Infrastructure-agnostic web app protection with virtual patching option

Signal Sciences announced the latest innovations for its Web Protection Platform.

Its patented architecture provides security, operations and development teams with the visibility, security and scalability needed to protect against the full spectrum of threats their web applications now face, from OWASP Top 10 to account takeovers, API misuse and bots.

Signal Sciences works across any architecture, providing the broadest coverage against real threats and attack scenarios as well as integrations into DevOps tools that enable engineering and operations teams to share security responsibility. The software can be deployed as a next-gen web application firewall (WAF), reverse proxy for comprehensive application coverage, or for runtime application self-protection (RASP).

Breaking through the limitations of the legacy WAF approach, the platform is used by 95 percent of customers in fully automated blocking mode while completely eliminating the learning, tuning and complexity required from legacy WAF solutions.

What’s new?

At RSA Conference 2018, Signal Sciences is demonstrating new technology advancements:

• IP anonymization aids GDPR compliance – Customers can request that all user IP addresses be anonymized within Signal Sciences. This is designed to assist customers with their compliance program, including the upcoming E.U. General Data Protection Regulation (GDPR).
• Broadened platform with HAProxy support allows universal deployment – Signal Sciences is completely infrastructure-agnostic, deployable in any application stack while integrating with current workflows and operations processes. Now with HAProxy support, a critical integration point for many enterprise infrastructures, Signal Sciences is the only solution to work on any cloud, any container, any PaaS and any IaaS.
• Advanced filtering allows customization – The ability to configure advanced blocking or allowing of requests based on arbitrary conditions enables customers to keep Signal Sciences in blocking mode based on how their specific applications work.
• Virtual patching blocks known CVEs – One-click virtual patching lets customers protect their applications from published vulnerabilities even before their software has been patched.

Company customers worldwide now include more than a dozen trusted security companies such as Duo Security, Tenable, evident.io and Red Canary. It is also being used in the world’s largest web services.

“We designed Signal Sciences to eliminate the roadblocks, delays and manual effort associated with outdated and inflexible web application security technologies. We’re especially pleased to see the strong adoption we’ve earned among other security technology companies—a powerful validation of our approach and impact,” says Andrew Peterson, Signal Sciences co-founder and CEO.