What is IWS?

IWS is an independent outbound web security solution that acts as a reverse proxy for HTTP and HTTPS endpoints.

It scans responses from endpoints in real time, IWS does not require any agent to be installed on the endpoint servers.

What can IWS do?

IWS can perform a variety of functions as listed below:

• Protection against Information Leakage from both public facing and Intranet websites.
• Protection against insecure Javascript coding practices used in your websites
• DDOS Mitigation via Nginx.
• Protection against Static & Ephemeral Defacement
• Detection of Layer 7 port scanning activities via the Exception content type
• IWS has multiple methods of protecting websites in addition to hashing, this allows us to protect dynamic authenticated websites as well.
• Protection against various methods of attack including
  • Obfuscation
  • Cross Site Scripting
  • Attacks involving modification of FQDNs in the Hostname Header

IWS Protection Mechanisms

IWS has two categories of protection that can be used together or apart.

• Hashing
  • Custom hash levels can be set on a path by path basis via our Custom Hash Level Mapping feature on a website by website basis.
• IWS Content Types
  • Content Types are applied to the entire website.