You are here: Home / Products / Breach

Breach

Breach Security, Inc. is the leading provider of real-time, continuous web application integrity and security that protects sensitive web-based information. Breach Security’s products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended.

WebDefend

Comprehensive Web Application Security for Large Organizations

Customized, behavior-based security for web applications.

  • Provides real-time, continuous web application security.
  • Delivers non-intrusive and effective security—WebDefend can be deployed either out-of-line or in-line to block detected attacks.
  • Automates web application compliance to regulations and industry standards, such as the Payment Card Industry Data Security Standard.
  • Detects security defects that vulnerability scans miss, by passively monitoring web application traffic.
  • Bridges the gap between security and development teams with detailed reporting on sources of vulnerabilities for quick remediation.
  • Profiles and validates XML and SOAP.
  • Supports HTTP compression automatically.
  • The WebDefend Global Event Manager is the first web application security management solution to enable customers to make distributed cloud and data center defense-in-depth architectures operational.

ModSecurity

Breach Security is committed to contributing to the development of the ModSecurity open source community.   Since the acquisition, Breach Security has provided the following products and offerings based on ModSecurity technology:

  • ModSecurity 2.x, 2.1.x and 2.5 – many significant upgrades releases to ModSecurity providing significantly enhanced analysis and performance updates.
  • Core Rule Set (CRS) – Breach Security facilitated the CRS becoming an official OWASP Project which provides essential web application security rules to the community.
  • Enhanced Rule Set (ERS) – optimized packages of ModSecurity rules for protecting commercial web applications with known vulnerabilities and ensuring web applications are compliant with specific regulations, such as PCI.
  • Rules Subscription Service – ModSecurity users can download periodic rule updates that virtually patch vulnerabilities identified in public software.
  • WebDefend Global Event Manager (GEM) – WebDefend is now able to accept ModSecurity events providing event consolidation for multiple ModSecurity sensors.
  • Support packages – for open source ModSecurity users.
  • Training packages – onsite ModSecurity Training offerings.

Web Application FirewallsApplication firewall solution

What Is a Web Application Firewall?

A web application firewall (also known as an application-layer firewall) is an appliance or software that provides customized protection for web applications against attacks.

Why Organizations Need a Web Application Firewall

Web applications are increasingly being targeted by hackers
With the growth in the use of web applications for business transactions and the rise in for-profit hacking, organizations need effective security to ensure their sensitive information remains protected against attacks. However, internal pressure to deploy web applications quickly often outweighs thorough security testing, leaving vulnerabilities that are open to threats.

Targeted application attacks are missed by network security solutions
Network attacks are generic and designed to cause harm by affecting service levels or availability, but application attacks are targeted toward obtaining information from a specific application. Since each web application is unique, security must be tailored to the application to protect against these targeted attacks, something network security solutions cannot provide.