Hot Pick: Sentryware's HIVE 3.0 - Information Security Magazine - Page 1

Hot Pick: Sentryware's HIVE 3.0

HIVE 3.0
Sentryware
Price: Starts at $16,500

 

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.
HIVE 3.0

Web hacks are a fact of life. There's no way to guarantee Web application security, given the increasing sophistication of intrusions and the continued use of inherently insecure programming languages, such as C and C++.

Sentryware's HIVE 3.0 stands alone with its fresh approach to securing Web apps, user data and corporate brands. The appliance proxies all inbound and outbound transactions to protect Web applications from known and unknown attacks. The magic is in its unique technology, which effectively uses application-layer tokens to proxy each Web transaction and validate requests.

Most perimeter-based Web app security products require detailed knowledge of the application and its infrastructure, which translates into time-consuming, often cumbersome deployments. In stark contrast, the only information you need to put HIVE into action is contained in what first appears to be alarmingly scant documentation--alarming until you see how well the product blocks Web-based attacks with a minimum investment of time and effort.

Plan to spend only an hour to 90 minutes configuring HIVE for an individual enterprise application--enough time to input app and network particulars, including site location, firewall information, account creation and audit controls.

HIVE's technology stops automated hacking tools from directly compromising the site, and stops malicious users from manually attempting to modify requests. We tested HIVE on two Web sites we created and the Open Web Application Security Project's (OWASP) WebGoat. HIVE stopped every common and advanced attack we fired at it: multiple variations of cross-site scripting (even encoded CSS attacks that spanned multiple lines within a form), Universal Resource Identifier (URI) buffer overflows, JavaScript parameters, hidden form field manipulations and SQL injections.

This was first published in March 2005