PT Application Firewall to ensure the security of applications in Microsoft Azure

Positive Technologies announces the start of cooperation with Microsoft in cloud computing

Positive Technologies today announced that organizations can now deploy PT Application Firewall from Microsoft Azure Marketplace, allowing them to defend cloud hosted applications against hacking and DDoS attacks at the application level. This allows increased safety, elasticity, and uptime for users.

"Thanks to cloud platforms, almost any company can optimize its IT expenditure and ensure critical business processes are uninterrupted. Now, clients of one of the biggest cloud services in the world can rely on the advanced functions of PT Application Firewall directly in the ecosystem hosting their web applications," said Aleksander Lozhechkin, Developer Experience and Evangelism Director, Microsoft Central and Eastern Europe.

PT Application Firewall counteracts zero-day attacks using a positive security model, based on machine-learning algorithms with Microsoft Azure, immediately identifying and blocking unusual activities. The product automatically correlates events making it possible to identify attacks in the early stages, and has pre-trained modules for various industries. Currently, PT Application Firewall protects web services of financial and government institutions, telecommunication and petrochemical companies, and media organizations. PT Application Firewall is also used by a number of large e-commerce companies.

"Cloud-based web applications are exposed not only to attacks typical for this class, but also to a number of unique threats. In particular, all computing IP address ranges of cloud providers are well-known and continuously scanned for new hosts with vulnerable services. Therefore, such services can be attacked minutes after deployment. Moreover, the elasticity of cloud services can give rise to unexpected user costs caused by DDoS attacks at the application level, XML External Entity Processing vulnerability exploit or remote code execution. PT Application Firewall can expose such activities and prevent ineffective computing power consumption," explained Daniel Tara, VP International Sales at Positive Technologies.

DDoS attacks on applications do not usually require extensive resources, however, it is necessary to use advanced tools to protect the systems. To bypass protection systems, bots emulate user behavior in popular browsers, run Java scripts, and store cookies. To counteract such attacks, PT Application Firewall uses smart algorithms based on behavioral analysis techniques that help to differentiate between legitimate users and bots. The product also blocks all attacks recognized by OWASP and WASC, including SQLi, XSS and XXE, as well as HTTP Request Splitting, Clickjacking, and complicated client-side attacks.

By the end of this year, a more flexible model of PT Application Firewall with hourly rates (Pay As You Go) will be available to customers, allowing for reduced protection costs for seasonal applications with a varying number of visitors.