sPROXY

Deny All, an innovative leader in the application security market

Deny All was one of the WAF (Web Application Firewall) pioneers, worldwide, and has become a leading innovator in the broader application security market. Leveraging +10 years of experience securing Web applications and Web Services, initially for rather demanding large clients, Deny All keeps innovating to help organizations of all sizes respond to an ever-evolving threat. The company has been building an ecosystem of integration and hosting partners, and working with other vendors to offer a complete range of solutions dedicated to the security and acceleration of modern, Web-based applications.

Genesis of an expertise

A spin-off of Société Générale, founded in 2001, Deny All rapidly became the European leader on the emerging Web Application Firewall market, with solutions combining a high level of security with application infrastructure optimization features. Over 10 years later, the first banking clients still use rWeb and other Deny All products to secure their eBankingapplications and ensure they comply with the PCI DSS standard. Hunders of customers of varying sizes operating in different verticals now rely on Deny All’s expertise to help them to protect their Web sites from intrusion attempts and denial of service attacks, to protect their collaborative applications (OWA, Sharepoint, etc) against data theft and to ensure that their enterprise applications’ data (SAP, Web Services, etc) remains confidential.

Mission: to help enterprises roll out an effective application security strategy.

Deny All’s vision is best captured when discussing the “three pillars of application security”, referring to the indispensable steps required to define and implement a truly effective application security strategy:

1. Source code auditing of the application, ahead of the production phase.
2. Regular penetration testing in the pre-production and production phases.
3. Deploying application security controls, such as WAFs and XML firewalls.

This approach is based on the observation that security in depth is an absolute must to fight against modern threats, which tend to become more complex. It suggests that no single technology component can, like a magic bullet, mitigate all risks and annihilate all possible attack vectors. It results from 10 year of experience, working with demanding customers, whom Deny All helped implement the right strategy to counter the risks ofsabotage, denial of service, intrusion and data theft every organization is faced with today. This vision, finally, has been guiding Deny All’s strategic thinking, including as the innovative penetration testing solution, Edge, was added to the portfolio as a result of a partnership with Iviz.

 Deny All dedicates a large part of its effort to R&D in order to back its commitment to supplying the most innovative technologies and to face new security challenges. The company invests in the monitoring of application-layer threats, an effort led by the Deny All Research Center (DARC), qui creates new signatures and advanced technologies. It is involved in several expert organisations such as CLUSIF, OSSIR, OWASP, the Cercle de la Sécurité and the Liberty Alliance Program.

Attachments:

White paper - 10 years of application security	[White paper - 10 years of application security]
White Paper: 10 years of application security	[White Paper: 10 years of application security]
Livre Blanc - 10 ans de sécurité applicative	[Livre Blanc - 10 ans de sécurité applicative]
Livre Blanc - 10 ans de sécurité applicative	[Livre Blanc - 10 ans de sécurité applicative]