Syhunt Introduces All-in-One Web Application Security Software for SMEs

Apr. 22, 2004 — Syhunt, a leading supplier of web application security solutions, today introduced the industry’s first all-in-one web application security software. The Syhunt TS Web Security Suite delivers total security assessment capabilities to small and medium sized enterprises. When combined together, the Syhunt TS family of products – Syhunt TS Security Scanner, Syhunt TS Miner, Syhunt TS Log Analyzer, and Syhunt TS Security Hardening Tool – offers organizations a better way to guard their web applications and web services by conducting vulnerability assessments and penetration tests, and helping to implement appropriate security measures.

“We can illustrate the product’s effectiveness by taking as an example a recently reported SQL injection vulnerability in phpBB systems.”, said Felipe Moniz de Aragao, chairman and chief software architect at Syhunt. “Syhunt TS Web Security Suite offers four layers of protection against this form of attack: first by examining obvious places for the presence of vulnerable scripts, that’s where hackers will try first; second by mapping all the web server’s content and checking the content for vulnerable scripts; next by analyzing the web server’s logs for SQL injection attacks, and finally by suggesting changes to the web server’s security configuration after analyzing the web server’s configuration files.”

“It is a significantly different approach than the used by other software that simply checks for CGI scripts.”

Adriana G. Brandao, corporate vice president of Product Delivery and Response at Syhunt, says while the company prepares to introduce new products, customers worldwide are successfully managing their web site’s security with the help of its web application security software. “A recent FBI/CSI survey found that one in four organizations suffered web attacks last year. Most attacks are aimed at changing or destroying data.”, Brandao says, “Syhunt TS Web Security Suite is a budget-priced software package that address this problem in a comprehensive way.”

Syhunt TS Web Security Suite Key Features

Syhunt TS Web Security Suite helps maintain the security of web sites and the implementation of security documents, such as the SANS Top 20 List and the OWASP Top 10 2004 List. Syhunt keeps up on what techniques the hackers are using and, as result, the company’s software has the most comprehensive web vulnerability assessment technology that can be found. Syhunt TS Web Security Suite features include:

– SANS Top Twenty Scan – Scans for SANS Top Twenty vulnerabilities. Syhunt TS’ Top 20 Scan is based on the updated 4.0 version of the SANS Top 20 list
– Syhunt TS Security Scanner – Includes thousands of security checks for all leading web server platforms, scans for SANS/FBI Top Twenty vulnerabilities, scans web pages and devices that run web sites, and tests intrusion detection filters
– Syhunt TS Miner – Recursively maps all the web server’s content and scans the content for threats, scans all types of web servers and devices that run web sites
– Syhunt TS Log Analyzer – Examines web server logs and provides heuristic analysis to detect new attacks
– Syhunt TS Security Hardening Tool – Examines the web server’s security configuration, provides heuristic analysis of the web server’s configuration files to detect security configuration errors
– Syhunt TS Baseline Security Scanner – Helps ensure security against outdated server software and scans for SANS Top Twenty vulnerabilities

CVE Compatibility
Syhunt TS is a CVE-Compatible product and listed on the CVE-Compatible Products and Services page at: www.cve.mitre.org/compatible/.

Pricing and Availability
Pricing for Syhunt TS Web Security Suite is based on the number of web sites or web servers tested, starting at $260 for a single host. Corporate license is available for customers with a large number of web sites. Syhunt TS Web Security Suite is available for evaluation and purchase through authorized Syhunt resellers and distributors. A technology demonstration of the web security scanning component is available for free download at www.syhunt.com

About Syhunt

Syhunt is a leader in web application security and the development of network defense systems, that monitors the evolution of Internet vulnerabilities from its lab. Syhunt teams for the last couple of years has been a supplier of intelligence and information to many of the largest corporate enterprises.

Syhunt is highly regarded in its field. The company’s software is used by thousands of organizations worldwide. These include several fortune 100 companies in North America, Europe and the Asia-Pacific Region. For more information, visit the Syhunt Web site at www.syhunt.com

Syhunt and TrustSight are either trademarks of Syhunt Inf. Ltd. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.