A1 - Injection

Injection flaws, such as SQL, OS, and LDAP injection, occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing unauthorized data.

Profense detects and blocks injection attacks through validation of user input using either negative or positive security policies.

A2 - Cross Site Scripting (XSS)

XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation and escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites.

Profense detects and blocks Cross Site Scripting (XSS) attacks through validation of user input using either negative or positive security policies.

A3 - Broken Authentication and Session Management

Application functions related to authentication and session management are often not implemented correctly, allowing attackers to compromise passwords, keys, session tokens, or exploit other implementation flaws to assume other users’ identities.

Session cookies are bound to client IPs by issuing a validation cookie containing a cryptographic token (a checksum) which validates that the client IP is the one the session token was originally issued to. In order for an attacker to perform session attacks he also have to steal the IP address of the target or give his IP to the target in case of session fixation attacks.

A4 - Insecure Direct Object Reference

A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key. Without an access control check or other protection, attackers can manipulate these references to access unauthorized data.

Profense detects and blocks Insecure Direct Object Reference attacks through validation of user input using positive security policies.

Additionally negative policies can be defined blocking direct access to directories or files (like for instance /admin/).

A5 - Cross Site Request Forgery (CSRF)

A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. This allows the attacker to force the victim’s browser to generate requests the vulnerable application thinks are legitimate requests from the victim.

Profense protects against session hijacking and CSRF attacks by injecting cryptographic validation cookies and parameters to responses from the web system.

Forms issued by an application in the web system are bound to the session through insertion of a form validation parameter containing a cryptographic token which proves that the action formulator (the application issuing the page containing a form) is in fact part of the web system protected by Profense. This provides very strong protection against CSRF attacks as the attacker, in order to forge a request, have to know the validation token for the form action for the current session.

A6 - Security misconfiguration

Good security requires having a secure configuration defined and deployed for the application, frameworks, application server, web server, database server, and platform. All these settings should be defined, implemented, and maintained as many are not shipped with secure defaults. This includes keeping all software up to date, including all code libraries used by the application.

Web server cloaking and customizable HTTP error handling and interception completely shield web servers from direct Internet access and defeat fingerprinting attacks.

URL blocking and support for strong authentication and authorization prevent or control access to critical resources.

A7 - Insecure Cryptographic Storage

Many web applications do not properly protect sensitive data, such as credit cards, SSNs, and authentication credentials, with appropriate encryption or hashing. Attackers may steal or modify such weakly protected data to conduct identity theft, credit card fraud, or other crimes.

Data leak prevention filters outgoing traffic and blocks or masks sensitive information.

A8 - Failure to Restrict URL Access

Many web applications check URL access rights before rendering protected links and buttons. However, applications need to perform similar access control checks each time these pages are accessed, or attackers will be able to forge URLs to access these hidden pages anyway.

Access to resources requiring a valid user session from unauthenticated users (users without a valid session) is detected and blocked by Profense.

Resource access authorization can be enabled for web applications as well as static files like XML and PDF.

A9 - Insufficient Transport Layer Protection

Applications frequently fail to authenticate, encrypt, and protect the confidentiality and integrity of sensitive network traffic. When they do, they sometimes support weak algorithms, use expired or invalid certificates, or do not use them correctly.

Profense provides an HTTPS frontend to web resources transforming an HTTP Web site into an encrypted HTTPS site without having to change any code.

Additionally HTTP (cleartext) requests can be redirected use HTTPS.