According to info-sec expert studies, 70% of the world's top 100 websites contain malicious links that re-direct visitors to malicious websites, let alone ordinary individual and small business websites. There is not one single Web Application Firewall(WAF) product catered for them in the market, it is estimated at least 2 million websites face serious info-sec threats that could lead to unbearable legal issues.
Famous websites have major concerns on OWASP Top 10 web vulnerability when they tackle web application development, they understand the importance of firewalls, most webmasters could put firewalls in place on their own, but what they do not realize is that conventional firewalls only protect layer 2 and layer 3 of the network communication protocol.
The latest cyber attacks (SQL Injection, cross-site scripting) intrude web application directly. International Research Institute Gartner indicated that 75 percents of the website attacks are targeted at web applications that conventional firewalls cannot protect. Individual and small business websites become vulnerable targets to hackers and become stepping stones to more website attacks. Furthermore, PCI-DSS 6.6 recommends adoption of WAF practice to bridge the last mile gap between web application code review with total web security if they are to deal with customers' confidential business transactions.
Although webmasters understand the importance of WAF, the existing WAF products in the market are made for corporate customers that cost tens of thousands of dollars that are too expensive to acquire for small scale website owners. Consequently, DragonSoft introduces an easy-to-install, affordable WAF product to this segment. DragonWAF is selling at USD 99 during promotion, customers can get corporate level web application security at anti-virus price. DragonWAF offers multi-intellectual website protections, working jointly with conventional firewalls, the individual and small business websites are protected effectively against malicious codes, website defacement, customer data leaks, following by immense legal responsibilities.
Excellent protection features on DragonWAF 2010
The signature-based DragonWAF activates defense mechanism when IIS server is under attack, it records all attack patterns using intellectual filtration techniques, webmasters are able to add more filtration strings by themselves, customize warning messages. The multiple graphic reports facilitate log management, making optimal security control an easy task. DragonWAF 2010 is capable of blocking any SQL Injection target at database (Oracle, MySQL...), DragonSoft offers the online updater and continuously to update database.
DragonWAF 2010 effectively prevent against 18 common web application attack methods:
1. SQL Injection
2. Server-Side Include
3. Directory Indexing
4. Path Traversal
5. Cross-Site Scripting
6. Buffer Overflow
7. LDAP Injection
9. HTTP Response Splitting
10. Content Spoofing
11. Predictable Resource Location
12. Denial of Service
13. Application Fingerprinting
14. Insufficient Session Expiration
15. Session Fixation
16. Web Server Fingerprinting
17. Abuse of Functionality (emails, spiders, data theft)
18. Command Injection.
DragonSoft Security Associates, Inc. (dragonsoft.com) is the leading brand of information security software in Asia. The continuous effort behind the scene is supported by top teams of R&D and management professionals from Hsinchu Science Park located in Hsin Chu City, Taiwan. Our dedicated and improved service provides most realistic solutions to corporate clients, the team members constantly enrich their ability to deliver, DragonSoft aims to introduce the national information security software product and service worldwide, offering business continuity opportunities to existing and new customers.