Protecting Customer Websites and Web Applications Web Application Security.

Slides:



Advertisements
Similar presentations
THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.
Advertisements

Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
Chapter 10: E-Branding – Building the brand online
Csci5931 Web Security1 Case Study: A Forensic Lesson for Web Security (MSS, part one)
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
E-business Infrastructure
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
Company Information & Services
Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.
Norman SecureSurf Protect your users when surfing the Internet.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
External Threats to Healthcare Data Joshua Spencer, CPHIMS, C | EH.
PCI requirements in business language What can happen with the cardholder data?
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”
PCI: As complicated as it sounds? Gerry Lawrence CTO
Website on Computer Security By: Brittany Freeman.
FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.
BUSINESS B1 Information Security.
Dell Connected Security Solutions Simplify & unify.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Data Center Firewall. 2 Common IT Security Challenges Does my network security protect my IT environment and sensitive data and meet the regulatory compliances?
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
Friday, October 23, Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.
Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.
Networking E-commerce. E-commerce ► A general term used to describe the buying and selling of products or services over the Internet. ► This covers a.
Information Security: Current Threats Marc Scarborough Information Security Officer
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Online Banking. Learning Objectives To learn how society has been affected by online banking.
By: Ted Worthington.  About TJ Max  Discovery  How the break in occurred  The Payment Card Industry-Data Security Standard  Lawsuit and Investigation.
Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,
LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Online Banking. Learning Objectives To learn how society has been affected by online banking.
Security Testing Market to Global Analysis and Forecasts by Model, End-users No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$ 3900.
Cyber Security Market to Global Analysis and Forecasts by Security Type, Solution and End-user Industry No of Pages: 150 Publishing Date: Apr 2017.
Security Testing Market to Global Analysis and Forecasts by Model, End-users No of Pages: 150 Publishing Date: Apr 2017 Single User PDF: US$ 3900.
PCI COMPLIANCE & A/R AUTOMATION 101 Nodus Technologies, Inc.
BUILD SECURE PRODUCTS AND SERVICES
Chapter 5 Electronic Commerce | Security Threats - Solution
TMG Client Protection 6NPS – Session 7.
Cloud Firewall.
AT&T Premises-Based Firewall Enhanced SBS Solution
Data Center Firewall.
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Firewall as a Service Market to grow at 25% CAGR from 2017 to 2024: Global.
Securing the Network Perimeter with ISA 2004
Chapter 5 Electronic Commerce | Security Threats - Solution
Chapter 5 Electronic Commerce | Security
Connor Griesemer and Kevin Wu
Chapter 5 Electronic Commerce | Security
Chapter 9 E-Commerce Security and Fraud Protection
Card Data Fraud.
Faculty of Science IT Department By Raz Dara MA.
Protect Your Ecommerce Site From Hacking and Fraud
Computer Security By: Muhammed Anwar.
Integration Overview and Opportunity
Computer Services Business challenge
Introduction to Networking Security
Presentation transcript:

Protecting Customer Websites and Web Applications Web Application Security

The Application Security Market Challenge Data theft Data leakage Compliance

The Damage E-payment site breach compromises 5 million customers Around five million customers of CheckFree Corp. and some banks that use its electronic bill payment service may be affected by a hack that gave criminals control of several of the company's Internet domains. 1/8/2009 Heartland Payment Systems disclosed that intruders hacked into the computers it uses to process 100 million payment card transactions per month for 175,000 merchants. 1/22/2009 Hackers breach Heartland Payment credit card system FAA says info on 45,000 workers stolen in data breach The compromise resulted from an intrusion into the system that was storing the data, the FAA said in a brief statement. 2/10/2009

What Enables Strong Application Security? Provide active protection Stop multi-vector attacks Inspect all requests – even encrypted ones Read the entire request - headers and content View the request as the application will Counter emerging threats

Web Application Firewall (WAF) Examines user interaction with the application Performs deep inspection of HTTP traffic content Blocks harmful requests Complements network security measures, e.g., firewall, IDS/IPS

Why Security Rules? Security rules define patterns that indicate hacking Generic rules based on hacking techniques, not specific applications Main benefits Low false-positive rate Strong security with low maintenance

Software plug-in for IIS and Apache dotDefender Positioning

dotDefender Security Engines

Typical Implementation

Technology Overview Software plug-in Multiple security engines Rule-based Low maintenance High efficiency, low impact Central Management Open API

dotDefender delivers: Award-winning Web application security Solution for a wide customer base - enterprise, SME, SMB, service providers Support for IIS and Apache Locks down virtual and cloud environments Affordable security and compliance Variety of licensing/pricing models Best TCO in the industry

Business Drivers eBusiness Transactions Sensitive data Active content Compliance – e.g., PCI Already under attack!

Target Markets Enterprise SME SMB Service Providers

Opportunities Reselling Services Consulting Implementation Integration Additional touch points

Sample Customer List

Applicure Technologies Jan 2004 Incorporated Apr 2007 IPO TASE: APCR Offices US Offices: NY & Atlanta Israel R&D office Worldwide network of business partners

dotDefender and You Provide better security to your clients Add premium security service to your portfolio Gain additional customer touch point Enhance your reputation Good for your customers’ security… and your bottom line! Good for your customers’ security… and your bottom line!