Breach Security Releases Latest Version of ModSecurity Open Source Web Application Firewall

Log In
New User? Sign Up

About | Contact | FAQ

HOME ACCOUNT PRODUCTS TOOLS ARTICLES DIRECTORY NEWS CLASSIFIEDS FORUMS

Home

News

Technology

Internet Security

Friday, May 09, 2008

NEWS SEARCH

FEATURED NEWS | POPULAR NEWS

	FiberNet Announces National Network Expansion
	Homeowners Behind on Payments - Mysterious Website Granting Wishes to Those with Foreclosure Trouble
	Live Nation and AdBrite Enter Exclusive Multi-Year Online Advertising Partnership
	Viigo Secures Addition to First Round of Venture Capital Financing
	Blockbuster Comments on the Due Diligence Agreement Reached With Circuit City
	MultiVu Recognizes the Most Creative Uses of Multimedia
	Employee Engagement & Retention: Benchmarking Metrics and Networking Opportunity to Help Solve Today's Workforce Challenges
	Wal-Mart Launches Online Resource Guide to Save More, Even Beyond the Store

	Pepperjam Network Launches "Meet the Affiliates" Weekly Interview Series
	Parallels to Resell myLittleAdmin
	ISPCON Spring 2008 Exhibitor Profiles
	Fees for `.org' domain names to increase 10 pct
	Microsoft to release four new patches next week
	Database blacklist threat for dishonest employees
	DemoWolf Releases Gallery, Drupal, VistaMail and Many More Tutorials
	Planet Online Web Hosting Acquires SeeMoreSearch.com to Expand Services

Submit News | View More News

Submit News

Feeds

Breach Security Releases Latest Version of ModSecurity Open Source Web Application Firewall
Monday, March 24, 2008

ModSecurity version 2.5 offers better performance, automated rule updates and enhancements to the rule language

CARLSBAD, Calif., March 24 /PRNewswire/ -- Breach Security, Inc., the leader in web application security, today announced the latest version of its open source ModSecurity web application firewall, the most deployed web application firewall in the world with over 15,000 users. The latest release, ModSecurity v2.5, offers a significant improvement in performance using set-based parallel text matching, as well as automated rule update capabilities, and a robust scripting language interface. New features include detection of credit card numbers and the ability to set policy based on the geography of an attacker.

"This latest version of ModSecurity was built with enhanced performance and flexibility to meet the demands of protecting web applications in high-volume deployments," said Ivan Ristic, ModSecurity author and chief evangelist for Breach Security, Inc. "ModSecurity v2.5 delivers improved performance to run efficiently in front of high-traffic web sites along with greater flexibility -- users can now write rules that best address the complex vulnerabilities specific to their environments."

Using set-based parallel matching, ModSecurity now processes requests much faster while using fewer resources. With ModSecurity v2.5, users can incorporate large lists of patterns, such as spam keywords and black-listed IP addresses into ModSecurity with very little effort and without impacting performance.

In addition to performance enhancements, the new version also features an automated rule updates capability. ModSecurity deployments frequently rely on rule sets obtained from third-party developers, for example, Breach Security distributes ModSecurity Core Rules freely under GPLv2. While the installation of these rule sets is quick and easy, maintenance can be difficult and time consuming. Because changes and new discoveries are frequent in the dynamic field of web application security, the high cost of rule set maintenance is effectively reducing the usefulness of web application firewalls. To help address this problem, ModSecurity v2.5 includes a tool that can be used to periodically check a ModSecurity Rules server to ensure that rules are up-to-date.

ModSecurity v2.5 also includes LUA, a high-speed scripting language commonly used in the gaming world. By incorporating a full-blown scripting language, ModSecurity provides more flexibility to rules writers. LUA can be used to add custom anti-evasion transformations specific to the protected application, perform complex logic between conditions and apply mathematical expressions to parameters before validating them.

    New key features in ModSecurity v2.5 include:

    --  Performance improvements
          o  Transformation function caching -- transformation functions are
             an important feature of ModSecurity as they allow rules to be
             resistant to evasion; however, they affect rules' execution
             speed. Caching the result of transformation functions enables
             using them freely in rules without impacting performance,
             facilitating more robust and secure rules.

    --  Credit card number detection
          o  Using the industry standard LUHN formula, ModSecurity can now
             accurately detect credit card numbers by verifying that detected
             patterns are valid credit card numbers.

    --  Rules based on geographical lookup of client IP addresses
          o  A ModSecurity rule can now allow setting policy using the
             geography of the client accessing the web site. For example,
             ModSecurity can block out-of-country requests, limit them to more
             restricted functionality, or simply log the geographic
             information.

    --  Content injection
          o  ModSecurity can add content to HTML replies based on rules.
             Possible applications for HTML injections within server responses
             include client-side input validation, CSRF mitigation and
             client-side reconnaissance.


    Other new features include:
    --  Better exceptions management allowing separation between third-party
        rule sets such as Breach Security Core Rule Set and site-specific
        customization.
    --  Support for central audit and audit resiliency by sending audit log
        data to multiple external monitoring systems such as a ModSecurity
        Management Appliance.
    --  New transformation functions added to help combat common evasion
        tactics used by current web attackers.
    --  PDF Universal XSS protection -- uses a one-time cryptographic token to
        ensure that PDF files do not have client-side XSS associated with them
        on the client.

About Breach Security

Breach Security, Inc. is the leading provider of real-time, continuous web application security that protects sensitive web-based information. Breach Security's products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company's products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel, and government. For more information, please visit http://www.breach.com.

Breach Security and ModSecurity are trademarks of Breach Security, Inc. All other brand, product, and service names are the trademarks, registered trademarks, or service marks of their respective owners.

SOURCE Breach Security, Inc.

Email

Slashdot

Digg

Del.icio.us

Feeds

RELATED NEWS ARTICLES

	Google Cuts Price, Rebrands Postini Security Service \| May 9, 2008
	Windows Vista More Vulnerable To Malware Than Windows 2000 \| May 9, 2008
	Connect with Mom This Mother's Day with Cablevision's Award-Winning Optimum Voice(R) Phone Service \| May 9, 2008
	Mozilla: Firefox Plugin Shipped With Malicious Code \| May 8, 2008
	Fake MP3 Trojan Detected On 27% Of PCs \| May 8, 2008
	Hackers' posts on epilepsy forum cause migraines, seizures \| May 8, 2008
	'Crimeserver' Discovered with Treasure Trove of Stolen Data \| May 8, 2008
	Give Your Mom the Best in Wireless Fashion from Verizon Wireless \| May 8, 2008
	Trojan Adware Hiding in MP3s, McAfee Says \| May 7, 2008
	Yahoo Partners With McAfee To Make Search More Secure \| May 7, 2008