dotDefender™ is a software based web application firewall. dotDefender complements the network firewall and other network-based internet security products by intercepting seemingly legitimate users attempting to use the web application to commit fraud, or gain access to valuable and confidential information.

dotDefender™ is a website security software product that delivers excellent ROI through reasonable cost and simple deployment and maintenance, combined with effective web security. Red Herring predicts that in five years a web application firewall will be a must-have for website security, and dotDefender is uniquely positioned to become the gold standard in this category.

Web server security is achieved by rapid deployment of dotDefender™ as a software plug-in. This website security software provides HTTP security against application attacks, session attacks, and requests originating from known attack sources. Residing on the web server, dotDefender can be installed and implemented in minutes without influence on traffic or network architecture. The dotDefender™ website protector comes with a predefined set of internet security rules for out of the box best practices website protection. Automatic live update ensures website security that is ready to counter the latest malicious attacks.

dotDefender Technology

dotDefender™ checks every incoming requests for signs of malicious use, by comparing against signatures, attack patterns and session attacks. The dotDefender™ http security engine examines requests taking into consideration encoding and byte range that are used by hackers to camouflage harmful code. After dotDefender™ stops a suspicious request it will respond according to customer choice: log the incident, send a default or customized error page, or redirect the request. A white list is further consulted for authorized operations. For tighter protection of sensitive assets, dotDefender™ further incorporates elements of positive security.

A live update mechanism automatically updates the web security rules with new rules and signatures. Once installed, dotDefender™ can counter all modes of attack, current and future, for unbreachable web server security.

dotDefender™ is preconfigured with best practices sets of website security rules that require no learning period to provide excellent protection, using a combination of three technologies: pattern recognition, session protection and signature recognition.

Pattern Recognition
dotDefender™ checks incoming traffic for patterns that may indicate attack attempts, based on an extensive knowledge of hacking techniques. dotDefender™ engine can identify attack patterns in any part of the request for granular and accurate http security. A white list mechanism ensures the system only stops attacks, and approves all other requests.

Session Protection
dotDefender™ uses digital signatures to protect against malicious attempt to tamper with cookies for session hijacking and other modes of attack. dotDefender™ also intercepts denial of service attacks at the application level that cannot be detected by network security solutions.

Signatures

Applicure collects and confirms a listing of known attack sources, that dotDefender™ downloads automatically for cutting edge web server security. It also identifies user agents associated with penetration attempts.

dotDefender™ is a software based web application firewall that cost-effectively provides website security against malicious use of web application functionality.

dotDefender™ features include:

Powerful website security: dotDefender™ protects your web application from malicious attacks that are not handled by common network based web security products. Web Application Attacks: SQL injection, path traversal, cross site scripting, header tampering, and probes. Session Attacks - session hijacking, cookie tampering, denial of service, and encoding violation. Known Attack Sources – known worms, compromised servers, spammer bots, known spammers and bad user agents.

Rapid installation and integration: Installed as a web server plug-in, dotDefender™ provides tight website security quickly and efficiently. dotDefender™ has no influence on traffic or network architecture. Just install the plug-in on the web server and enjoy unbreachable web server protection.

Out of the box website protection: dotDefender™ is supplied with a best practices set of website security rules that provide out of the box web protection.

Performance: dotDefender™ utilizes negligible web server resources and handles encryption transparently to enable tight web security with no performance degradation.

Automatic live update: Automatic live web security update of rules and signatures from a centralized site ensures your website protection is always up to date, and ready to stop the latest attacks

Simple to maintain: Simple customization and effortless maintenance ensure versatile website protection that works for you. A live update protects your site against the latest attacks automatically. dotDefender™ utilizes negligible web server resources for affordable internet security.

Cost-effective:  The dotDefender™ website security software based product delivers excellent ROI from installation to mainte12 months Maintenance & Standard Support plus live updates are included in the purchase price.

12 months Maintenance & Standard Support plus live updates are included in the purchase price.

Standard Support program includes:

·         Software upgrades and fixes excluding major releases

·         Access via web and email

·         Service hours are 9am to 5pm (GMT), Monday through Friday

·         1 Year = 18% of total product price

·         3 Years = 42% of total product price

Premium Support program includes:

·         Software upgrades and fixes excluding major releases

·         Access via web, email and telephone

·         Service hours are 24x7

·         1 Year = 25% of total product price

·         3 Years = 60% of total product price