Firewalls - IAC - DTIC
Firewalls - IAC - DTIC
Firewalls - IAC - DTIC
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Section 3 Firewall Products – application <strong>Firewalls</strong><br />
BugSec WebSniper<br />
Abstract<br />
WebSniper protects Web servers from exposure to<br />
behavioral attack patterns such as SQL injections,<br />
buffer overflow exploits, path traversals, cross-site<br />
scripting, and many others, by implementing<br />
signature-based attack identification and blocking.<br />
WebSniper identifies and monitors requests sent via<br />
the Internet, and distinguishes between legitimate<br />
requests to be approved, and illegitimate requests to<br />
be interpreted as attempted attacks and blocked<br />
before they reach the Web server. WebSniper can also<br />
be used for passive monitoring of traffic (without<br />
blocking) if configured that way via the Information<br />
Security Manager’s security policy and preferences.<br />
WebSniper can also identify attacks that are<br />
unknown in advance, and dictate their handling as<br />
defined in the configuration. WebSniper also checks<br />
and modifies responses returned from the Web server,<br />
to protect clients and prevent data leaks. WebSniper<br />
is implemented as an Internet Server Application<br />
Programming Interface (ISAPI) file to communicate<br />
efficiently with the Web server.<br />
42 <strong>Firewalls</strong> IA Tools Report – Seventh Edition<br />
BugSec WebSniper<br />
Type of Firewall waF<br />
oS Included<br />
Format appliance<br />
License Commercial<br />
NIaP Validated<br />
Common Criteria<br />
developer BugSec (Israel)<br />
Information http://www.bugsec.com/index.<br />
php?q=WebSniper