The signature-based DragonWAF activates defense mechanism when IIS server is under attack, it records all attack patterns using intellectual filtration techniques, webmasters are able to add more filtration strings by themselves, customize warning messages. The multiple graphic reports facilitate log management, making optimal security control an easy task. DragonWAF is capable of blocking any SQL Injection target at database (Oracle, MySQL), DragonSoft offers the online updater and continuously to update database.DragonWAF effectively prevents against 18 common web application attack methods: 1. SQL Injection2. Server-Side Include3. Directory Indexing4. Path Traversal5. Cross-Site Scripting6. Buffer Overflow7. LDAP Injection8. Phishing9. HTTP Response Splitting10. Content Spoofing11. Predictable Resource Location12. Denial of Service13. Application Fingerprinting14. Insufficient Session Expiration15. Session Fixation16. Web Server Fingerprinting17. Abuse of Functionality (emails, spiders, data theft)18. Command Injection
No comments:
Post a Comment