KaVaDo, a supplier of application-level firewalls and scanners, has revamped its ScanDo application-level vulnerability scanner and InterDo firewall products, saying they can now be used to safeguard privileged or regulated data against both internal and external threats.
The company said that by tightening the way security processes are mapped throughout the development, deployment and maintenance of Web applications, customers are better able to meet compliance assurances and regulatory requirements. ScanDo version 2.5 and InterDo 3.5 can be used to automatically detect and protect major credit cards and Social Security numbers, account numbers and patient record numbers.
ScanDo can be used to carry out risk assessments by identifying vulnerabilities in applications and the exposure of privileged information. A module known as AutoPolicy then uses the results of testing to configure the InterDo application.
Unlike network firewalls that are designed to defend the enterprise network against TCP/IP attacks, KaVaDo’s suite is designed to address vulnerabilities caused by hacks at the application level. These might be by SQL commands embedded in an HTML reply, by cookie manipulation where session information set by the web application at the user’s browser is manipulated by an intruder, or where information from web requests is not validated before being used by a web application.
ScanDo 2.5 starts at $11,000 and InterDo 3.5 starts at $15,000.