Comprehensive. Integrated. Actionable Insight. Deep Security for Web Apps provides a complete suite of security capabilities in one integrated solution, saving you time and hassle.
Web applications make doing business easier and more cost-effective, but they carry risks. How do you know your applications are safe? Cyberattacks, like the recent Russian Hack and JP Morgan attacks, are growing in number and complexity, and you need security software that can keep up.
Trend Micro has developed the first comprehensive service designed to detect vulnerabilities and protect web applications in a single integrated solution. Deep Security for Web Apps offers:
With web apps growing rapidly in number and complexity—plus the frequent changes that a 24/7 online world demands—application vulnerabilities can emerge at any time. Regulations like PCI DSS require regular scanning of applications and platforms, but most organizations only test their applications a couple times a year. These scans typically generate a large number of false positives, and the work required to identify and prioritize the most important risks is far too time consuming.
Trend Micro Deep Security for Web Apps provides automated scanning of platform and application layers, plus hands-on application logic testing by security experts. We also remove false positives, saving you time and effort by allowing you to focus on those vulnerabilities that truly represent a threat. Our solution includes:
You’ve discovered a serious vulnerability. Now what? With each moment that passes without remediation, you risk exploitation and the resulting impact to reputation, brand, and customer trust. But fixing web application code or patching platforms is time consuming.
Deep Security for Web Apps allows you to immediately block vulnerabilities by providing the following mechanisms at both platform and application level:
Native Rule Export for Leading Web Application Firewalls
The Secure Sockets Layer (SSL) protocol is a fundamental requirement for securing web applications. However, traditional per-certificate pricing makes SSL costly and tricky to implement. Addressing configuration errors and individual certificate expiry dates further complicate matters.
Included with Deep Security for Web Apps, unlimited SSL lets you:
AffirmTrust Premium ECC
Trend Micro CA
Which browsers, applications, and devices are supported by Trend Micro?
The Trend Micro SSL root certificate is embedded in most major browsers. This means that SSL certificates issued by Trend Micro SSL are trusted automatically and transparently by most browsers, providing maximum end-user security and usability. For details, see the list of supported browsers, applications, and devices.
How do I create a CSR?
Before you send a request for an SSL certificate, you must create a Certificate Signing Request (CSR) on the server that you want to secure. For instructions, see create a CSR.
How do I install my SSL certificate?
After you submit the CSR and receive your SSL and intermediate certificates, you will need to install them on your server. For instructions, see install your SSL certificate.
Trend Micro Web App Security is subscription-based Software as a Service (Saas) available in three different packages, allowing you to match product capabilities to the security requirements of your various web applications.
With more than 54,500 checks across more than 14,000 vulnerabilities, including all OWASP and Web App Security Consortium testing criteria, Trend Micro Web App Security provides application vulnerability testing to highest industry standards. It detects technical flaws, such as cross-site scripting and SQL injection, as well as logical flaws, such as account privilege expansion and improper session handling.
Trend Micro Web App Security provides a detailed description, CVE-ID, compliance status, list of affected components, and suggested solutions for the vulnerabilities found in your web applications.
Web App Security produces detailed, auditable reports that document vulnerabilities, remediation, and policy compliance status. You can create customized reports of your platform scanning, application scanning, and malware detection results. Web App Security also comes with these predefined summary reports:
You can generate one-time reports or schedule recurring reports that are created and emailed to recipients on a regular basis.
The Web App Security console also has a dashboard that you can customize with up to 17 different widgets that provide a visual overview of the status of your system.
Using a sandboxing technology, the Web App Security malware engine leverages a database of over three million malware signatures and state-of-the-art behavioral analysis using file and registry detection. This allows Web App Security to find both known and zero-day malware before it impacts your customers or is detected by a blacklisting service.
Web App Security provides automatic generation of XML configuration files, which you can deploy to a Web Application Firewall (WAF) to provide rapid protection against vulnerabilities found in application scanning results. You can use Web App Security to automatically generate rules for these WAF products:
Although it works with many browsers, Web App Security has been designed and tested to work best with Microsoft Internet Explorer 8 and 9, and with Mozilla Firefox 11 or later.
Please ensure that your network does not block scanning traffic from the following IP addresses, which belong to the Trend Micro Web App Security data center:
220.127.116.11/26 (IP range 18.104.22.168 to 22.214.171.124)
Application scanning and malware detection are not affected by reverse proxies.
Using a reverse proxy server only affects the results for platform scanning. When Trend Micro Web App Security performs a platform scan, it probes the OS and web server layers of your server to discover vulnerabilities. Platform scanning is effective only if the machine that hosts the web server is directly visible to Trend Micro Web App Security. If you are running your web server behind a reverse proxy, Web App Security will scan and return results for the reverse proxy machine and not the target web server machine.
Scanning will increase the load on your systems, so you should schedule scans for times when your site is not typically busy.
The Trend Micro Web App Security application scanning feature uses remote scanning to detect vulnerabilities at the web application level. By default, when you add a web application to Web App Security, all pages in the web app will be scanned. This includes pages with HTML forms, which will be filled with test information and submitted. If your web application is written to trigger email messages on form submissions, the emails would get sent to the recipients with the test information included. In some cases, a large number of form submissions will be made during application scanning.
If you want to exclude select HTML form pages from your application scans, please contact Trend Micro Customer Support. Please note that such exclusions should be minimized as much as possible since the excluded pages will not be tested for application vulnerabilities. If you choose to exclude pages, please invest extra effort to ensure all external input on those pages is sanitized and appropriately encoded before such data is stored or displayed.
You can access the Web App Security online help from the Help menu in the Web App Security console. You can also go to https://was-portal.trendmicro.com/help/en/washelp.html.
You can use a scan root to specify the starting point for web application scans. If you do not specify a scan root, Deep Security for Web Apps will use the Web Application URL as the starting point and will crawl all sub-directories. The scan root can be be a web path, a web page, or both. For example, if your web application is accessed at http://www.trendmicro.com/csr/index.aspx, the base Web Application URL is http://www.trendmicro.com/ and the scan root should be /csr/index.aspx.
You can also use a restrict path to limit the scanner to a specific directory path. The path should begin with a slash (/), for example: /directory. All sub-directories of that path will be included. If you want to further define which directories will be crawled, you can use the Web Application Scope filters.
For details on the Scan Root, Restrict Path, and Web Application Scope settings, please see the Deep Security for Web Apps Help.