Positive Security Model: Delivers Zero Day Protection

Next-generation security requires much more than simple packet-level inspection.

The application security technology of the Web Application Firewall (WAF) is based on a positive security model that ensures correct application behavior. The model is based on HTTP industry standards and best coding practices for HTML and JavaScript. Application behavior deviating from the positive security model is treated as potentially malicious and is blocked by the Web Application Firewall.

Through its understanding of good application behavior, the positive security model does not require attack signatures or pattern matching techniques to detect and block attacks. It is the only proven approach delivering zero day protection against unpublished exploits. The positive security model:

Next-generation WAF protection requires much more than simple packet-level inspection
  • Models application behavior
  • Verifies best practices
  • Ensures RFC compliance
  • Enforces security in real-time
  • Is not signature-based

WAF: Deep Stream Inspection

Next-generation security requires much more than simple packet-level inspection. Complete application security requires deep stream inspection technology that reconstructs all bi-directional communications for each user session. Once reconstructed, it inspects all content to ensure correct application behavior, and the validity of user and machine inputs.

Deep stream inspection technology is based on multiple core technologies, including:

  • Bi-directional analysis of all application traffic
  • Complete header and payload inspection
  • Full application parsing
  • Semantic extraction of relevant application objects
  • Traffic sessionization

WAF: Adaptive Learning Engine

In addition to delivering out-of-the-box protection against all Web-based threats, the Web Application Firewall provides the ability to tailor security policies for any application, including those using client-side JavaScript. The adaptive learning engine can automatically learn the behavior of an application and generate human-readable policy recommendations. The security manager can then selectively apply recommendations to strengthen a security policy and to enable permissible application behavior.

WAF: Multi-layer Cloaking

The Total Uptime Technologies Web Application Firewall incorporates multi-layer cloaking technology to mitigate a hacker’s ability to conduct reconnaissance on a target Web-site. It hides sensitive information about an application environment (e.g., application server, database technology, server operating system, internal domain naming, etc.) making it much more difficult for an attacker to devise an effective attack strategy and exploit known vulnerabilities. By cloaking sensitive or revealing information at multiple communication layers, hackers are denied valuable intelligence about an application infrastructure, thus greatly reducing the risk of attack.

The Positive Security Model is a component of our Web Application Firewall Service.
Learn more about this service, our cloud platform, intuitive web-based management interface, pricing, 24x7 support and more by visiting our Web Application Firewall overview page.