Leading Qualified Security Assessor Trainer Deploys WebDefend to Protect Online Training Program
CARLSBAD, Calif., April 16, 2008 — Breach Security, Inc., the leader in web application security, today announced that The Aegenis Group, the recognized leader in payment card industry data security, regulatory training and consulting, has selected Breach Security WebDefend to protect its business-critical applications, including a recently launched online training program. The training application provides merchants with the information required to understand the Payment Card Industry Data Security Standard (PCI DSS) and broader data security issues in the payment card industry.
As the PCI DSS trainer for a major global card brand, Aegenis has successfully trained more than 8,000 individuals worldwide. Aegenis’ recently launched eLearning Solution was specifically developed to allow acquiring banks to meet the education requirements of certain card brands. The WebDefend-secured website will ensure that the students’ information and training remain confidential and secure.
“We evaluated a number of solutions when choosing a web application firewall to protect our eLearning infrastructure,” said Chris Mark, chief executive officer and president of The Aegenis Group, Inc. “In our capacity in the payment card industry, we have visibility to a variety of solutions and approaches to application security. We found the WebDefend web application firewall superior to any other product that we evaluated. Specifically, its comprehensive inspection of all inbound and outbound web traffic provides extremely high attack detection accuracy and prevents data leakage. Further, WebDefend allows us to protect our eLearning platform without compromising application availability, nor introducing the latency that is typically associated with such solutions.”
Today, companies that accept payment cards are facing a sophisticated and organized group of criminals that are specifically dedicated to obtaining cardholder data. According to Aegenis, the 2007-2008 black market value of an account number from a payment card is estimated to be between $4 and $6 in New York City. Full magnetic stripe data obtained from a payment card fetches a black market value of between $25 and $35, depending upon the credit limit and type of card. Theft of the security codes hidden in a card’s magnetic stripe data enables criminals to manufacture counterfeit cards.
The WebDefend web application firewall is an award-winning security appliance that protects sensitive customer information within web applications, such as credit card numbers and magnetic stripe data, from inbound hacks and outbound data leaks. WebDefend also detects application defects, including security vulnerabilities and leakage of information about application components, and provides full details required for quick and accurate remediation.
“The selection of WebDefend by an organization at the center of the payment card industry is a tremendous validation of our solution,” said Sanjay Mehta, senior vice president, sales and marketing for Breach Security. “Our partnership with The Aegenis Group will ensure that we continue to drive the most innovative solutions for PCI Compliance.”
According to a March 2008 Information Security magazine product review of web application firewalls, WebDefend was designated as “An excellent choice for data protection as well as application security.” The product review also gave WebDefend the highest praise for addressing compliance requirements for PCI DSS.
Aegenis installed and evaluated the WebDefend appliance with a focus on ease of deployment and ongoing operation, and product features related to how data is commonly compromised.
Highlights of the product evaluation include:
Ease of use: Aegenis installed and configured the WebDefend appliance in just a matter of hours using the instruction manual provided. The WebDefend user interface is intuitive, full featured and captures the details required to remediate security issues and application defects.
Network impact: because it does not operate in an in-line mode, WebDefend does not result in the creation of a single point of failure, nor does it introduce network latency, which is important to the overall online user experience. In addition, WebDefend can simultaneously support a very large number of applications without any decrease in effectiveness. A single appliance can support 20-30 enterprise web applications effectively.
Application defect detection: WebDefend has the unique ability to detect and identify defects within the application it is protecting. It provides a continuous process of review, whereas a code review is a one-time snap shot reliant upon human expertise. WebDefend provides a more consistent, objective and effective mechanism for identifying defects. The information provided from the defect detection can be utilized within an organization’s Software Development Life Cycle process to ensure that applications are being securely developed.
Outbound traffic analysis: arguably one of the most useful features from a security perspective is the ability for WebDefend to analyze outbound traffic for sensitive data. WebDefend has built-in support to identify cardholder data and also supports regular expressions, which provides the ability to identify and alert on traffic that contains other sensitive data such as track data resident on the magnetic stripes. Additionally, WebDefend can prevent the transmission of such data, thus enabling organizations to stop data leakage.
For more information about WebDefend, visit us at www.breach.com or call +1 866 205 7032 or +1 760 448 2051.
WebDefend is an advanced web application firewall that offers customized, behavior-based security for each protected application. Only WebDefend uses a patent-pending profiling system and multiple, collaborative detection engines to ensure the flow of business-critical traffic while supplying complete protection for applications to keep the organization’s confidential information safe from targeted attacks. Deployed out-of-line, WebDefend uniquely provides non-intrusive, effective security for multi-application environments while continuing to provide full blocking capabilities. In 2008, WebDefend has been praised for its attack detection and prevention, ease of use, performance and targeted PCI features in reviews by major industry publications including SC Magazine and Information Security magazine, a TechTarget publication.
The Aegenis Group is a regulatory compliance and risk management consulting organization specializing in strategic consulting, training and market development assistance for companies in and around the payment card industry. The Aegenis Group is the worldwide QSA trainer and is contracted with a major card brand to conduct merchant and acquirer PCI DSS training. For more information about The Aegenis Group, please contact us at info@aegenis.com.
Breach Security, Inc. is the leading provider of real-time, continuous web application security that protects sensitive web-based information. Breach Security’s products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company’s products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel, and government. For more information, please visit www.breach.com.
###
Breach Security and WebDefend are trademarks of Breach Security, Inc. All other brand, product and service names are the trademarks, registered trademarks or service marks of their respective owners.