provided by: 
Originally published at Internet.comWebDefend is, at its core, a security appliance that is deployed out-of-line, inside the firewall, off of a network TAP or monitor. The appliance provides security features targeted specifically to the prevention of security exploits in Web applications.
WebDefend profiles individual Web applications specifically for the types of behaviors that are typically acceptable for that application. The appliance then monitors Web traffic in regards to the application, analyzing the traffic in the context of this automatically generated security profile. When a deviation from the normally acceptable behavior is discovered, the device hands the traffic off to its multiple, individual detection engines in an attempt to identify the exact type of threat presented by the behavior.
Detection features of the appliance include ExitControl, which examines data entering or leaving the corporate network for specifically recognized data patterns that may represent sensitive data (such as SSNs or credit card numbers); and Security Defect Detection, which seeks to identify app defects based on insecure coding techniques. The vendor states that SSL traffic can be examined without requiring the termination of the original encryption session; and the product ships with pre-packaged rule-sets specifically designed for PCI DSS compliance.
Once an attack has been identified, the device can take several possible actions in an effort to block the attacker from continuing their actions. The device can work in concert with existing infrastructure, including rewriting firewall rules, issuing commands to the Web server (IIS via ISAPI filters, and Apache with extensions), issuing TCP resets, etc.; and can additionally log the user out of the Web application in question.
New features in the latest release of WebDefend include support for the masking of magnetic stripe data (preventing it from being stored or displayed anywhere within the WebDefend software, including audit logs), image "leeching" prevention (watching specifically for images linked to external Web servers), detection of phishing attacks on Web sites, and an updated signature database (application signature rules that are used to identify known attacks).
WebDefend is available now. Contact Breach Security for further information.Author: EITPlanet Staff
Read article at Internet.com site