|
|
|
|
|
|
NTODefend enables security professionals to patch vulnerabilities immediately – in a matter of minutes instead of the days or weeks it can take to build a custom rule for a WAF or IPS or the time it takes to deliver a source code patch. This gives developers time to identify the root cause of the problem and fix it in the code.
|
|
|
|
|
Key Benefits
Easy
Users simply take the results of their NTOSpider scan, import them into NTODefend and generate custom rules that protect the web application from attacks on these vulnerabilities.
Accurate
Custom rules can leverage NTOSpider’s knowledge of the application to create strong, safe rules. NTODefend takes the NTOSpider results and generates strong customized rules that target the application’s specific vulnerabilities which increases the WAF’s accuracy and ability to protect WAF/IPS. These filters are able to pinpoint vulnerabilities without blocking desirable traffic.
Confirmable
As a safeguard, NTODefend’s performs as a good/bad data QuickScan to test only the areas that are vulnerable and test for false positives.
Flexible
NTODefend allows users to optimally configure a WAF or to leverage their investment in their IPS device to block web application vulnerabilities.
PCI Compliance
PCI Compliance 6.6 requires a WAF, dynamic analysis tools, source code reviews or static analysis tools.
Integrations
NTODefend includes more integrations with WAF and IPS than any other solution available.
WAF:
- Citrix NetScaler
- F5 ASM
- ModSecurity
- DenyAll rWeb
- Imperva SecureSphere (Can only turn on their existing filters)
IPS:
- Sourcefire SNORT
- Nitro Security SNORT
|
|
How It Works
Automated Custom Rule Generation for WAF/IPS
Users of NTOSpider can leverage the results of application scans to quickly and easily generate custom rules to patch vulnerabilities on their WAF/IPS.
Vulnerability Report Selection
After a simple import from NTOSpider, the user is able to review the vulnerability report and quickly select which vulnerabilities to patch and automatically generate the highly targeted filters for their WAF/IPS solution.
Integration with WAF/IPS Appliances
NTODefend integrates with market leading WAFs including: Citrix F5, DenyAll, Imperva SecureSphere, ModSecurity, & Baracuda. NTO automatically generates rules for each WAF/IPS that are highly targeted to the specific vulnerabilities which reduces the risk of false-positives.
Re-scan Ability to Confirm Effectiveness
The NTO solution enables security teams to conduct a quick re-scan applications to confirm the trained WAF/IPS effectiveness. Now, teams can quickly confirm that target vulnerabilities are patched and that good traffic can continue to flow through as expected eliminating the risk of false positives & false negatives and dramatically reducing or eliminating QA time.
|
|
|
|
|
|
|
|
|
|
|
|
|
  |
|
|
|
Sales