Security vendor Breach Software has announced the latest release of its flagship WebDefend web application software.
Breach, who focus exclusively on web application security, says that version 3.2 will extend the capability of its previous versions making it more attractive for businesses to adopt.
"The pervasive, complex and dynamic nature of web applications introduces unique security implications," said Mike Pierce, CEO of Breach Security. "Organisations of all sizes require continuous application security solutions that automatically adapt to application changes and a constantly changing threat landscape."
The company claimed that the new version of the software will include automated detection of application resource abuse, which it claims is an industry first.
Unlike a typical attack on websites exploiting vulnerable code, this will defend against flaws in business logic, such as an unusually high rate of requests for information from a single user posing as a subscriber. It was claimed that if these 'scraping attacks' were left undetected, it could result in data leakage and theft.
Pierce told IT PRO why he felt web applications needed to be secured properly: "They have gained importance for two main reasons. Today every application is a web application. Companies are investing in web apps as nobody wants to use something that's just used in-house."
"Business and commerce will continue to grow on the web and will continue to grow for decades. That's where the money and transactions are and is the growing force for all business. Conversely though, that's where the bad guys go."
The CEO also predicted that 2008 would be all about automated Google hacking and the botnets: "It's continuous and will never stop. We've just understood there's a site in China where 10,000 registered users come along to the site to learn about hacking. It's just frightening. I think the wave moving forward is automation."
Author: Asavin Wattanajantra
IT Pro Online