Embedded WAF is a software solution developed to increase exploitation difficulty of those 0- and 1-day vulnerabilities related to web technologies.
Nowadays, most devices have a web-interface to monitor, manage, and configure them in a convenient manner. As in the case with websites this part of firmware has vulnerabilities which can be used by attackers. Our security system was specially created and configured for endpoint devices.
Due to automatic preprocessing stage the study of the internal structure of the application and data learning algorithms. Our logic-based algorithms allow our products to capture a wider range of web attacks and possibilities, which helps us to detect even unknown or modified web attacks.
Security system include only minimal possible and nessesary logic for protection against web-attacks. It was designed with care about processor performance and energy saving.
In addition, our solution makes exploitation of those vulnerabilities that were overlooked by a developer more complicated, and allows boosting security mechanisms, which were not implemented or enabled.
It will be either extremely difficult or even impossible for an attacker to conduct a successful attack on a device. Forced channel protection is also possible.
There have always been a lot of vulnerabilities, and, no doubt, there will always be. Even one small vulnerability exploitation may lead to a system infection. Unfortunately, it is just impossible to completely get rid of vulnerabilities. However, there is a way to deter a threat of a successful exploitation.
We turn any attack into a failure.
Vulnerable web-interface of admin panel: XSS, CSRF, directory traversal, LFI\RFI etc. Therefore, an attacker gets unauthorized access to a consumer’s device.
Unsuccessful attempt to exploit the vulnerability.