ARMORLOGIC’s Profense Web Application Firewall Protects Against DoS Attacks Identified as new #1 Attack Method in 2010 WASC Web Hacking Incident Database (WHID) Report

Share Article

Armorlogic's powerful, affordable web application firewall offers protection against the dramatic increase in DoS attacks reported yesterday in the 2010 WASC Web Hacking Incident Database (WHID) report. Profense 3.0 Web Application Firewall (WAF) protects against the new application level types of DoS attacks.

Profense Web Application Firewall WAF

Profense Web Application Firewall

Profense 3.0 Web Application Firewall (WAF) protects against the new application level types of DoS attacks.

Armorlogic, a leading developer of web application firewall and load balancing software, offers powerful, affordable protection against the dramatic increase in DoS attacks reported yesterday in the 2010 WASC Web Hacking Incident Database (WHID) report. Profense 3.0 Web Application Firewall (WAF) protects against the new application level types of DoS attacks. DoS attacks made up 32% of all reported attack methods. In addition to the traditional DoS defenses offered by other web application firewalls, Profense 3.0 includes the following protections specifically designed to address DoS attacks:

  •     Timeout limits can be configured for both client request header and client request body. This features prevents attacks like Slowloris and Slow HTTP POST from consuming server resources by sending the requests slowly. If the request headers or the request body is not received within the timeout the connection is closed.
  •     Buffering of all client requests before sending to the backend server (i.e. slow GETs or POSTs are received in their entirety before being handed off to the backend server).
  •     HTTP request throttling and connection limiting offers improved protection against Denial of Service (DoS), brute force attempts and other rate based attacks, and also ensure that resources are optimized in peak situations.

In addition, the Profense Web Application Firewall is based on Nginx, which allows it to handle extremely large numbers of concurrent requests, even slow requests. Nginx is event based and so a single request consumes a very small amount of resources because it doesn't need to spawn new processes or threads for each request. Profense web application firewall protects against all the OWASP Top Ten vulnerabilities and fully complies with and satisfies the Payment Card Industry Data Security Standard (PCI DSS) section 6.6 requirements. Profense web application firewall can protect Web applications and Web sites in any language, including double byte languages such as Japanese, Korean and Chinese.

The Web Hacking Incident Database (WHID) is a project dedicated to maintaining a record of web application-related security incidents. WHID’s purpose is to serve as a tool for raising awareness of web application security problems and to provide information for statistical analysis of web application security incidents. Unlike other resources covering web site security – which focus on the technical aspect of the incident – the WHID focuses on the impact of the attack. SpiderLabs is a WHID project contributor.

WASC WHID 2010 Report Summary Findings
An analysis of 75 Web hacking incidents from the second half of 2010 conducted by Trustwave’s SpiderLabs team shows the following trends and findings:

  •     A steep rise in attacks aimed at causing downtime – currently the new no. 1 outcome (up 21% from previous reporting period). This is mainly a result of ideological hacking efforts utilizing distributed denial of service (DDoS) attacks as part of the Anonymous Group versus Anti-Piracy and WikiLeaks events.
  •     Corresponding to downtime outcomes, denial of service attacks made the largest jump for Attack Methods to no. 1 (up 22% from the previous reporting period).
  •     Organizations have not properly implemented nor tested anti-automation defenses for their Web application architecture to ensure application availability during Denial of Service (DoS) attacks.

At a cost of only $2995, Profense has been generating a lot of interest as the most powerful and only fully featured software appliance-based web site and web application security solution. While web application firewalls in the past have been tied to expensive proprietary hardware, Profense is instead an easy to use, easy to install “soft appliance” that runs on any common server and virtual platforms like VMWare. This independence from hardware leads to easier redundancy and more flexibility around multi-node setup.

About Armorlogic
Armorlogic is the developer of Profense™ web application firewall software solutions that provide cost effective and easily implemented proactive web security and protection for web sites and web applications. Profense provides complete OWASP Top Ten vulnerability protection and fully complies with and satisfies the Payment Card Industry Data Security Standard (PCI DSS) requirements. Armorlogic’s Profense line of web application firewalls also include auto learning, advanced load balancing, acceleration, high availability (including active/active), session persistence and compression, and XML, JSON and SOAP support. Armorlogic also offers the Profense Web Load Balancer with industry leading performance at a fraction of the price of other load balancers. For further information or to download a free trial of Profense Web Application Firewall or Load Balancer, please visit http://www.armorlogic.com.

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Matthew Watson
Armorlogic
1 250 590 0793
Email >
Visit website