Privacyware released an updated version of ThreatSentry, the company's IIS ISAPI-based Web application firewall. The latest version has improved parameter parsing and URL query string inspection capabilities as well as improved ability to detect deviations from normal site traffic. The enhancements work to better protect against against SQL injection and cross-site script (XSS) attacks.
"In recent months, we've witnessed the attack landscape -- SQL injection exploits in particular -- expand exponentially," said Privacyware CEO, Greg Salvato. "This problem is largely a result of the swift adoption of automated tools now in common use by hackers to rapidly identify vulnerable websites and servers. More urgent, however, is the evolving sophistication of the evasion techniques used which can render ineffective traditional rules-based (keyword and signature pattern-matching) technologies."
Pricing for ThreatSentry starts at $649 per server and works with Internet Information Services (IIS) 5.x and 6.0.