Protect Mission-Critical Apps from Vulnerabilities with Privacyware’s ThreatSentry for Windows Web Server

TL; DR: Privacyware helps businesses safeguard their digital assets via ThreatSentry, a web application firewall for Microsoft Internet Information Services (IIS). The software arms users with multilayered, enterprise-grade protection and compliance capabilities at an affordable price. With a customer-centric approach to product development, Privacyware, established in 1999, is poised to continue securing mission-critical systems for decades to come.

We live in an increasingly digital world where applications are available via the cloud, and private data is stored online. While these advancements bring us countless benefits, they also increase vulnerability to attackers looking to exploit weaknesses at the application level.

According to the Open Web Application Security Project (OWASP), a nonprofit group that works to improve software security through unbiased information and community events, software vulnerabilities undermine our critical financial, healthcare, defense, and energy institutions.

Periodically, OWASP issues a list of the 10 most critical web application security risks. The most recent publication, released in 2017, documented a range of techniques used to exploit weaknesses, including injection flaws, cross-site-scripting (XSS), broken authentication, and sensitive data exposure, among others.

In the face of these numerous and constantly changing threats, software companies must make security an integral part of their culture. But that doesn’t mean the process is easy.

Enter ThreatSentry, a web application defense solution by Privacyware designed to address the most critical security flaws, including those detailed in the OWASP Top Ten Project. The software ensures web applications and sensitive data are adequately secure and compliant using advanced, multilayered protection.

“We created ThreatSentry, a web application firewall for Windows Internet Information Services (IIS) web servers, in 2005,” said Gregory Salvato, CEO at Privacyware, which was established in 1999. “It combines a rules-based WAF, behavioral filtering, and an NDIS driver to deliver multi-layered level defense against known and new types of threats. Today, Privacyware solely supports ThreatSentry and its wide-ranging client base.”

ThreatSentry is incredibly user-friendly and affordable for nearly any customer, from SMBs to large enterprises. Privacyware’s customer-centric approach also extends to its product development process, which will likely help the well-established company protect mission-critical systems for decades to come.

Privacyware was founded in 1999 as a security arm of PWI, Inc., a custom software development organization. “We were working with engineers and technologists with really unique skills in security, data analytics, and discrete mathematical approaches to behavioral analysis,” Gregory said. “We always had the idea of productizing those skills in some way.”

Initially, Privacyware did so by providing its technology to security information management vendors, but by 2005 the company released ThreatSentry as a proprietary product. Today, Privacyware focuses on alliances, OEM arrangements, and partnerships with independent software vendors, internet service providers, hosting providers, and datacenters. These clients leverage ThreatSentry to make strategic security decisions that enable them to stay one step ahead of hackers.

In the last 15 years, Privacyware has turned ThreatSentry into a dominant force in web application security. The software is known for its affordability, performance, and ease of use. It is implemented as a native module in Microsoft IIS and snap-in into the Microsoft Management Console (MMC). ThreatSentry supports Windows Server 2000 through 2019 and IIS 5 through 10. Prices per server include one year of support.

In addition, a revolutionary combination of proactive defense technologies prevents attackers from exploiting vulnerabilities. These components include a state-of-the-art web application firewall, a proprietary NDIS driver for flexible network IP blocking, behavior-based intrusion prevention, and anti-DOS and DDoS capabilities.

“The application is easy to configure and has blocked many scans from hackers attempting to see if the server has any vulnerabilities,” said one security administrator and Privacyware customer in a testimonial on the company’s site. “I have been happy with the results.”

ThreatSentry provides users with ultra-granular control via an intuitive management console that handles configuration settings, blocked IPs, rule and signature definition, and alert notifications.

It also allows the user to control sensitivity levels on the software’s artificial intelligence-based behavior engine, which analyzes traffic patterns to detect behavior anomalies, deviations, and new threats to prevent intrusion.

Gregory said the ability to customize the software via executive administrator controls allows each company to tailor the program to its needs and risk level.

“The web app to firewall space is a pretty specialized space, even tricky to some degree,” he said. “Some companies look at security from the standpoint of meeting a compliance requirement versus the other end of the spectrum — the more healthy end of the spectrum — which is taking as proactive and comprehensive of a stance on security as you possibly can.”

In terms of product development, Gregory said Privacyware strives to provide a lot of tangible functionality without heavy lifting and administrative overhead. At the same time, the company offers flexibility and versatility in terms of configuration possibilities for companies that want to invest their time in responsible security.

Gregory told us that the combination of Privacyware’s proficiency in nonlinear mathematics, neural networks, self-learning systems, and complex software development provides the company with a competitive edge. These skills result in innovative security solutions distinguished by their ease of use, their strong analytic capabilities, and the overall value they present to enterprises.

“Again, we’ve got three core modules within the system,” Gregory said. “Most security companies, in general, allow users to configure explicit rules to cover the things that they already know they want to block.”

That’s a useful feature, for sure, but companies also need a way to detect suspicious behavior that they may not know to look for. In this case, it’s wise to fear the unknown.

“There are behaviors that aren’t necessarily linked to an explicit rule or signature, but they behave a lot like things that you know are harmful,” Gregory said. “Many companies like the simplicity of having a rules-based system, but it’s more proactive to have that behavioral component as well.”

In addition to the ability to operate with agility, peace of mind through security, and a significant return on investment, Gregory told us that ThreatSentry’s ultimate value proposition is the comprehensiveness of the solution.

“You’re getting multiple layers of protection in one comprehensive package with a lot of control,” he said. “There are few standalone, software-based web application firewalls for Windows web servers out there with a complete array of features. I don’t know that we have much in the way of competition.”

Privacyware’s development and professional services team is made up of computer scientists, security specialists, and mathematicians who have worked to provide consultants, SMBs, and local governments, as well as global enterprises, with advanced security solutions.

When the team is updating products and developing new ones, Gregory said the majority of discussions — at least 75% — revolve around customer feedback and demand.

“Your clients are the ones out there feeling the pain, so the suggestions they come up with are often the most valuable and consume you from a development standpoint,” he said. “Then, you blend those ideas with your special skill sets — your secret sauce.”

For Privacyware, the ability to enhance security protection at the behavior level is always important, as is involvement from the threat intelligence community. To illustrate the importance of community input, Gregory pointed to Waze, a GPS navigation solution that uses crowdsourced travel times and route details to help drivers find the best directions.

“It’s about including intelligence from the people in trenches — whether that’s related to a security or navigation product,” he said. “That’s something we’re prioritizing in terms of the enhancements and modifications we’re planning to add.”