OWASP Core Rule Set Update for jetNEXUS Application Firewall
The OWASP CRS is a set of web application firewall rules.
The OWASP CRS provides protections if the following attack/threat categories:
- HTTP Protection – detecting violations of the HTTP protocol and a locally defined usage policy.
- Real-time Blacklist Lookups – utilizes 3rd Party IP Reputation
- HTTP Denial of Service Protections – defense against HTTP Flooding and Slow HTTP DoS Attacks.
- Common Web Attacks Protection – detecting common web application security attack.
- Automation Detection – Detecting bots, crawlers, scanners and other surface malicious activity.
- Integration with AV Scanning for File Uploads – detects malicious files uploaded through the web application.
- Tracking Sensitive Data – Tracks Credit Card usage and blocks leakages.
- Trojan Protection – Detecting access to Trojans horses.
- Identification of Application Defects – alerts on application misconfigurations.
- Error Detection and Hiding – Disguising error messages sent by the server.