Web Application Firewall protects credit card information.

Press Release Summary:



WebDefend(TM) v3.4 secures magnetic stripe data allowing businesses to comply with Payment Card Industry and Data Security Standards. Administrators can mask cardholder verification and personal identification numbers preventing display or storage within server. Features include image leeching prevention, scam detection, and updated signature database.



Original Press Release:



Breach Security Advances Protection of Payment Card Authentication Data



New Release of WebDefend Secures Magnetic Stripe Data to Prevent Identity Theft and Duplication of Credit Cards

CARLSBAD, Calif., July 16 -- Breach Security, Inc., the leader in web application security, today announced the latest release of its flagship WebDefend(TM) web application security appliance, version 3.4. The new version makes it easier for businesses to comply with the Payment Card Industry (PCI) Data Security Standard (DSS) by securing magnetic stripe data, cardholder verification numbers and personal identification numbers (PINs).

Magnetic stripe data is more dangerous for hackers to access than just credit card numbers because it includes personal data, expiration date, the cardholder's name and security code information. Armed with this information, hackers can easily duplicate credit cards and the "duplicate" cards are inexpensive to buy in bulk.

Already recognized for its industry-leading PCI DSS compliance capabilities that protect leakage of credit card data, WebDefend version 3.4 expands its masking capabilities of sensitive payment account data. The new release now allows administrators to mask full magnetic stripe data, preventing it from being stored or displayed anywhere within the WebDefend software, including in audit logs and within the management console.

"PCI compliance is extremely important to us," said Michael Jackson, information security officer at Pegasus Solutions, Inc., the leading provider of technology and services to the hospitality industry, and a Breach Security(TM) customer. "WebDefend's ability to protect sensitive authentication information, such as cardholder data and personally identifiable information will help ensure that all of our customers' transactions are secure."

PCI DSS is a set of security requirements established by leading card issuing companies, including American Express, Visa Inc. and MasterCard Worldwide. The standard is designed to protect sensitive account data such as credit card numbers, customer names and contact information. Any organization that "stores, processes or transmits" card numbers must comply with PCI DSS. Organizations may keep certain data, such as account numbers, cardholder names and expiration dates, subject to specific conditions. Full magnetic stripe data, cardholder verification codes and PINs, however, may not be stored at any time under any circumstances. With the card number, this information enables a credit or debit transaction to occur.

"Maintaining the security and integrity of their customers' credit card information is critical for any web-based business, large or small," said Mike Pierce, CEO, Breach Security. "More organizations are realizing that PCI compliance is not simply a consumer-driven mandate, but a way to mitigate their overall risk. The latest WebDefend release delivers enhancements that help organizations continue to address their compliance, risk management and security concerns."

Other features in WebDefend version 3.4 include:

-- Enhanced profiling engine: Continuously builds site profiles in live environments based on actual traffic and real-world use, enabling immediate and automatic application learning and protection.

-- Image leeching prevention: Finds images within a web application that are linked to external web servers, which are frequently used to steal intellectual property from the original server; image leeching may also be employed in cross-site scripting and phishing attacks.

-- Scam detection: Identifies phishing attacks on websites, enabling organizations to spot these traps and pinpoint victimized site visitors more quickly.

-- Updated signature database: Provides updated application signature rules to prevent the latest attacks, including iFrame attacks, content theft and new SQL injection variants.

About WebDefend

WebDefend is an advanced web application firewall that offers customized, behavior-based security for each protected application. Only WebDefend uses a patent-pending profiling system and multiple, collaborative detection engines to ensure the flow of business-critical traffic while supplying complete protection for applications to keep the organizations' confidential information safe from targeted attacks. Deployed out-of-line, WebDefend uniquely provides non-intrusive, effective security for multi-application environments while continuing to provide full blocking capabilities. WebDefend has been praised for its accurate attack detection and prevention, ease-of-use, performance and targeted Payment Card Industry features in reviews by major industry publications including SC Magazine and Information Security magazine.

About Breach Security, Inc.

Breach Security, Inc. is the leading provider of real-time, continuous web application security that protects sensitive web-based information. Breach Security's products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company's products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel and government. For more information, please visit http://www.breach.com/.

Breach Security, the Breach Security logo and WebDefend are trademarks of Breach Security, Inc. All other brand, product and service names are the trademarks, registered trademarks and service marks of their respective owners.

All Topics