This is the place to download DenyAll last whitepapers. Discover how the DenyAll products answer to your specific needs through our very detailed and practical case studies.

Introducing the Next Generation Web Application Firewall

In the first place this document describes the requirements for effective, modern application security, explaining the differences between network security and application security. In the second place the document explains the features required in a Next Generation WAF to effectively secure modern web applications and services.

The Challenge of Securing Applications

At a time when the methods of analysis and attack are becoming industrialized, both in quality and in number, and at a time when individual hackers or state organizations continuously scan all information posted to the Internet, the protection of web applications is still a patchwork of poorly managed or even inadequate tools. Solutions to secure web applications, their uses, and the data that they expose have been in development for twenty years. So why is it that every day we hear about a company that has had thousands of passwords or private or confidential information stolen?

Pooling Mode benefits

Protect is usually presented as a solution running on a single machine (physical or virtualized). However, this traditional architecture is not the only possible one. Protect features can be distributed over several servers, in multiple DMZs. One of these distributed architectures is called ‘Pooling Mode’, providing the best enhancements in terms of security. Of course, Protect servers can also be configured in high-availability cluster mode (Active/Passive or Active/Active) regardless of the Pooling Mode, but this is not the purpose of this technical note.

ProActive Security

In the first place, this document describes the different types of threats targeting applications and the true impact that they have today on an enterprise’s business. It analyses why traditional security solutions, developed to protect networks and systems, are simply not delivering sufficient protection at the application level. Finally, we shall describe Deny All’s security solution integrating proactive security processing, acceleration and simplification of organisations’ Web/XML application environments.

10 years of application security

This white paper looks back over the main stages of the parallel changes in companies’ needs, the threats to the security of their applications and the tools available to them for risk management. Once this retrospective is complete, broad outlines of the required changes to your applications’ dedicated security tools will be presented.

PCI-DSS Compliance

This document illustrates how rWeb, a leading Web Application Firewall developed by Deny All, can contribute to help businesses obtain PCI certification.

Scoring model

DenyAll Web Application Firewall rWeb implements an additional security security model, yet unique in the WAF environment. This model, known as the “scoring model” relies on a dynamic weight calculation mechanism. By concept this mechanism does not require any update or learning phase, and, as a consequence, appears to be the most appropriate solution to circumvent the limitations of the traditional existing models.

Web services Security

The purpose of this document is first to provide a clear and objective overview of the security challenges faced by Web services. In the second part we shed the lights on existing security standard which deserve specific attention. Then we will focus on the threats such an infrastructure is exposed to, by detailing attack techniques and their impact on the security of the targeted services.

Webmail Security

This white paper will explain the main dangers for webmails and extranet networks, and how installing a Web Application Firewall can help solving them, much more efficiently than by using a virtual private network (VPN).