Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Incapsula Boosts DDoS Attack Protections With New Security Rules Engine

New Rules Engine Boosts Defense Capabilities Against DDoS and Sophisticated Layer-7 Application Attacks

New Rules Engine Boosts Defense Capabilities Against DDoS and Sophisticated Layer-7 Application Attacks

Incapsula, a cloud-based website performance and security service, today announced a new security rules engine designed to help quickly remediate complex application level (7) and business logic attacks. 

According to the company, the new engine and “InRules” security scripting language let customers create complex, granular security rules that are implemented and enforced instantly across Incapsula’s global network. These rules can be either manually coded or generated via a graphical user interface (GUI) that helps users with the rule generation process, the company explained.

New capabilities include:

Granular access control: Provides the ability to restrict access to a specific web resource (application, URL, parameter) per IP, country, or client type.

Focused mitigation: Applies mitigation rules with a fine tuned response only where needed. For example: Restricting the rate of account signups per IP and/or session, and requiring the client to pass a transparent browser integrity check.

Application flow enforcement: Enforces application logic such as parameter content and format validation, allowed rates, and flow enforcement. For example: Requiring a customer to submit a form before allowing them to move to checkout.

Additionally, InRules has a validation feature that helps prevent scripting errors, as well as a revision management system that helps track changes and allows users to revert to a previous rule version.

Advertisement. Scroll to continue reading.

“Driven by our InRules security language, our new security engine allows customers to apply even those most complex, granular rules across our worldwide network in just seconds, for the first time giving customers the same controls as our security team,” said Gur Shatz, CEO of Incapsula.

Late last year, the company rolled out new capabilities that give users total control over their caching and acceleration policies, enabling them to take advantage of Incapsula’s dynamic application profiling, caching and acceleration capabilities.

Incapsulas cloud-based service helps protect websites from threats such as DDoS attacks, illegal access attempts, spammers, scrapers and other malicious bots, and also addresses the entire OWASP’s Top 10 vulnerabilities list. The company is a spin-off and backed by data security firm Imperva.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Mike Byron has been named Chief Financial Officer (CFO) at Exabeam.

Ex-GitHub chief technology officer Mike Hanley has joined GM as CISO.

Network security and compliance assurance firm Titania has appointed Victoria Dimmick as CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.