News

Thanks to Client Sanitization, banks can strengthen the security of online payments

With the success of online commerce sites, remote payment is entered in the customs. The rate of fraud made in the settlement of purchases on the Internet, however, remains 15 times higher than that found in the payments face-to-face. The Bank of France, which is charged by law "to ensure the security of means of payment" was then addressed the problem. She asked in 2010 to all banks to improve the security of online payments.

To help banks facing this challenge, Deny All creates : Client sanitization, a module which creates a "protective bubble" around the browser to prevent keyloggers (spyware) and other Trojans which may be present on the client's or employee's workstation from saving the user's data or, for example, compromising a financial transaction.
This option can be used in a number of sectors: banks, ecommerce sites or on-line gaming sites!!

More info, see Press Release or contact us

Deny All confirm his leadership and vision with rWeb 4.0, the next generation firewall

Deny All begins the year 2010 in terms of innovation with the launch of New Generation WAF: the version 4.0 of its flagship solution rWeb

Deny All, European leader in protecting and accelerating Web, XML and FTP applications, announces the latest version of its security solution for Web applications / XML with many innovations in the filed of security, performances and management.


Two major technological breakthroughs

► A tool dedicated to Web Services :
Most of Web Application Firewall (WAF) protect “classical” layers (HTTP, SMTP…) and therefore the protection of Web Services is disregarded. Today, rWeb is the only solution on the market to offer an integrated module, fully dedicated to Web Services. Very easy to use, it greatly increases the functional coverage compared to the previous version (3.8).

► Safety Web applications extended to the client :
Deny All innovates by extending security to the client, through a new feature in rWeb called Client Sanitization. This provides a "protective bubble" in the browser, avoiding for example keyloggers, spywares and other Trojans to record data from the Internet or compromise a financial transaction.

V. Rasneur (from the R&D team) won the development contest organized by Hex-Rays

Vincent Rasneur won the contest organized by Hex-Rays, the editor of the IDA reverse engineering software. It is a very high-level contest so big big congratulations to Vincent!
 

http://www.hex-rays.com/contest2009/
 

"We are happy to announce the results of our first Hex-Rays plugin contest! The submitted files are very interesting. We are sure that you too will find them useful and increasing your productivity.

While we had no difficulties determining the first winner, the second place was not that obvious, both candidates were very good. In the end we did choose, but decided that the third place deserves the prize as well. In fact, we feel that all submissions are good and deserve a prize, but the number of winning places is always limited. Probably we will be better prepared for the next time.

We would like to thank all participants for the submissions. Many of them show new ways of using and extending IDA. See below youself ;)

Without further ado, let us announce the winners. They are:

   1. Vincent Rasneur from DenyAll with the DWARF plugin
   2. Marian Radu from Microsoft with the Adobe Flash disassembler
   3. Jan Newger with the IDAStealth plugin

Congratulations to the winners!"

During itsa our team participated to roundtables about Vulnerability of Web Applications

IT(ea)-Time Roundtable :

   Backdoor Browser? Vulnerability of Web Applications

Participants : Mr. Stefan Strobel from Cirosec, Mr. Dr. Bruce Sams from OPTIMAbit GmbH and Mr. Thomas Kohl from Deny All  --> see video (in German)

   Web Application Firewall, an easy way to high level of security

Speaker : ”. Mr. Ingmar Ludemann --> see video (in German)

Deny All releases a patch against Slowloris, an attack against Web servers

The DARC (Deny All Research Center), division of Deny All which focuses on threat analysis and mitigation, performed a technical analysis of the tool and the concept of the attack.
Therefore all Deny All customers can now be protected from this attack and any variant based on the same technique.
This is the first release of a patch for an Apache-based products against this attack.

You can read the Press release.
 

rWeb 3.8 evaluated by SIC Laboratory

SIC (Seguridad en Informática y Comunicaciones) is, since 1992, the information security and IT systems security widest read magazine in Spain. Directed to CISOs, CIOs and other information security manager profiles, this Ediciones CODA publication serves as a cohesion tool for its professional readers in Spanish.
SIC Laboratory is the magazine section where security hardware/software products and tools are identified, examined, analyzed and evaluated.

In June, our leading product rWeb 3.8 has been evaluated and "the results of the test [for the White List] has led to very satisfactory values of around 98.2%. And the test results have been excellent with the Black List."
 

You can read the Spanish article.
 

Twitter users victims of a worm

the 16th of april the Twitter users have been victims of a worm.
 

Read our explanation (in French)
 

Launch of our PCI Web site

We are pleased to announce the launch of our PCI Web site where you can find informations about PCI standard, Best Practices and download a trial version of our product for being compliant.

DenyAll Iberia and Arista Ingeniería Tecnológica S.A. announce partnership

DenyAll Iberia and Arista Ingeniería Tecnológica S.A. announce partnership to offer Spain customers ultimate Web Application Security based on Deny All’s WAF’s technology and recognized Arista quality services.
 

Deny All extends lead in WAF Market with the launch of rWeb 3.8 Software and Appliance platform.

 Deny All extends lead in WAF Market with the launch of rWeb 3.8 Software and Appliance platform.