NEC System Technologies, Ltd.
Japanese version
Products&ServicesCompany ProfileCSRContact Us

HOMEPress Releases ListPress Releases

Press Releases


Introducing Web Application Firewall "SiteShell" to Protect Web Applications from Security Vulnerability Attacks

June 26, 2008-NEC System Technologies, Ltd. announced today the launch of its Web application firewall "SiteShell" to effectively protect Web applications and data from Web application vulnerability attacks such as personal information leaks and Website tampering caused by unauthorized access to websites.

"SiteShell" only requires installation on an existing application server to protect Web applications from attacks such as SQL injection, and it can improve the Web application security level by continuously protecting against newly found security vulnerabilities with the update service. SiteShell can be used as an application layer firewall, which will be required to be compliant with PCI Data Security Standard (*1). The features of "SiteShell" are shown below.

1. SiteShell Requires No Web Application Modifications
As SiteShell only requires installation on an existing application server, it is very easy to strengthen vulnerability countermeasures of existing systems. Moreover, SiteShell provides configuration tools for easy and effective installation procedures.
2. SiteShell Reduces Future Vulnerabilities through Updates
By subscribing to the annual maintenance update service, programs addressing newly found vulnerabilities are continuously provided after installation, enabling timely updating services without stopping the system. The countermeasure programs addressing newly found vulnerabilities will be created and updated within five days after detection, thus the system can be safely operated without degrading the security level of Web applications.
3. SiteShell Supports Various Application Servers & Web Servers
SiteShell can be installed in various types of application servers such as WebOTX and WebLogic, and also to Web servers such as IIS. Moreover, as it complies with Servlet standard specifications, it can be used widely without limitations on the type of Web servers.

(*1) PCI Data Security Standard (PCIDSS)
  It was developed by the five leading payment card companies as a global security standard.

For detailed information on SiteShell:
  opens in a new windowhttp://www.necst.co.jp/product/ss/index_en.html


HOME Products&Services Company Profile CSR Contact Us
Site Map Privacy Terms of Use Japanese
Copyright(C) NEC System Technologies, Ltd. All rights reserved.