As part of our managed security services portfolio Aurora Networks provides a Web Application Firewall based on the open source security solutions ModSec and OWASP CRS.
Our Web Appliaction Firewall can operate with any web server technology.
A Web Application Firewall is intended to protect web servers from most common Internet attacks and malicious code, such as cross-site scripting, SQL injection, remote code injection, remote OS command injection, etc.
ModSecurity is a toolkit for real-time web application monitoring, logging, and access control.
At its core, ModSecurity access the HTTP traffic stream, in real-time, along with its ability to inspect it.
Full HTTP traffic logging: Web servers traditionally do very little when it comes to logging for security purposes. ModSecurity gives you that ability to log anything you need, including raw transaction data, which is essential for forensics.
The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity.
The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts.
The CRS provides protection against many common attack categories, including SQL Injection, Cross Site Scripting, Locale File Inclusion, etc.
Our WAF integrates in our SIEM and centralized log magamenet solution, so you can identify and investigate security incidents from a single system. Security events from ModSecurity and OWASP modules are stored for quick analysis and correlated. When security incidents are detected you have full visibility of the targeted web servers.
Get full visibility on your web servers access and activity.