AppSpider scans can detect exploitable vulnerabilities in your applications, but once these vulnerabilities are detected how long does it take your development teams to create code fixes for them? In some cases it could take several days to weeks before a fix/patch to resolve the vulnerability can be deployed, and during this time someone could be actively exploiting this issue in your application. AppSpider Defend, which is now integrated into AppSpider Pro, helps to protect your applications until a fix for the identified vulnerabilities are deployed.
Defend allows you to easily create custom defenses for Web Application Firewalls(WAFs), Intrusion Protection Systems(IPS), or Intrusion Detection Systems(IDS), based on the results of vulnerability scans conducted with AppSpider .
Using innovative automated rule generation, Defend, part of AppSpider Pro, helps security professionals to patch web application vulnerabilities with custom rules in a matter of minutes, instead of the days or weeks it can take by hand.
Without the need to build a custom rule for a WAF or IPS or the need to deliver a source code patch, Defend allows developers the time to identify the root cause of the problem and fix it in the code.
When you are ready to generate Defend rules, simply:
- Click on the Load Findings icon.
- Select the vulnerability summary XML file from a completed AppSpider scan.
- Determine which of the discovered vulnerabilities you would like to generate Defend rules for.
- Select the WAF/IDS/IPS that you want to configure with Defend. The current supported WAF/IDS/IPS's are the following: ModSecurity, SourceFire/Snort, Nitro/Snort, Imperva, Secui/Snort, Akamai, Barracuda, F5, and DenyAll.
- Then click on the Export Rules icon to generate a Defend rules file which can be uploaded into your WAF/IDS/IPS solution.
With these 5 easy steps you can generate a set of Defend rules that, along with your existing WAF/IDS/IPS solution, can help protect against exploits discovered by AppSpider.
Once you have loaded the Defend rule set into your WAF/IDS/IPS solution you can verify that the Defend protection has been enabled by clicking the Defend Scan icon which will launch a Defend Quick scan to replay the attacks which AppSpider used to discover the vulnerabilities and confirm that the attacks are no longer successful due to the Defend rules being deployed.
For more information on how the Defend functionality works you can review the AppSpider Pro User Guide.