Advanced Web Security and DDoS Protection
Intelligently Simple Web Security
Protector Air is focused on protecting individual sessions and the transactions within those sessions. Protector Web further protects the web server with enterprise-grade web application security and DDoS protection.
Protector Web eliminates website and application vulnerabilities such as cross-site scripting (XSS), SQL Injection, Remote File Inclusion (RFI) and the OWASP Top-10. It prevents attackers from gaining unauthorized access to web systems, compromising sensitive data and defacing websites while minimizing an organization’s dependency on secure development and 3rd party patches.
The Protector Web Approach
Protector Web is an advanced alternative to a conventional web application firewall (WAF), which addresses the critical WAF deficiencies by using active learning, active content serving and cloud replication. As a result, it dramatically reduces false positives and false negatives, shortens deployment time to hours and eliminates operational complexity.
How it works
Eliminating DDOS and Vulnerabilities
Protector Web actively scans your applications, learns their functionality, and protects them by understanding the context of each incoming request. As a result, it can accurately discern legitimate traffic from malicious traffic and will not block legitimate requests. By replicating web application components to the cloud, Protector Web removes up to 99% of the attack surface and dramatically simplifies maintenance. It continuously synchronizes with the applications to enable agile and secure application releases and integrate security with DevOps processes.
Active Learning Engine
An active learning engine rapidly scans the protected web application and learns its functionality. The scan, completed in hours eliminates the conventional learning mode required by WAFs and by application-layer DDoS protection solutions, which can take months to complete. The outcome of the scan process is the mapping of predictable response components and dynamic components of the web application.
Replication & Security Policy Creation
The cloud-based replica of the predictable response components manages up to 99% of the traffic to the application which dramatically reduces the attack surface and eliminates vulnerabilities (including CMS, 3rd party plugin and web service vulnerabilities). The remaining dynamic content, typically search and login fields, is protected by a greatly simplified security policy.
Context Aware Defense
Requests to the web application are served by Protector Web, extending your organizations secure perimeter to the cloud. Protector Web handles each request according to its context:
- Legitimate request to predictable response components are served statically by the cloud replica and do not require backend processing or any interaction with the original web servers, CMS or database.
- Malicious requests to predictable response components are not served at all, because the cloud replica only serves request that have been mapped and generated during the Active Learning phase.
- Requests to dynamic components are validated by the security policy and additional security measures. Illegitimate requests are blocked and only clean traffic is allowed to reach the original application.
Continuous Security Synchronization
The Active Learning Engine continuously and automatically scans the protected application and updates security policies to reflect changes to the application. The Active Learning approach enables agile development and continuous integration and release. Deployments are dramatically accelerated and teams are free to rapidly innovate.
The Protector Web benefits
Experience the Simplicity First Hand
Protector Web proof of concept
Try the Protector Web security architecture for one month with no integration or changes to code or infrastructure
Provide us with a url
Whitelist the Trusted Knight IP address
Approve your cloud-based replica and Trusted Knight will deploy within hours