Built to Withstand the Toughest Attacks

Want to learn more?


Verizon Data Breach Report 2012

  Specification   Description
Web Application Security
  • Known threat signatures
  • Advanced behavior analysis that learns, adapts to individual users and applications
  • Adaptive learning, intelligence sharing from all protected websites worldwide
  • OWASP protection and zero day attack prevention
  • DoS protection at web application and page level
  • Site scraping protection
  • Any web application that is delivered by HTTP or HTTPS
  • Static and dynamic pages
  • CDN compatible
Known Threat Modules
  • SQL Injection
  • Cross Site Scripting and Request Forgery
  • Server-Side Injection
  • HTTP Response Splitting
  • Form Caching
  • Remote File Inclusion
  • Unix and Windows Command Injection
  • Unix and Windows Relative Path Inquires
Behavior Threat Modules
  • Navigational Abuse
  • Functional Abuse
  • Brute Force
  • Predictive analysis
Threat Protection Updates
  • No manual updates (SaaS deployment)
  • Threat signatures updated as new threats discovered
  • Behavioral analysis, predictive analysis algorithms
    updated quarterly
  • Web Console updated when new features introduced
  • Behavioral analysis engine adapts in real-time based on
    observed traffic
Global Security Platform
  • 20 data centers in nine countries on four continents
  • Multi-homed Tier 1network peering between all data centers
  • Rated Tier 3 or 4 and meet SSAE-16 or equivalent
  • Two additional Tier 4 data centers for administration, reporting
  • Capacity for hundreds of millions of session per month
  • All data centers fully redundant
  • Known threat, behavioral analysis performed in each data center
  • Automatic fail-over to nearest data center for
    uninterrupted protection 
SaaS Deployment
  • Lightweight script (20k) installed on website
  • Script monitors severy session
  • Automatic connection to xyberShield Global Security Platform
  • Complete installation, configuration in less than one hour
  • Independent of web server hosting location
  • Does not use DNS redirect or a proxy
 Operation
  • No use or storage of personally identifiable information
  • No SSL certificate required; session inspected after decryption by SSL module at application level
  • Compatible with indexing services, Google Analytics,
    3rd party tools
  • Traffic from any device (e.g. mobile)
Performance
  • Fraction of a single percent of web server CPU, bandwidth – main computing is performed by the Global Security Platform
Alerts, Reporting
  • Alerts via SMS, email; Common Event Format by Q4, 2012
  • Configurable User Alerts: option to warn or terminate user
  • Web console for monitoring traffic in real-time
  • Management, Operational, and Compliance Reports
  • Online storage for 6 months, offline for 2 years, longer
    by request
  • Reporting for PCI DSS 6.6 compliance
Enviroments Supported
  • Java 1.5 and higher
  • .NET 2.0 and higher
  • PHP 4.0 and higher
  • Any web server including Apache, IIS, Sun, nginx, Google and jigsaw
  • IPv4, IPv6
Availability
  • Monthly, annual, and multi-year contracts
  • Pricing based on sessions or bandwidth (Mb/sec)