IronBee is a new open source project to build a universal web application security sensor. Its like building a universal web application ...

IRONBEE: The Open Source Next Generation WAF!

Wednesday, February 16, 2011 Sensei Fedon 1 Comments

IronBee IRONBEE: The Open Source Next Generation WAF!IronBee is a new open source project to build a universal web application security sensor. Its like building a universal web application firewall in the cloud Open Source Next Generation WAF for the Community! It is a new open source project from Qualys to build a universal web application firewall sensor in the cloud through collective efforts of the community.
There are two projects included in this one:
Projects:


  1. IronBee – universal web application security sensor intended for real-time monitoring and defense
  2. LibHTP – security-aware library for the parsing of HTTP and related content
A WAF is typically an appliance, server plug-in, or software-based filter that applies a set of rules to an HTTP conversation in order to monitor and control the movement of data, thus keeping it secure from possible attacks. By customizing the rules of a WAF, many attacks can be identified and blocked.
The increasing use of web applications and the transition to cloud computing makes it necessary to deploy WAF technology to protect data and meet regulations such as payment card industry (PCI) compliance. With the launch of IronBee, Qualys is creating a sustainable community for commercial and open source contributors that will ensure that companies of all sizes are able to use next-generation WAF technology to protect their data and IT assets.
Features of IronBee :
  • State-of-the-art application security inspection engine that provides new processing tools and analysis for HTTP traffic.
  • Apache Software License v2, a non-viral open source license that allows individuals and commercial organizations alike to participate, creating a community of users as well as a community of developers.
  • Portability, built from the ground up to work in multiple deployment modes, such as passive, embedded, out of process, and reverse proxy.
  • Modular architecture, enabling contributors to easily implement their own modules without requiring deep understanding of the IronBee architecture, as well as allowing straightforward packaging of configuration information and modules appropriate to user needs.
  • Community collaboration effort in order to capture, centralize and share the information needed to defend web applications.
Download IRONBEE here
Click here to view the IronBee whitepaper.

Resource: Pentestit

1 comment:

  1. Thanks for this useful post, I looking for this and finally got it, really very useful information about network security. Thanks

    Network Security

    ReplyDelete