Teros Looks To Trip Up Hackers

The latest version blocks cross-site scripting (XSS), protecting users against identity theft. "XSS attacks don't directly attack the applications. They attack the relationship between the customer and the Web site," said Greg Smith, senior director of product marketing at Teros, Santa Clara, Calif.

The new version of Secure Application Gateway also offers enhanced protection from denial-of-service attacks. "These have existed for a long time, and the easy ones [to detect] are at the network level. We are looking at the sophisticated ones that attack the Web server," Smith said.

In tandem with the gateway enhancements, Teros is offering a new SAFE Router module, which translates URL addresses before they are presented on a Web site, giving users a generic URL instead of a URL that might have internal proprietary information, Smith said.

The SAFE Router module is the "sexiest piece" of the Teros upgrade, but the XSS blocking is a very useful tool, said Babak Pasdar, CTO of IGXGlobal, a Hackensack, N.J.-based security solution provider and Teros partner.

"This is unlike intrusion detection. The Teros box receives requests for Web applications on behalf of the server and analyzes [it] to see if it is a reasonable request and lets it go through or not," Pasdar said. "In industries such as banking, where you have your whole life in front of you [on the screen], it's an absolute essential."

The Secure Application Gateway starts at a list price of $25,000 and includes application management capabilities. Current users can download the new firmware at no cost. Solution providers in the Teros Partner Program receive a discount from the list price, Smith said.