OWASP Releases List of Top Threats, Supporting KaVaDo’s Comprehensive Web Application Protection
KaVaDo, the technology leader in Web application protection with its European operations centred in the UK, today announced that it prevents all threats listed in The Ten Most Critical Web Application Security Vulnerabilities, a report released earlier this week by the Open Web Application Security Project (OWASP).
This announcement supports KaVaDo’s unique approach to Web application security, which is designed to protect against every category of application layer threat without requiring individual attack signatures.
OWASP is an open source community project staffed entirely by volunteers from across the world, established to document and share knowledge and tools for Web application security.
The group created the Ten Most Critical list to help government and industry organisations focus their resources on preventing the most serious vulnerabilities that threaten them.
“The threat to Web applications and Web services has never been greater as companies surge to put new content online and make new services available through new channels. This emerging Web technology regularly bypasses traditional security controls like firewalls, and without effective due diligence organisations regularly find themselves vulnerable,” explained Mark Curphey, chair and founder of OWASP.
The report is organised by categories of vulnerabilities that frequently occur in Web applications. The top ten threats identified by OWASP are:
Broken Access Control
Broken Account and Session Management
Cross-Site Scripting (XSS) Flaws
Command Injection Flaws
Error Handling Problems
Insecure Use of Cryptography
Remote Administration Flaws
Web and Application Server Misconfiguration
KaVaDo’s Web application scanner, ScanDo, and Web application firewall, InterDo, both recognise all of the ten most critical vulnerabilities listed in OWASP’s report. Using KaVaDo’s advanced technology, ScanDo can identify these and other flaws in Web applications to help administrators fix potential problems. InterDo, with its unique modular design, prevents each category of Web application attack listed. InterDo monitors and secures all traffic to and from Web applications before it reaches critical back-end infrastructure, so that threats are completely neutralised. The two products can also interface with each other for enhanced, automated security policy creation.
“This list created by OWASP is an important step in educating the IT world on Web application threats, which most enterprises are grossly unprepared for. Companies should use this list to fully assess the security of their application environments,” said Yuval Ben-Itzhak, CTO and co-founder of KaVaDo. “With our goal of protecting the application layer for businesses on the Web, we are proud that our advanced technology eliminates all of these most critical threats.”
The complete report of the top ten vulnerabilities along with detailed descriptions and prevention methods can be found on the OWASP Web site at http://www.owasp.org/.
KaVaDo provides next-generation Web application protection solutions and vulnerability assessment products for the corporate market using its patent-pending Protected Path™ technology. These solutions account for the various types of threats against Web applications and allow IT management to apply only the necessary protection against anticipated threats, known and unknown. KaVaDo offers a unique, effective approach to Web application protection with minimum strain on system resources, easy installation and management, and flexibility to handle a variety of applications under different environments.
The company is based in New York with international research and development, sales and support facilities. KaVaDo has secured funding from Banc of America Equity Partners, Neurone Ventures and 3i. More information on the company can be found at http://www.kavado.com
Further editorial information:
+ 44 1189 344007
This press release was distributed by ResponseSource Press Release Wire on behalf of The Sage Partnership in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.