WebApp Secure

Using deception to stop hackers in their tracks

The smartest way to secure websites and apps from hackers, fraud, and theft, WebApp Secure uses deception to make hacking costly, time-consuming, and tedious.


    WebApp Secure Web security detects, tracks, profiles, and defends against hackers in real time using intrusion deception techniques. It inserts detection points into the code of outbound Web application traffic that identifies attackers before they can do damage—without false positives. It protects applications hosted in physical or virtualized data centers, or in the cloud.

    Detect: Detection points that are inserted into Web application code create a minefield that detects hackers when they manipulate them during pre-attack reconnaissance, indicating malicious intent. WebApp Secure detects this before the hacker can establish an attack vector.

    Track: WebApp Secure goes beyond the IP address and tracks attackers in two unique ways, by a supercookie and by fingerprinting the device.

    Profile: The tracking techniques enable attacker profiling. Attackers are assigned a name and each incident is recorded along with a threat level based on their intent and skill.

    Respond: Once an attacker is detected, an appropriate response—from a warning, to requiring a CAPTCHA, to blocking a user or forcing them to logout, can be deployed manually or automatically in real time.

    Understand: The tracking techniques enable attacker and attack profiling. Every attacker is assigned a name and each incident is recorded along with a threat level based on their intent and skill.

    Deploy: WebApp Secure sits logically inline and functions as a reverse proxy. Software deployment is easy and the product can be purchased in the MWS1000 appliance.

    Read more


    • Deceptive Detection Points use the attacker’s behavior to detect the attack before it occurs—without false positives.
    • Changes the Economics of Hacking by breaking the tools that make hacking cheap and easy, forcing hackers to use manual techniques.
    • Prevents Automated Attacks by detecting the scanners that scour the Internet in search of unpatched vulnerabilities, and deceives them with fake data.
    • Zero Day Protection because WebApp Secure uses proactive, real-time detection rather than signatures which are inherently time-delayed.
    • No False Positives means WebApp Secure detection system is reliable.
    • Understanding the Attacks helps create and implement defensive measures.
    • Identity Beyond the IP ensures attackers devices are identified with more accuracy than ever before. Fingerprints the attackers devices and shares the fingerprints globally using Spotlight Secure. Fingerprints also consumed for enforcement on the SRX Series Gateways.
    • Ready Out of the Box with no learning mode, and no signatures to create.
    • Compatible WebApp Secure can protect custom and off-the-shelf web applications without modifying code.
    • Web-based Console provides a real-time view of hackers from any browser.
    • PCI 6.6 Compliance is easily met with WebApp Secure.

    Putting the press on hackers and malware

    The Brown Printing Company Case Study

    WebApp Secure Protects Brown Printing’s Web Applications in Real Time

    During the first month of deployment, WebApp Secure detected 210 malicious incidents against Brown Printing’s website, and five real-time attackers were found to be using hacking techniques normally associated with acquiring sensitive information. The visibility provided by WebApp Secure allowed these attacks to be stopped before any damage could be done.