|Standard Web security|
Security functions used by all DenyAll products
The challenge facing a web application firewall is to block attacks without interfering with legitimate traffic. DenyAll security modules have been developed with this in mind. These modules:
New incidents relating to web security problems are regularly documented. The most commonly-used methods are injections (especially SQL) and techniques known as cross-site scripting. While some of these attacks are well known and therefore easy to block using a backlist, attackers are constantly devising new methods. Capitalizing on the complexity of web applications, protocols and languages used to make business applications accessible via web browsers, hackers are constantly finding new vulnerabilities and developing new means of attack. It is the job of the scoring list to identify and block these attacks that are not yet listed.
A blacklist is a database of signature files corresponding to known attacks, which allows the WAF to identify and block malicious requests.
The DenyAll blacklist and scoring list:
The scoring list used by DenyAll products is unique on the market. It offers the following competitive advantages: