Hot-patches Now History for SAP Web Applications with Integrated Security Software

Regensburg, Germany, September 1, 2009 – Today, art of defence, the leading distributed web application firewall (dWAF) provider, and Virtual Forge, the leader in SAP software security, announced they have partnered through product integration to end the need for security hot-patches on SAP systems. Companies that depend on SAP technology now have the ability to discover and shield any software security issues before they become problems without bringing the system off-line, avoiding unplanned down time. Patch development is saved for regularly scheduled cycles, increasing overall system productivity and improving the quality of patches.

Through the partnership, Virtual Forge’s market-leading SAP ABAP source code scanner, CODEPROFILER, detects software vulnerabilities and feeds any findings directly into art of defence’s dWAF solution, hyperguard™. All security lapses identified are immediately presented to the administrator through dynamic ruleset suggestions within hyperguard. Conflicting dWAF rulesets, which may leave holes in web application shielding, are prevented with hyperguard. The dWAF is the industry’s only solution available today that enables development, testing and deployment of new application security policies without ever relaxing the established defenses or risking false positives.

“Experience shows that there’s at least one critical security in 2,000 lines of SAP ABAP code. This leads to significant defect rates, even in smaller development projects. Since patch issues create considerable productivity challenges for SAP systems due to their pervasive, foundational nature, there’s a strong need for an effective solution. Processes, divisions and even whole companies are impacted when these systems come offline,” says Markus Schumacher, CEO, Virtual Forge. “Integrating our CODEPROFILER with art of defence’s hyperguard translates into secure SAP Web applications at all times while patches can be calmly created, tested and imported during the regular maintenance routine.”

“Source code scanning and web application shielding software go hand-in-hand, and SAP developers will find comfort knowing the market leading CODEPROFILER now integrates fully with a powerful, flexible dWAF,” said Georg Hess, founder and CEO, art of defence. “By putting the administrator in complete control over all rulesets, hyperguard makes sure only malicious traffic is prevented.”

hyperguard’s entire software architecture was carefully designed to ensure that it can be integrated as flexibly and seamlessly as possible into existing security and Web infrastructures with no disruptions or interference in service. hyperguard adds high-level proactive security features typically not found in other WAF solutions, such as secure session management, URL encryption and a web authentication framework. Available as a SaaS, software plug-in, virtual appliance, hardware appliance or as a standalone software solution, hyperguard is the world’s most flexible, scalable solution for web application attack detection and complete web application shielding.

For more information about hyperguard, the company or about partnership opportunities, visit the Art of Defence website (www.artofdefence.com/en), and for details about Virtual Forge, visit their site (www.virtualforge.de).

Art of Defence Releases White Paper: Safety in the Cloud(s): ‘Vaporizing’ the Web Application Firewall to Secure Cloud Computing

Extends Cloud Security Alliance’s Best Practices Document

Regensburg, Germany, July 21, 2009 – Art of Defence, the leading distributed web application firewall (dWAF) provider, today announced the release of a white paper defining how to apply software-based distributed web application firewall technology to secure cloud computing. The paper extends the work done by the Cloud Security Alliance (CSA) and lays a foundation for what cloud providers need to consider when securing their applications beyond development best practices.

Author, Alexander Meisel, CTO of Art of Defence, posits that a WAF must escape hardware limitations and be able to dynamically scale across CPU, computer, server rack and datacenter boundaries, and be customized to the demands of individual customers. Resource consumption of this new dWAF must be minimal and remain tied to prevention / detection, such as using black, white and grey listings for application requests and responses.

The white paper outlines the importance that all pre-set policy enforcements be activated or deactivated only with approval from an administrator, and deployment and policy refinement through establishing rulesets must be possible in a shadow monitoring or detection only mode. Once the shadow monitoring ruleset is stable, only then should it be allowed to deploy in an enforcement mode on the dWAF. This will allow complete transparency for the administrator into the real-world effect of this ruleset, while at the same time allowing layered rulesets to be tested without compromising existing policy enforcement. Avoiding false positives and relaxed established defenses are essential for a real-world, usable dWAF in a cloud.

“While organizations such as CSA and Open Web Application Security Project (OWASP) are making great strides, to improve cloud computing security, the use of dWAFs is being overlooked,” said Alexander Meisel, CTO, Art of Defence GmbH. “With more businesses adopting cloud computing models, the responsibility of protecting sensitive information is on the organization. We developed this whitepaper to offer companies a view for how to move traditional WAF security to the cloud through a distributed model.”

Free to download, the paper is available on the company’s website. For more information about Hyperguard, the company or about partnership opportunities, visit the Art of Defence website (www.artofdefence.com).