwart all known attacks, as well as tailored protection for applications handling PCI-regulated cardholder information.

Current ModSecurity customers that also subscribe to WhiteHat Sentinel will receive the integration free-of-charge. For more information about ModSecurity, contact Breach Security at sales@breach.com or call +1 760 448 2051.

To subscribe to WhiteHat Sentinel, please contact sales@whitehatsec.com or call +1 408 343 8300.

“Web application security is increasingly becoming a concern for many organizations, as reflected in compliance requirements such as the PCI Data Security Standard. Unfortunately, many struggle to meet these requirements due to the potentially high costs and complexity of becoming compliant. These challenges can actually weaken an organization’s security posture by creating a gap between exposure and remediation. The Breach Security and WhiteHat Security combined solution detects and defends Web application vulnerabilities much more efficiently, and resolves the disconnect between compliance intentions and actual security.”

– Michael Montecillo, security and risk management analyst for Enterprise Management Associates. “