sPROXY

State of the art security for e-banking applications

e-banking applications are the preferred targets of hackers since the return for an attack is very high. DenyAll's products have protected these applications against known and unknown attacks for over 10 years. Initially devised when DenyAll was part of Société Générale, the company's flagship product, rWeb, is now used by 9 out of 10 major French banks to protect their Web assets and banking applications.

The main risks faced by e-banking applications are:

• Denial of service
• Destruction or theft of sensitive data (login, password, account or credit card number, etc)
• Reproduction of the site as part of a phishing attack
   

The most common attacks target the application layer, using SQL injection or cross-site scripting techniques. The most harmful attacks are "man in the browser" attacks: if a PC belonging to one of the bank's clients becomes infected with a Trojan such as SpyEye or Zeus, this allows the hacker to use the client's authenticated channel to access the application and perpetrate the crime.
 

DenyAll's products allow Banks to:

• Protect applications effectively against known and unknown attacks
• Secure applications from potentially infected terminals using the rWeb Client Shield option
• Adjust the security level according to changes in requirements and technical and financial constraints

Why choose DenyAll's products?

• For instant protection (there is no learning phase with sProxy
• To benefit from the only solution on the market that protects the application on both the server side and the browser side (rWeb Client Shield option)
• To benefit from the 10+ years of experience of a WAF market leader whose origins lie the banking field itself
  

Attachments:

White paper - 10 years of application security	[White paper - 10 years of application security]
Livre Blanc - 10 ans de sécurité applicative	[Livre Blanc - 10 ans de sécurité applicative]