WebApp Secure Overview

WebApp Secure protects websites from would-be attackers, fraud, and theft. Its Web intrusion prevention system uses deception to detect, track, profile, and block attackers in real time by inserting detection points into your webserver's output to identify attackers before they do damage. WebApp Secure then tracks detected attackers, profiling their behavior and deploying countermeasures.

WebApp Secure sits between your webservers and the outside world. It inspects HTTP and HTTPS traffic and functions as a reverse proxy. WebApp Secure seeks out potential attack attempts or probes by adding detection points to outbound web traffic and removing detection points from inbound Web traffic. These detection points are transparent to common, legitimate users. It then monitors and strips these points from the requests coming back from the user's browser. Any change to a detection point is an indicator of an attempted attack. The system logs incidents to a database of attacker profiles, and exposes them to the security administrators through a web-based interface. System administrators can then apply automated abuse-prevention policies, or respond manually.

Related Documentation