NT OBJECTives Launches First Product to Allow “Perfect-Fit” Custom Patching of Web App Vulnerabilities Via Existing IPS or WAFs

Share Article

Web Application Firewalls and Intrusion Preventions Systems Now More Effective With NTODefend, Eliminates Need to Wait for Developer Code Fixes

News Image

NT OBJECTives, a provider of automated, comprehensive and accurate Web Application security software, services and SaaS, today announced NTODefend, the first software solution that enables enterprise security teams to quickly and automatically create “perfect-fit” custom rules to patch Web Application Firewalls (WAF) or Intrusion Prevention System (IPS) against web application vulnerabilities discovered in automated NTOSpider scans. With NTODefend, enterprise security teams now have the ability to quickly and easily customize and train their WAFs/IPS’s to be optimally effective at protecting applications in production, while eliminating the difficulties, costs and risks associated with traditional manual methods of training these technologies.

“Given the recent spate of malicious attacks, it is clear that there needs to be a change in the industry,” says Dan Kuykendall, co-CEO and Chief Technology Officer of NT OBJECTives. “The various application security vendors must continue to work together to deliver innovation that helps organizations protect applications already in production more effectively. Security teams are discovering application vulnerabilities, but in the time it takes for a security team to notify the development team that a code fix is needed, a site can be defaced, taken down, or have customer data stolen.”

For this reason, organizations need to rely on WAFs to protect their web applications while developers are fixing the code, when the third party code cannot be accessed or when the code is simply outdated. In the ninth annual Global Information Security Survey conducted by CSO magazine and PricewaterhouseCoopers, the number of respondents who are investing in WAFs grew from 72 percent to 80 percent in the past year1, however, according to 451 Group research only five to 50 percent of enterprises ever put their WAFs into ‘active blocking mode’2.

This contradiction exists because very few enterprise security teams actually have time to properly train their WAFs to provide the necessary protection, leaving applications and enterprises vulnerable to an ever changing landscape of threats. Additionally, as has been the case with IPS deployment, enterprises are concerned that active defensive devices will block good traffic. While WAF and IPS devices include standard rules designed to block vulnerabilities, they lack the specific knowledge of the applications that they are supposed to protect. As such, the included packaged rules are one-size-fits-all and are less effective than rules that are designed to work specifically for that application.

About NTODefend
NTODefend goes beyond standard, one-size-fits-all WAF rule generation to create stronger customized rules, while also allowing for rule modification. It combines NTOSpider’s knowledge of the application functionality with an understanding of specific vulnerabilities to be the first tool to create “perfect-fit” custom rules that effectively block bad traffic while letting the good traffic flow through. With these rules, NTODefend also tunes an IPS to behave like a WAF.

"Default WAF and IPS configurations are like Kobe Bryant getting a 42 regular suit. It just doesn't fit. Even if Kobe gets a Big and Tall Suit, it won't fit because his arms are proportionately longer than a normal man's,” says Matthew Cohen, co-CEO of NT OBJECTives. “NTODefend takes NTOSpider's knowledge of a website and makes custom rules just like a tailor would measure Kobe for a custom suit. NTOSpider tells it the page name, the parameter name, what the parameter should be allowing and what the exact vulnerability is. It simply works much better."

NTODefend Product Features

  •     Automated Custom Rule Generation for WAF/IPS – Quickly and easily generate custom rules, and if needed modify these rules, to patch vulnerabilities on WAF/IPS, using the results from NTOSpider scans.
  •     Vulnerability Report Selection – Quickly select which vulnerabilities to patch and automatically generate the highly targeted filters for the user’s particular WAF/IPS solution.
  •     Integration with More WAF/IPS Appliances – NTODefend integrates with all market-leading WAFs including, Sourcefire SNORT, DenyAll, Imperva, ModSecurity, Nitro SNORT, and with Citrix, F5 and Barracuda coming soon. NTODefend automatically generates rules for each WAF/IPS that are highly targeted to the specific vulnerabilities which reduces the risk of false-positives.
  •     Re-scan Ability to Confirm Effectiveness – NTODefend enables security teams to conduct a quick re-scan applications to confirm the trained WAF/IPS effectiveness. Now, teams can quickly confirm that target vulnerabilities are patched and that good traffic can continue to flow through as expected, eliminating the risk of false positives & false negatives and dramatically reducing QA time.

About NT Objectives
NT OBJECTives, Inc brings together an innovative collection of experts in information security to provide a comprehensive suite of technologies and services to solve today’s toughest application
security challenges. NTO solutions are well-known as the most comprehensive and accurate Web Application security solutions available. NT OBJECTIVES is privately held with headquarters in Irvine, CA. For more information or to view a product video visit http://www.ntobjectives.com/defend

Sources:
1. Are CIO’s too Cocky About Security , CIO, George Hulme, September 28, 2011
2. Whither the WAF? The 451 Group, Wendy Nather, September 9, 2011

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Kari Walker
NT OBJECTives
703.928.9996
Email >
Visit website