ServerDefender Vulnerability Protection (VP) Web application firewall is designed to provide immediate PCI compliant protection for Web sites and applications running on the Microsoft IIS Web server by blocking Web attacks including SQL injection, buffer overflows, cross-site scripting (XSS) and request forgery (CSRF), zero-day, brute force, dictionary, denial of service and others. SQL Injection - SDVP scrutinizes incoming data with a set of strict web application security controls thereby preventing SQL injection attacks attempting to use application code to access or corrupt database content. Cross-Site Scripting (XSS) - SDVP blocks XSS attacks often used in conjunction with phishing, social engineering, and other browser exploits, ultimately preventing malicious HTML or client-side scripts from being injected into Web pages viewed by others. Cross-Site Request Forgery - SDVP prevents orphaned sessions that could become points of attack and vulnerability, potentially sending a harmful pre-authenticated request to a vulnerable web application. Session Hardening - SDVP enforces your security policy in a stateful manner, making its web application security controls even more effective. Rich monitoring: logging, reports & alerts Including: - Interactive Log Monitoring (Let's you customize security policies on the fly) - Flexible Alerting (Stay informed via email, SNMP, event or syslog) - Web & Email Based Reports (Daily and on-demand summaries of key trends and anomalies) - Rich Logging (Find the holes in your application security settings) ServerDefender VP is fully COMPATIBLE with IIS 6/7; 64-bit. Download a 30-day trial version and lock down your Web servers and data today!