POSITIVE TECHNOLOGIES - WEB APPLICATION SECURITY AND THREAT DETECTION
Why Positive Technologies?
- Website is the heart of your business, and you need to protect it with the best web application firewall.
- You're not sure if your website is secure, you need one more layer to identify the threats on your website.
PT APPLICATION FIREWALL™
PT Application Firewall, a smart protection system developed by Positive Technologies, is a serious response to the security challenges created by today’s range of web portals, ERP and mobile applications. PT AF can block 30% more network attacks than other firewalls thanks to several innovative security technologies:
- Fast adaptation to your systems: Instead of applying the classical signature method, PT AF analyzes network traffic, logs and users’ actions, constantly creating and maintaining a real-time statistical model of the application during normal operation. It then uses this model to detect abnormal system behavior. Together with other protection mechanisms, it ensures 80% of zero-day attacks are blocked without any special adjustment needed within the client.
- Focus on major threats: PT AF weeds out irrelevant attack attempts, groups similar incidents and detects attack chains — from spying to data theft or backdoor setup. Instead of thousands of potential attacks, information security specialists receive a few tens of truly important messages.
- Instant blocking: PT AF’s virtual patching techniques allow you to protect an application, even before insecure code is fixed. Together with PT Application Inspector’s exploit generation mechanism, virtual patching provides continuous and automated detection, verification and blocking of vulnerabilities.
- Protection against security bypass: PT AF handles data with regard to a protected server technology stack, analyzes XML, JSON and other protocols typically used in modern portals and mobile applications. It ensures protection from the majority of firewall bypass methods including HPC, HPP and Verb Tampering.
- Behavioral analysis against robots: The mechanisms used against automated malware include protection from brute-force attacks, fraud, DDoS attacks, botnets, uncontrolled indexing, and data leakage.
- SSDL support: PT Application Inspector (PT AI) and PT AF provide developers with information about incorrect code in convenient formats including exploits, thus reducing the costs associated with secure development and testing.
PT APPLICATION INSPECTOR™
With its unique automatic exploit generation technology, Positive Technologies Application Inspector™ provides your security team with an easy-to-understand, vulnerability risk profile that in one click lets you see exactly how vulnerabilities found in your network, Web, mobile, ERP and client server applications can be used against your business.
- See precisely how hackers can utilize each vulnerability to attack your network, web, mobile, ERP and client server applications with automatically generated exploits
- Test both applications in development and in use. The unique combination of SAST, DAST and IAST means you don’t have to wait days or weeks to fix vulnerabilities — simply point PT Application Inspector at the folder containing the code to be tested
- Save time focusing on real vulnerabilities instead of coding errors, by drastically reducing the number of false positives
Get the Experience of our Experts
PT Application Inspector is backed by the knowledge of 200 security experts who audit thousands of unique network, web, mobile, ERP and ICS/SCADA applications and discover more than 150 zero-day vulnerabilities each year. The result is a single, user-friendly solution which enables you, without having to deploy applications, to quickly find and fill security holes.
Find the most hidden vulnerabilities across all your applications. Quickly patch existing security holes.
See precisely how vulnerabilities can be used to attack your business. And significantly accelerate your incident response and remediation times — all while drastically reducing your costs associated with compliance.
Now that’s a smarter approach to application security.
PT SS7 ATTACK DISCOVERY
PT SS7 Attack Discovery (PT SS7 AD) offers carriers the ability to rapidly detect, identify and analyze attacks on their SS7 networks. And, unlike existing SS7 firewalls, it has no negative impact on mobile services.
Low-impact detection for all major SS7 attack types
PT SS7 AD is installed on the border of a carrier’s SS7 network with only an IP connection required to begin detecting and investigating the most critical and common forms of malicious activity including:
- Monitoring networks and harvesting subscriber data (IMSI, MSC/VLR, HLR)
- Tracking a subscriber’s location
- Redirection and wiretapping of voice calls and SMS
- Sending fake text messages and data (USSD) from a subscriber’s number
- Denial of service to a subscriber or a network segment
- Bypassing the carrier’s billing system to make free calls
- Editing subscriber profiles in VLR, e.g. switching anonymous prepaid SIMs to function as post-pay and provide free calls
Dynamic analysis is used to rapidly identify irregular activity on the SS7 network and detect emerging attacks.
The PT SS7 AD knowledge base is regularly updated to reflect the latest research from the Positive Technologies Telecoms Research Lab.
Message correlation reduces false positives and ensures full perimeter coverage in systems that are load-balanced over several Signal Transfer Points (STPs).
Results data is visualized in configurable, user-friendly dashboards to help carriers quickly and fully understand their risk levels.
Upgrade Your Network Intelligence
PT SS7 AD creates a single SS7 stream database in the carrier’s network, so it can enhance overall levels of network intelligence. Use its in-depth analysis of signaling traffic and call flows to investigate fraud, gather evidence of malicious activity, detect errors in equipment and find bottleneck in your infrastructure.
MaxPatrol™ provides agentless, low-privileged, black-box and white-box identification of vulnerabilities and configuration defects within your applications, databases, network and operating systems.
With unique capabilities to cover ERP (SAP), ICS/SCADA, Core Telecom and Banking Systems, MaxPatrol™ is an all-in-one vulnerability management solution trusted by over 1,000 enterprises to maintain security and compliance.
MaxPatrol is the only solution that:
- Automates vulnerability and compliance management across all layers of your SAP infrastructure. MaxPatrol’s certified integration with SAP NetWeaver® 7.0, gives you control of SAP system parameters, services, vulnerabilities, SAProuter configurations, segregation of duties and so much more
- Provides an in-depth security assessment of core networks likeICS/SCADA, Core Telecom and Banking Systems and creates a practical attack model to illustrate where your business is at risk and outlines the steps you should take to protect it
Contact Bangkok System Software, the authorized distributor of this product in Thailand, at Kris, IT Security Solution Manager via 085-552-2333 and firstname.lastname@example.org for more information, request for presentation and demonstration or price inquiry. You can also visit vendor's website at https://www.ptsecurity.com/.