PROTECTOR WEB

Advanced Web Security and DDoS Protection

icon-edisonbulb

Intelligently Simple Web Security

Protector Air is focused on protecting individual sessions and the transactions within those sessions. Protector Web further protects the web server with enterprise-grade web application security and DDoS protection.

Protector Web eliminates website and application vulnerabilities such as cross-site scripting (XSS), SQL Injection, Remote File Inclusion (RFI) and the OWASP Top-10. It prevents attackers from gaining unauthorized access to web systems, compromising sensitive data and defacing websites while minimizing an organization’s dependency on secure development and 3rd party patches.

The Protector Web Approach

Protector Web is an advanced alternative to a conventional web application firewall (WAF), which addresses the critical WAF deficiencies by using active learning, active content serving and cloud replication. As a result, it dramatically reduces false positives and false negatives, shortens deployment time to hours and eliminates operational complexity.

How it works 

Eliminating DDOS and Vulnerabilities

Protector Web actively scans your applications, learns their functionality, and protects them by understanding the context of each incoming request. As a result, it can accurately discern legitimate traffic from malicious traffic and will not block legitimate requests. By replicating web application components to the cloud, Protector Web removes up to 99% of the attack surface and dramatically simplifies maintenance. It continuously synchronizes with the applications to enable agile and secure application releases and integrate security with DevOps processes.

Active Learning Engine Active Learning Engine

An active learning engine rapidly scans the protected web application and learns its functionality. The scan, completed in hours eliminates the conventional learning mode required by WAFs and by application-layer DDoS protection solutions, which can take months to complete. The outcome of the scan process is the mapping of predictable response components and dynamic components of the web application.

Replication & Security Policy Creation Replication & Security Policy Creation

The cloud-based replica of the predictable response components manages up to 99% of the traffic to the application which dramatically reduces the attack surface and eliminates vulnerabilities (including CMS, 3rd party plugin and web service vulnerabilities). The remaining dynamic content, typically search and login fields, is protected by a greatly simplified security policy.

Context Aware Defense Context Aware Defense

Requests to the web application are served by Protector Web, extending your organizations secure perimeter to the cloud. Protector Web handles each request according to its context:

  • Legitimate request to predictable response components are served statically by the cloud replica and do not require backend processing or any interaction with the original web servers, CMS or database.
  • Malicious requests to predictable response components are not served at all, because the cloud replica only serves request that have been mapped and generated during the Active Learning phase.
  • Requests to dynamic components are validated by the security policy and additional security measures. Illegitimate requests are blocked and only clean traffic is allowed to reach the original application.

Continuous Security Synchronization Continuous Security Synchronization

The Active Learning Engine continuously and automatically scans the protected application and updates security policies to reflect changes to the application. The Active Learning approach enables agile development and continuous integration and release. Deployments are dramatically accelerated and teams are free to rapidly innovate.

The Protector Web benefits

Reduce attack surface by up to 99%
Automate real-time policy configuration and updates enables DevOps and agile development
Protect against the complete range of web application attacks across the complete stack
Avoid blocking legitimate requests
Optimize for cloud-based applications
Protect complex, globally distributed web systems and keep maintenance under control
Achieve PCI DSS Compliance (requirements 6.5 and 6.6)
Deploy instantly in the cloud
Mitigate DDoS inherently

Experience the Simplicity First Hand

Protector Web proof of concept

Try the Protector Web security architecture for one month with no integration or changes to code or infrastructure

#1
Provide us with a url
#2
Whitelist the Trusted Knight IP address
#3
Approve your cloud-based replica and Trusted Knight will deploy within hours

Talk to a Trusted Knight Representative today to get started