Do your WAF and IPS rules fit like a custom suit or an off the rack one?
NT OBJECTives is excited to announce the general availability of NTODefend, a software solution that enables enterprise security teams to quickly, easily and automatically create “perfect-fit” custom rules to patch Web Application Firewalls (WAF) or Intrusion Prevention System (IPS) against web application vulnerabilities discovered in automated NTOSpider scans.
NTODefend goes beyond standard, one-size-fits-all WAF rule generation to create stronger customized rules, while also allowing for rule modification. It combines NTOSpider’s knowledge of the application functionality with an understanding of specific vulnerabilities to be the first tool to create “perfect-fit” custom rules that effectively block bad traffic while letting the good traffic flow through. With these rules, NTODefend also tunes an IPS to behave like a WAF.
A comprehensive application security approach addresses the entire software development lifecycle, from development through production. Security teams use two primary kinds of tools to help them identify, patch and resolve application security issues in production applications, dynamic application testing products and web application firewalls (WAF). The ideal production solution includes a dynamic application testing tool that understands your WAF so the two can share information to automatically patch vulnerabilities that haven’t yet been fixed in the source code.
NTODefend Product Features
- Automated Custom Rule Generation for WAF/IPS – Quickly and easily generate custom rules, and if needed modify these rules, to patch vulnerabilities on WAF/IPS, using the results from NTOSpider scans.
- Vulnerability Report Selection – Quickly select which vulnerabilities to patch and automatically generate the highly targeted filters for the user’s particular WAF/IPS solution.
- Integration with More WAF/IPS Appliances – NTODefend integrates with all market-leading WAFs including, Sourcefire SNORT, DenyAll, Imperva, ModSecurity, Nitro SNORT, and with Citrix, F5 and Barracuda coming soon. NTODefend automatically generates rules for each WAF/IPS that are highly targeted to the specific vulnerabilities which reduces the risk of false-positives.
- Re-scan Ability to Confirm Effectiveness – NTODefend enables security teams to conduct a quick re-scan applications to confirm the trained WAF/IPS effectiveness. Now, teams can quickly confirm that target vulnerabilities are patched and that good traffic can continue to flow through as expected, eliminating the risk of false positives & false negatives and dramatically reducing QA time.