WebDefend Safeguards Customer Credit Cards and Identities; Enables PCI Compliance
CARLSBAD, Calif., June 9, 2008 — Breach Security, Inc., the leader in web application security, today announced that Overstock.com, an online retailer offering brand-name merchandise at discount prices, has selected Breach Security’s WebDefend web application security appliance to provide continuous protection against web-based attacks and data leakage for its online transactions. WebDefend also protects customer credit card data enabling Overstock.com to fully comply with the Payment Card Industry (PCI) Data Security Standard (DSS) in advance of the June 30, 2008 deadline for tight web application security controls.
“At Overstock.com, we pride ourselves on offering our customer community an enormous variety of quality merchandise in a reliable, fast and secure web environment—our success depends on a top quality web presence while meeting security standards,” said Carter Lee, vice president, Information Technology at Overstock.com. “The dynamic nature of our business requires frequent updates to our web applications. By deploying WebDefend, we achieve the necessary balance between rapid application development, secure customer transactions, and continuous PCI compliance, beyond what code scanning alone can provide.”
Overstock.com has averaged 16.6 million unique visitors a month over the last 12 months. Overstock.com’s ability to attract, serve and maintain satisfied customers is heavily dependent upon the operation of a secure, high-performance website. WebDefend provides Overstock.com with both protection for online customer transactions and identification and remediation of website coding errors that may impact security and overall usability. Customer trust and satisfaction are a top priority for Overstock.com and an important driver for the company’s overall success. In fact, Overstock.com has received numerous accolades for website performance and customer experience including ranking number one in the Customer Respect Group’s December 2007 Online Customer Respect Study. By using WebDefend, Overstock.com ensures that its website operates as designed, supporting performance targets and ensuring high levels of customer shopping satisfaction and security with each transaction.
The IT security team at Overstock.com selected WebDefend as the result of a rigorous testing process of the available web security solutions based on their ability to provide PCI compliance, as well as offer effective protection in an online customer environment. Overstock.com selected WebDefend because it delivers continuous PCI compliance along with real-time protection in a production environment. Going beyond what traditional web application firewalls offer, WebDefend also automatically identifies code flaws that can lead to security issues and negative user experiences. WebDefend enables the security team to report the identified flaws to application development for quick remediation of any issues, enabling the teams to work cooperatively in an effort to improve code quality and security.
“Overstock.com is a very sophisticated online retailer with a true commitment to serving up the best the Internet has to offer—satisfying online experience, enormous merchandise selection and secure transactions,” said Sanjay Mehta, senior vice president, Breach Security. “We are very pleased to work with Overstock.com to deliver unprecedented insight into their web applications, ensuring that they have visibility into the operations of their website, a sound security posture and an effective PCI compliance solution.”
The team also gave WebDefend top marks for its user interface which enables the administrator to drill down into a security event to gain visibility into an entire transaction, including what occurred and how to remediate the issue, and then generate a help ticket for the development team. Another key factor in Overstock.com’s selection of WebDefend is its ability to provide comprehensive security while operating out-of-line. WebDefend’s operation will never introduce a single point of failure, and therefore will not conflict with customer traffic or network performance.
WebDefend includes a pre-packaged PCI policy and reports. The PCI policy ensures the proper security configuration for attack prevention and the logging of all payment card use. PCI-specific reports provide an immediate view of the system’s overall level of compliance and details of payment card data use for audit purposes.
WebDefend is an advanced web application security solution that offers customized, behavior-based analysis for each protected application. Only WebDefend uses a patented profiling system and multiple, collaborative detection engines to ensure the flow of business-critical traffic while supplying complete protection for applications to keep the organizations’ confidential information safe from targeted attacks. Deployed out-of-line, WebDefend uniquely provides non-intrusive, effective security for multi-application environments while continuing to provide full blocking capabilities. In 2008, WebDefend has been praised for its accurate attack detection and prevention, ease-of-use, performance and targeted Payment Card Industry features in reviews by major industry publications including SC Magazine and Information Security magazine, a TechTarget publication.
Breach Security, Inc. is the leading provider of real-time, continuous web application security that protects sensitive web-based information. Breach Security’s products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company’s products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel, and government. For more information, please visit www.breach.com.
Overstock.com, Inc. is an online retailer offering brand-name merchandise at discount prices. The company offers its customers an opportunity to shop for bargains conveniently, while offering its suppliers an alternative inventory liquidation distribution channel. Overstock.com, headquartered in Salt Lake City, is a publicly traded company listed on the NASDAQ Global Market System and can be found online at http://www.overstock.com.
Overstock.com is a registered trademark of Overstock.com, Inc. All other marks are the property of their respective owners.
This press release contains certain forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. Such forward-looking statements include, but are not limited to, statements regarding the ability of the WebDefend product to permit rapid application development, secure customer transactions, and continuous PCI compliance in the Overstock.com systems environment, as well as providing protection for online customer transactions and identification and remediation of website coding errors that may impact security and overall usability. Our Form 10-K for the year ended December 31, 2007, our subsequent quarterly reports on Form 10-Q, or any amendments thereto, and our other subsequent filings with the Securities and Exchange Commission identify important factors that could cause our actual results to differ materially from those contained in our projections, estimates or forward-looking statements.
###