ThreatSentry 3.0.94.0

ThreatSentry 3.0.94.0 will make you feel pleasant because it protects Microsoft Windows Web servers from a broad range of web application threats including Cross Site Request Forgery (CSRF/XSRF), Structured Query Language (SQL) Injection, Cross-Site Scripting (XSS) and other attacks.

ThreatSentry combines an advanced web application firewall, a proprietary NDIS driver, and an AI-based intrusion prevention engine to identify and take action against known and new threats as well as activity falling outside of trusted parameters.

ThreatSentry also fulfills the web application layer firewall (WAF) requirement in PCI DSS 6.6 and aids in the web application code review process by revealing vulnerabilities embedded within software code.

Major Benefits:

1. Unsurpassed Protection from Known/New, Internal/External Threats –Advanced system/behavior profiling and comparative analysis engine enables ThreatSentry to extend the intrusion detection and prevention capabilities of conventional pattern matching, rules, and policy-based systems. ThreatSentry supports single or multiple server environments and provides protection from an array of documented exploitive techniques including Directory Traversal, Cross-site scripting, Parameter Manipulation, Buffer Overflow, Denial of Service, SQL Injection, Parser Evasion, High-bit Shellcode, Printer Protocol, and Remote Data Services, but also stops any unusual activity falling outside acceptable patterns of use.
2. Breakthrough Combination of Advanced Technologies – ThreatSentry is pre-configured with a knowledgebase of known exploitive techniques and attack characteristics. The knowledgebase is complemented by a behavioral engine that continuously learns typical system activity to establish a dynamic baseline. Each server connection is compared against the knowledgebase and system baseline to identify and take action against any activity falling outside trusted parameters. ThreatSentry’s intrusion prevention capabilities progressively improve as the baseline evolves automatically or based on input from the system administrator. 
3. Extensive Administrative Control – The ThreatSentry management console provides administrators ultra-granular control over configuration settings, trusted and untrusted event management, rule and signature definition, blocked IPs, alert notification and the sensitivity level of behavioral engine.
4. Unparalleled Affordability and Ease-of-Use – Implemented as an IIS ISAPI extension and Snap-in in to the Microsoft Management Console (MMC), ThreatSentry is exceptionally easy to use and affordably priced for enterprises of any size.

Major Features:

1. AI-Based neural behavioral engine  
2. State-of-the-art Web Application Firewall  
3. Protection from known & new threats to IIS  
4. Protection from internal and external threats to IIS
5. Comprehensive Intrusion & Threat Blocking options 
   
6. SQL Injection, XSS, DDOS, etc. protection
   
7. Extensive Requests rules control/management
   
8. Email/Pager/Cell Phone Security Alert notification
   
9. Supervised and Self-learning capabilities
   
10. Security Alert/Training Data logs  
11. WHOIS database search  
12. On-screen & Audio Security Alert notification  
13. Adjust settings w/out IIS restart  
14. All-Port Firewall for Blocked IPs  
15. Extensive Blocked IP management options  
16. Intrusion Detection Only Mode  
17. Free install/evaluation session  
18. Technical Support  
19. HTML Reports  
20. Multi-server installation  
21. Centralized policy management  
22. Centralized Monitoring  
23. Remote/consolidated Security Alert log storage

Enhancements:

• Expands and optimizes signature/filter database
• Provides enhanced SQL-based attack defense.

 Requirements:

• Windows Server 2000/2003  w/ IIS 5.0/6.0
• Intel processor (>700 MHz)
• 64 MB minimum RAM
• 10 MB of free disk space