Why so much for IndusGuard WAF?

MUMBAI, India - June 5, 2014 - PRLog -- The growing reliance on Web in their operation set up is driving companies – both large and SMBs, to deploy a WAF( Web Application Firewall). Vertical segments such as BFSI, e-commerce are leading this adoption with retail, health care, education, transportation and government expected to follow. The global WAF market is expected to be USD 1.2 Billion by 2017, as per Frost & Sullivan.

On 28^th May’14, Indusface, a leading and award winning total application security company, announced the general availability of IndusGuard WAF, the industry’s first SECaaS (security as a service) Web Application Firewall and Fully Managed Application DDoS (distributed denial-of-service)solution. IndusGuard WAF provides out-of-the-box, plug and play, real-time monitoring and protection for critical web applications in the cloud and on premise and is the industry’s first to guarantee zero WAF false positive.

Traditionally, the risk of false positive, i.e. the obstruction of legitimate traffic that creates service interruptions has hindered the wide scale adoption of WAFs. Indusface is the first company to guarantee zero WAF false positive with respect to fixing of the known vulnerabilities and ensure that no legitimate web traffic is affected. IndusGuard’s guarantee of zero WAF false positive has led to a positive surge in its adoption during the beta stage by its BFSI customer segment.

IndusGuard WAF applies a set of rules to HTTP conversations to protect web-based applications by combining human intelligence based expert tuning along with application profiling that continually updates with new rules to keep up with application updates and newly emerging threats. It protects against OWASP² Top 10 and WASC³ TC v2.0 (security vulnerabilities as defined by these industry initiatives), along with PCI DSS compliance assurance.

“Given the increase in the number of cyber-attacks on web applications and the sophisticated methods being employed to bypass defences, IndusGuard WAF along with the DDoS solution is the industry’s first to provide in-depth detection, defence and protection to mission critical web applications. IndusGuard’s guarantee of zero WAF false positive is a game changer to the adoption of WAFs globally. With changes taking place so frequently on web applications, it is extremely difficult for security teams to stay ahead of them, whilst ensuring vulnerabilities are kept at bay. IndusGuard WAF offers an excellent line of defence for such applications and provides protection against a wide range of attack vectors”, said Ashish Tandon, Chairman & CEO, Indusface.

Recent Gartner findings strengthen Indusface’s launch today:

Gartner emphasizes that 75% of cyber-attacks take place at the web application layer. It observes that WAFs are different from next-generation firewalls (NGFWs) and intrusion prevention systems (IPSs). WAFs protect, at a granular level, the enterprise’s custom Web applications against Web attacks and are most often the only technology that inspects encrypted and unencrypted inbound Web traffic. It further observes that avoiding false alerts ("false positives"), in particular, requires specific attention.

Gartner recommends that security leaders assess the need for WAFs, based on the business impact of each Web application — public facing, partner facing or internal. Further, it recommends that WAF technology should be deployed in combination with application security testing.

“IndusGuard WAF checks off on all boxes and more vis-à-vis Gartner recommendations. Our legacy in application testing, which is recognized by Gartner in their 2013 Magic Quadrant, combined with the launch of our WAF, which provides protection at the application layer with zero WAF false positive guarantee – is not only an industry first but also a winning combination for customers”, added Ashish Tandon.

The growing reliance on Web in their operation set up is driving companies – both large and SMBs, to deploy a WAF. Vertical segments such as BFSI, e-commerce are leading this adoption with retail, heath care, education, transportation and government expected to follow. The global WAF market is expected to be USD 1.2 Billion by 2017, as per Frost & Sullivan.

IndusGuard WAF features -

§  Zero WAF false positives - guarantees that the product rules for known vulnerabilities will never block legitimate traffic.

§  Continuous application defense –comprises of comprehensive learning, profiling and protection against new application vulnerabilities.

§  Managed Application DDoS Mitigation - a combination of specialized DDoS mitigation rules for most application layer DDoS attacks, combined with 24x7 monitoring from application security experts.

§  24x7 expert monitoring by certified security experts - certified security analysts provide round the clock testing, along with expert analysis and alerts when necessary.

§ Intelligent application profiling - performs in-depth application profiling to understand the application’s logic in detail.

§  Centralized portal & real-time reporting in a SAS 70 certified data center - A central dashboard provides unique insights into the geographic distribution of attacks on an organizations applications, that enables forensics on past attack patterns and allows the development of new mitigation strategies.

§  Custom rules to protect against business logic vulnerabilities - IndusGuard WAF provides customized threat protection which is unique to each application depending on logic for data validation, error handling etc.

§  Pay as you go model – that helps customers to manage their security investments within the framework required by their business units to implement a WAF.

§  Compliance Support - IndusGuard WAF provides protection against OWASP Top 10 and WASC TC v2.0 and supports compliance for PCI DSS requirements.

About Indusface

Indusface is a privately held, award winning, innovative, fast growing company, that provides organizations with total application security to detect, defend and protect their application assets. It caters to more than 600 customers worldwide across different verticals.The company has been recognized by Gartner in 2013 and positioned on the Magic Quadrant for Application Security Testing. It has been empanelled by prestigious independent bodies, PCI ASV and CERT-IN.

For more information, visit www.indusface.com
Follow Indusface on Twitter @indusface