Application Layer Protection
eEye Digital Security pioneered the concept of application-layer protection, which has revolutionized proactive security. Unlike network-layer protection products, an application-layer solution works within the application that it is protecting. SecureIIS inspects requests as they come in from the network layer, as they are passed up to the kernel, and at every level of processing in between. If at any point SecureIIS detects a possible attack, including SQL injections, it can take over and prevent unauthorized access and/or damage to the web server and host applications.
IIS ISAPI Integration
SecureIIS was developed as an ISAPI filter, which allows for a tighter integration with the web server as compared to other application firewalls. SecureIIS monitors data as it is processed by IIS and can block a request at any point if it resembles one of many classes of attack patterns; including SQL injection and cross site scripting. Because of eEye's extensive knowledge of the various ways in which IIS servers and web applications can be attacked, as well as the nature of an application firewall, even undiscovered vulnerabilities are secured and thwarted.
Zero Day Protection
Unlike network firewalls and intrusion detection systems, SecureIIS does not rely upon a database of attack signatures that require regular updating. Instead, it uses multiple security filters to inspect web server traffic that could cause buffer overflows, parser evasions, directory traversal, or other attacks. Therefore, SecureIIS is able to block entire classes of attacks, including those attacks that have not yet been discovered. SecureIIS provides true zero day protection for entire classes of attacks whether known or unknown.
SecureIIS satisfies PCI (Payment Card Industry) standards for web application firewalls on servers involved in processing or transmitting credit card information.
SecureIIS provides value to customers by:
- Decreasing the amount of website downtime by protecting from known and unknown attacks, without requiring signature updates.
- Allowing organizations to patch using their regular patch cycle, all while maintaining the protection of unpatched IIS web servers against attack.