Web Hosting News

Privacyware, a provider of web application security, intrusion prevention and security data analytics software, today announced the release of the latest version of ThreatSentry, a software-based IIS web application firewall and intrusion revention solution. The company says that in response to customer and general market demand for more effective protection against Structured Query Language injection, cross-site scripting and other web application and database related attacks, it has expanded ThreatSentry's parameter parsing and URL query string inspection capabilities at the web application firewall and behavioral analysis layers.

The company states that ThreatSentry, an ISAPI filter hosted in MMC, is comprised of a web application firewall and behavior-based intrusion prevention component founded on specialized artificial intelligence and machine learning technologies specifically designed to address internal and external unauthorized system access and cyber-criminal threats on Web servers utilizing Microsoft Internet Information Services. It explains that IIS has grown in popularity since its introduction and while it is well-regarded for its ease of use and range of features, it is frequently targeted by hackers due to a variety of server and database vulnerabilities and the inherently open nature of many Web applications, many of which manage sensitive information such as credit card numbers, passwords, or other private data.

"In recent months, we've witnessed the attack landscape expand exponentially", said Privacyware CEO, Greg Salvato. "This problem is largely a result of the swift adoption of automated tools now in common use by hackers to rapidly identify vulnerable websites and servers. More urgent, however, is the evolving sophistication of the evasion techniques used which can render ineffective traditional rules-based technologies."

"In response the alarming rise in frequency of SQL-based attacks, we've expanded ThreatSentry's Parameter parsing and URL Query String inspection capabilities at the Web Application Firewall layer,” said Privacyware CTO, Konstantin Malkov. "In addition, we've enhanced ThreatSentry's cognitive components, which are capable of detecting similarities to known malicious patterns or revealing behavioral deviations among normal traffic, to deliver improved protection against known or new SQL Injection and other threats to the web infrastructure."