Breach Security's ModSecurity Open Source Web Application Firewall

Breach Security announced today that the Breach Security WebDefend web application firewall has earned certification by ICSA Labs, an independent division of Verizon. WebDefend is one of the first web application firewall products to achieve this distinction.

The prestigious web application firewall certification is reserved for products that meet ICSA Labs’ stringent security standards for the accurate detection and prevention of application-level attacks and is also used to promote security awareness and understanding among users.

With attacks at the application layer increasing, more companies are now protecting their Web-based applications with these devices, which also helps them to meet the Payment Card Industry Data Security Standard for secure processing of credit card data.

“As the application security threat becomes more prevalent, industry standards, such as those established by ICSA Labs, continue to evolve to reflect current security issues,” said George Japak, managing director, ICSA Labs. “We are pleased to certify Breach Security WebDefend based on successfully meeting the required elements of the certification criteria and rigorous testing procedures for web application firewalls.”

“ICSA Labs certification of WebDefend demonstrates Breach Security’s commitment to delivering high-quality, high performance application security products,” said Marc Shinbrood, CEO, Breach Security, Inc. “This certification confirms that our product line meets some of the most rigorous requirements for securing web applications.”

WebDefend version 3.0, the latest version of Breach Security’s web application product line, performs a continuous, real-time assessment of production web applications for defects and reports actionable forensic results that extend beyond testing by application vulnerability scanners during development. WebDefend assesses the application in its production environment and detects insecure application design techniques that go unnoticed by scanners. This ensures the entire application is assessed and any runtime defects are detected immediately by the security team before they can be exploited by hackers. In addition, security teams can bridge the software development lifecycle gap by generating help tickets for defect remediation.