New Application From Astaro Protects Web Servers and Applications

WILMINGTON, MA - Astaro Corporation, a leading Unified Threat Management vendor, today announced the release of Astaro Web Application Security, which protects Outlook Web Access and other applications as well as servers against sophisticated attacks like SQL Injections and Cross Site Scripting. Unlike other solutions, Astaro Web Application Security does not require in-depth knowledge of hackers’ methods.

"Many people who can benefit from web application security are unaware of it. They are convinced that having measures like web security or intrusion protection are enough," said Gert Hansen, Vice President Product Management at Astaro. "They think even if their website gets tampered with, they’ll just revert to a backup. But what if their website starts giving out viruses or malware to their customers? Not every bad guy is after credit card numbers. By the time you notice it, it can be too late and your reputation has suffered."

Astaro Web Application Security adds new functionalities to the Astaro Security Gateway:

• Web Application Firewall: Keeps web servers and their applications like Outlook Web Access from being exploited by hackers from using SQL injection or Cross Site Scripting.
• URL Hardening: Forces visitors to interact with your servers in a way that is correct and expected, using a digital URL signing architecture.
• Cookie Signing: Ensures that cookies given out to visitors by your web servers have not been tampered with.
• Dual AntiVirus Scanning: Two separate scanning engines operate in parallel to scan and block content before it is allowed to enter or leave the network.

To repel these types of sophisticated attacks, IT administrators usually need to have in-depth knowledge about their systems and the hackers’ methods. Web application firewalls are an alternative for specialized web server hardening experience, but they are usually expensive and difficult to setup. Astaro Web Application Security allows IT administrators to protect their web servers against nine of the OWASP Top 10 Risks without training in this area.

"A website is not a flat piece of paper, but is composed of up to hundreds of objects served on each visit, giving hackers many places to attack," explains Hansen. "Astaro URL Hardening registers which valid objects are given to a visitor by the web server, signs them, and examines their subsequent requests, rejecting them if they are not expected and correct. The administrator does not have to waste time creating and checking rules, as the Astaro Security Gateway works directly with how the web server interacts with visitors."