Key Capabilities
Pulse Virtual Web Application Firewall
Proactive Application Security Features
Baseline Protection
  • Baseline Protection Wizard makes it easy to update policies
  • Known vulnerabilities and attacks are defined by black list and/or regular expressions
  • When a rule or policy is triggered, the request is rejected without exposing the application

Injection Flaws
  • Detect attempts to execute malicious code in a database or script
  • Typically via vectors such as SQL, LDAP or Shell
  • Custom rules can be set to look for application-specific patterns

Secure Session Management
  • Protect user and session data from being exposed through weak links such as session cookies and tokens
  • Enforce controls on user session timeoutsand session limits
  • Exchange weak session cookies for a more secure session management.

Secure Application Entry Points
  • Ensure user sessions start at approved entry points
  • Prevent deep linking into applications, enforcing entry points and authentication steps

Cross Site Scripting (XSS)
  • Validation of user-generated input
  • Exclude suspected XSS payloads
  • Create custom rules to trigger on specific XSS patterns

Cross Site Request Forgery (CSRF)
  • Authenticate online forms with a session- based key
  • Prevent cross-site linkage to online forms

Mask Sensitive Data
  • Enforce encryption for data in transit
  • Filter outgoing traffic for data leakage
  • Mask sensitive data such as SSN, Credit Card information

Redirection and Forwarding Attacks
  • Enforce fully-qualified URLs to protect against unwanted redirection
  • Protect against weak validation of redirection criteria used to trigger malware or phishing attacks
  • Define preferred redirection targets to trap attacks

Download as PDF