Processors Overview

WebApp Secure uses a modular approach to securing your application. Each module is responsible for monitoring, detecting and securing a particular aspect of the application and/or individual HTTP request/ response. These logical entities are referred to as Security Processors. Processors are the configurable operators that implement an additional layer of security between the application/webservers and the end user. They are responsible for analyzing the request and response data sent to and from the server and they monitor anything from the state of injected honey pots to contents of the headers and the body of the HTTP/HTTPS requests and responses.

Processors can be managed through the system configuration user interface. While some of the operations can be as simple as incrementing a counter, others are far more sophisticated and can alter the request and response data so it is important that you configure processors correctly to ensure web application's security and functionality.

Each processor is monitoring the HTTP stream for particular alterations from what is considered typical traffic. These alterations are called "triggers". Each security processor can have several triggers they are responsible for detecting. If matched, the processor responsible for handling it will generate a security incident. Incident varies by its complexity, which is explained in the section below.