Breach Security Inc has made good on its promise to develop a low-cost appliance around the open source application firewall it acquired a couple of months ago, with the release yesterday of its $8,500 ModSecurity M1000 unit.
Carlsbad, California-based Breach said its appliance had been configured with out of the box protection against many common web application security issues, and should also help businesses comply with regulations such as the Payment Card Initiative data security standard. The company will target the price-sensitive smaller businesses with its unit.
PCI calls for credit-card processing merchants and traders to deploy a web application firewall by mid-2008 and to protect cardholder data with network encryption, so the new appliance is fitted with an SSL encryption module and is configured to only use strong encryption and ciphers.
ModSecurity was developed as an open-source project in 2002 and claims some 10,0000 implementations to date. It was designed to work with a customer’s existing web server as an Apache plug-in, with Java and IIS versions said to be in development.