Breach Security Facilitates Community Testing of ModSecurity Core Rule

Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced it is advancing its ModSecurity product by facilitating unprecedented community collaboration and independent testing of the OWASP ModSecurity Core Rule Set (CRS) Project data by users.

ModSecurity is a web application firewall engine that requires rules to operate most effectively. The CRS is based on generic rules that provide protection from zero-day and unknown vulnerabilities often found in web applications, which are typically custom-coded and difficult to secure. The open source ModSecurity CRS is provided free to the public and has recently become an official OWASP Project with Breach Security Labs as the sponsor. As with any signature-based security application, constant testing and updates are essential. To help facilitate easier community testing of the CRS, Breach Security has released a demonstration testing page at http://www.modsecurity.org/demo/modsecurity-demo.html.

This page will allow users to send attack data through a live ModSecurity/CRS installation in order to identify any evasion issues. If a user identifies an issue, they can notify Breach Security personnel by either submitting a bug report ticket or by sending an email to the OWASP ModSecurity CRS mail-list.

“Breach Security is in a unique position in the web application firewall industry,” said Ryan Barnett, director of application security research for Breach Security, ModSecurity community manager and OWASP ModSecurity Core Rule Set project leader. “Having an open source product such as ModSecurity in our portfolio allows us to expose our security rules to the public for quality assurance and testing purposes in ways that other security vendors cannot. We want to leverage the global pool of outstanding web application security experts to help test ModSecurity to make it a better tool for the community at large.”

Benefits of providing the demonstration testing page include:

* The Core Rule Set will be tested by pen-testing specialists who are experts in breaking into web applications and evading security filtering devices.
* Breach Security is lowering the barrier for testing by not requiring community testers to install the software themselves.
* Breach Security is expediting the identification and reporting steps, which shorten the fix cycle.
* Signature improvements will be leveraged back into the entire Breach Security product line.

To Purchase Breach Products visit http://BreachWorks.com/

Reed Enlists Brookcourt Solutions, Breach Security

Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced that Brookcourt Solutions has deployed its WebDefend web application security appliance at reed.co.uk, the United Kingdom’s premier career source. reed.co.uk selected WebDefend to continue enhancing the online experience for the site’s users, as well as protecting the company’s distinguished brand. reed.co.uk has become a proven mechanism for attracting quality jobseekers to the U.K.’s largest selection of jobs, serving the recruitment needs of both recruitment agencies and direct employers.

As companies begin to supplement their traditional recruitment with the compelling usability of the web, online job seeking has soared, creating massive demand for reed.co.uk. “As competition for every available job has increased, jobseekers have increasingly embraced the Internet as the first and easiest place to look for their next job.” said Mark Ridley, director of technology for reed.co.uk. For reed.co.uk, business is booming; with unprecedented levels of site activity, a robust web application security solution to monitor, protect and report on activity surrounding reed.co.uk’s extensive web site and online applications is a necessity.

Brookcourt Solutions, the award-winning technology integrator, recommended Breach Security’s WebDefend solution to help ensure reed.co.uk users maintain a positive and satisfying experience on the web site. WebDefend’s detailed real-time reporting provides the information necessary to identify and quickly remediate application defects and security threats, helping ensure that reed.co.uk remains a well-known, trusted brand.

“As one of the U.K.’s best known web sites, we have to honour the trust our users place in us. We always take every step to ensure we are delivering the highest levels of service to the jobseekers, employers and agencies that benefit from reed.co.uk. Key to this is our zero-defect policy, which ensures we are focused on the quality of our code and infrastructure,” said Ridley. “Breach Security’s WebDefend serves as an early warning system for discovering issues, so that we can quickly identify, understand and resolve anomalies which could potentially impact our users.”

reed.co.uk is using WebDefend to block attacks and protect its site and web applications. WebDefend is deployed out of line in reed.co.uk’s environment, allowing analysis of all inbound and outbound data and the ability to block attacks with no impact on the company’s web site performance. WebDefend’s unique position ensures that reed.co.uk’s users experience no latency, helping to enhance the online customer experience.

“Brookcourt Solutions has been critical to Breach Security’s success and expansion in the U.K. with companies like reed.co.uk. As a well-respected technology integrator, clients know that Brookcourt makes recommendations with their security needs in mind,” said Sanjay Mehta, senior vice president for Breach Security. “We are thrilled to add reed.co.uk to the growing list of U.K. companies adopting WebDefend to protect against online threats and become PCI compliant.”

To Purchase Breach Products visit http://BreachWorks.com/

Breach Security Obtains $5 Million in Expansion Financing

Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced it has secured $5 million expansion financing from existing investor Sid R. Bass Associates. Funds will be invested in Breach’s product development and to further market expansion efforts.

“Breach Security has established market leadership in the web application security market and has amassed an impressive list of blue chip customers,” said Perse Faily, general partner at Sid R. Bass Associates. “Breach is well positioned to capitalize on the global demand for securing critical web applications and our additional investment provides the capital to drive accelerated growth.”

“An ever increasing number of successful web application exploits and stringent industry regulations are driving the rapid adoption of Breach products,” said Sanjay Mehta, senior vice president for Breach Security. “Sid R. Bass Associates’ further investment in the company provides the capital required to extend our technology innovation and market leadership.”

To Purchase Breach Products visit http://BreachWorks.com/

Breach Security Unveils WebDefend 4.0 Featuring Real-Time Application Monitoring

Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced the release of WebDefend™ 4.0. With this release, WebDefend is the only solution on the market to offer comprehensive web application security coupled with real-time web application performance monitoring to provide IT teams with a complete picture of web application health. This unique feature set provides unmatched security against malicious users and other threats against web applications, while also ensuring positive end-user experiences and successful transactions for legitimate web-based customers. WebDefend 4.0 also includes breakthrough enhancements in application security monitoring, analysis and control, and a new dashboard that offers a real-time security overview of protected applications along with the status of all systems in a WebDefend deployment.

Breach Security’s new web application performance monitoring provides users with real-time visibility into the performance of their web applications. With the new WebDefend 4.0, IT operators can track aggregate end-user experience and report service levels by providing real-time visibility into:

* Site and URL level availability
* URL and session-level transaction speeds
* URL and session-level error rates

WebDefend monitors every transaction in a web application environment and quickly detects key problem areas—such as the top 10 URLs with poor availability, slow speeds and high error rates. Application errors can be identified and logged in detail, including full HTTP or HTTPs requests and any associated errors in web server responses. WebDefend also allows IT operators to track HTTP and HTTPs bandwidth utilized by specific web sites, enabling capacity planning and internal charge backs associated with specific web applications.

Additionally, the new WebDefend enables service provider environments and third party technologies to offer detailed application-layer monitoring and analysis by delivering the web application firewall industry’s most information rich security events through flexible integration. “BT’s Managed Security Solutions Group has integrated WebDefend’s detailed web attack information and analytics to create a web application firewall monitoring service with unparalleled real-time application security insight and analysis,” said Toby Weir-Jones, vice president of product development, BT Managed Security Solutions Group. BT is one of the world’s leading providers of communications solutions and services, operating in 170 countries.

Other features in WebDefend 4.0 include:

* Enhanced Learning Engine—The Adaption engine in the new WebDefend provides more granular policy control and detailed analysis of anomalous traffic, automatically relearns HTTP constraints along with the existing information it profiles, and relearns about individual web application parameters. The new enhancements help organizations identify zero-day and targeted attacks, eliminate false positives resulting from application changes, and block with confidence.
* System-level Dashboard—From one screen, users have real-time visibility into security incidents, WebDefend events, and system information, such as concurrent HTTP and HTTPS connections being monitored by their WebDefend deployment.

“Our customers are concerned with securing their web environments and delivering an optimum end-user experience that is not marred by broken links, session time-outs and other issues that prevent the successful completion of web transactions,” said Brett Wilson, VP product management and global business development for Breach Security. “WebDefend 4.0 is the only solution available that automatically relearns applications as they change in production with no manual intervention, ensuring continuous protection, reducing false positives and providing unmatched insight into the protected web application environment. With this new release, IT teams can more quickly identify and repair web application problems, allowing enterprises to reduce costs and increase the return on investment in their web application environments.”

To Purchase Breach Products visit http://BreachWorks.com/

Nineteen Percent of Online Attacks in 2009 Targeted Social Networking Sites

New Web Hacking Report Shows Steep Rise in Web 2.0 Exploits Including Twitter Posts and Other User-generated Content. Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced a steep rise in attacks against social networking sites, according to the Web Hacking Incidents Database (WHID) 2009 Bi-Annual Report. Accounting for 19 percent of hacking incidents, social networking sites were the most targeted vertical market in the first half of 2009, with hackers exploiting Web 2.0 features such as user-generated content including Twitter posts to launch their attacks.

The WHID project compiles and analyzes application-related security incidents, focusing exclusively on publicly reported web application security attacks that have an identified outcome. The WHID 2009 Bi-Annual report analyzed global security incidents that occurred from January 1 through July 31, 2009, a 30 percent increase in overall web attacks compared to 1H 2008.

Key findings from the WHID 2009 Bi-Annual Report include:

* Drivers for Web Hacking—Defacement, which combines both planting of malware and standard overt changes, remains the most common outcome of web attacks (28%), while leakage of sensitive information is a close second (26%, up from 19% in 2008). Disinformation is a distant third (19%), mostly due to the hacking of celebrity online identities.

* Most Prevalent Attack Vectors—SQL Injection remains the number one attack vector, accounting for nearly one-fifth of all security breaches (19%). Attack vectors exploiting Web 2.0 features such as user-contributed content were also commonly employed: authentication abuse was the second most active attack vector (11%), and Cross Site Request Forgery (CSRF) rose to number five with 5% of the reported attacks.

* Vertical Markets Under Attack—Social networking sites emerged as the most targeted vertical market with 19% of the incidents, a dramatic increase from prior years when this sector was not represented, and displacing government/law enforcement from the number one spot in 2008.

“The dramatic rise in attacks against social networking sites this year can primarily be attributed to attacks on popular new technologies like Twitter, where cross-site scripting and CSRF worms were unleashed,” said Ryan Barnett, director of application security research for Breach Security. “Looking back at 2008, a notable election year, government-related organizations were the top-ranked attack victims and have now dropped to number three. The WHID report demonstrates that hackers can be fickle, following popular culture and trends to achieve the most visible effect for their efforts, which means that companies must be vigilant in implementing web application systems and monitoring application activity.”

The Web Hacking Incident Database (WHID) is a project dedicated to maintaining a record of web application-related security incidents. The WHID’s purpose is to serve as a tool for raising awareness of web application security problems and to provide information for statistical analysis of web application security incidents. Unlike other resources covering web site security – which focus on the technical aspect of the incident – the WHID focuses on the impact of the attack. Breach Security Labs is a WHID project contributor.

To Purchase Breach Products visit http://BreachWorks.com/

Global Secure Systems Partners With Breach Security

Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced that Global Secure Systems (GSS) has joined the company’s worldwide partner network. GSS secures corporate data by delivering full consultancy services, ranging from Data Protection Act issues to ISO 27001 and PCI compliance to penetration and application testing.

As a new Breach Security partner, GSS is adding Breach’s WebDefend web application security appliance to its suite of data security offerings including firewalls, VPNs, encryption, patch management and wireless network security. The UK-based reseller has a strong foothold in the region, delivering data security solutions to more than 2,500 clients.

“GSS is a highly dedicated reseller focused on ensuring that organizations are protecting their key asset – their data,” said David Hobson, managing director for Global Secure Systems. “As IT security challenges evolve and companies face new compliance issues, it is important that our clients are protecting their application layer against the latest threats and meeting regulations such as PCI compliance. We’ve identified WebDefend as the best way to ensure our clients are protected.”

Application security is one of the world’s fastest-growing technology markets. Breach Security channel partners, such as GSS, provide increased value to their clients by adding application layer security to their existing security offerings.

“As a prominent UK reseller committed to delivering information assurance to its widespread client base, GSS was a natural fit for Breach’s partner program,” said Sanjay Mehta, senior vice president of sales and marketing for Breach Security. “GSS offers its clients a world-class suite of security products and we’re proud to have joined the ranks.”

To Purchase Breach Products visit http://BreachWorks.com/

Layoffs Negatively Impacting Enterprise Security

Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced live at the Black Hat USA Security Conference the results of an on-the-ground survey of the show's IT security executives and influencers.

A Breach Security survey of 180 IT security professionals attending Black Hat found that over 45 percent of respondents have experienced a reduction-in-force this year that has impacted their security organization's ability to adequately protect the enterprise. 46 percent of respondents identified compliance as their organization's highest priority. 38 percent of those polled listed improving application security controls as their organization's highest priority.

Breach Security also found that one in four companies seldom report on application layer hacking attempts – either successful or failed. In addition, 15 percent of respondents reported poor controls in place to detect non-PCI related information leakage, such as information about their infrastructure and applications, and 15 percent reported no controls in place.

"Security continues to be a concern for corporate America, but a surprising number of companies haven't taken the steps necessary to properly protect against information leakage and web attacks, or to establish and maintain accurate reporting mechanisms," said Sanjay Mehta, senior vice president for Breach Security. "Poor global economic conditions have caused organizations to focus on the minimum investments required to appease auditors instead of implementing solutions to adequately protect customer and corporate data."

Nearly 60 percent of survey respondents reported that it takes their companies between one and four weeks to remediate a SQL injection, cross-site scripting attack or other critical web vulnerabilities.

For more information about Breach's survey of Black Hat conference attendees, please visit Breach Security in booth #29 at the Black Hat USA 2009 conference at Caesar's Palace Las Vegas, Nevada

To Purchase Breach Products visit http://BreachWorks.com/