AppShield

Last updated October 01, 2022

AppShield was the world's first Application firewall. AppShield was conceptualized by Eran Reshef and Gili Raanan and was introduced to the market by Perfecto Technologies (now Sanctum) in the summer of 1999.^[1] AppShield is a safeguard for many systems as it is protection for code and data.^[2] The Appshield product was the first product to inspect incoming Hypertext Transfer Protocol requests and block malicious attacks based on a dynamic policy which was composed by analyzing the outgoing HTML pages.^[3]^[4] AppShield is used to isolate the target applications registers and address space from the other applications and can utilize memory in a unique way and in return, the rootkit can't access it's memory.^[5] The product faced many market adoption challenges and Sanctum was forced to introduce a complementary solution named Appscan to demonstrate the need in Application security.^[6] In 2004, F5 Networks acquired AppShield's intellectual properties from Sanctum and discontinued the technology.^[7] Gartner's Magic Quadrant (MQ) 2015 for Web Application Firewalls estimates that the global WAF market size is as big as $420 million, with 24 percent annual growth.^[8] AppShield can rewrite application framework in Android and IOS and it will not modify the IOS for the device.^[9]

Related Research Articles

<span class="mw-page-title-main">Instant messaging</span> Form of communication over the Internet

Instant messaging (IM) technology is a type of online chat allowing real-time text transmission over the Internet or another computer network. Messages are typically transmitted between two or more parties, when each user inputs text and triggers a transmission to the recipient(s), who are all connected on a common network. It differs from email in that conversations over instant messaging happen in real-time. Most modern IM applications use push technology and also add other features such as emojis, file transfer, chatbots, voice over IP, or video chat capabilities.

Citrix Systems, Inc. was an American multinational cloud computing and virtualization technology company that provides server, application and desktop virtualization, networking, software as a service (SaaS), and cloud computing technologies. Citrix products were claimed to be in use by over 400,000 clients worldwide, including 99% of the Fortune 100, and 98% of the Fortune 500.

Juniper Networks, Inc. is an American multinational corporation headquartered in Sunnyvale, California. The company develops and markets networking products, including routers, switches, network management software, network security products, and software-defined networking technology.

The Great Firewall is the combination of legislative actions and technologies enforced by the People's Republic of China to regulate the Internet domestically. Its role in internet censorship in China is to block access to selected foreign websites and to slow down cross-border internet traffic. The Great Firewall operates by checking transmission control protocol (TCP) packets for keywords or sensitive words. If the keywords or sensitive words appear in the TCP packets, access will be closed. If one link is closed, more links from the same machine will be blocked by the Great Firewall. The effect includes: limiting access to foreign information sources, blocking foreign internet tools and mobile apps, and requiring foreign companies to adapt to domestic regulations.

<span class="mw-page-title-main">Internet security</span> Branch of computer security

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

<span class="mw-page-title-main">Application firewall</span> Layer 7/application layer network security system

An application firewall is a form of firewall that controls input/output or system calls of an application or service. It operates by monitoring and blocking communications based on a configured policy, generally with predefined rule sets to choose from. The application firewall can control communications up to the application layer of the OSI model, which is the highest operating layer, and where it gets its name. The two primary categories of application firewalls are network-based and host-based.

In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. The isolation metaphor is taken from the idea of children who do not play well together, so each is given their own sandbox to play in alone. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system. A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space. Network access, the ability to inspect the host system, or read from input devices are usually disallowed or heavily restricted.

VPN-1 is a firewall and VPN product developed by Check Point Software Technologies Ltd.

Outpost Firewall Pro is a discontinued personal firewall developed by Agnitum.

Vyatta is a software-based virtual router, virtual firewall and VPN products for Internet Protocol networks. A free download of Vyatta has been available since March 2006. The system is a specialized Debian-based Linux distribution with networking applications such as Quagga, OpenVPN, and many others. A standardized management console, similar to Juniper JUNOS or Cisco IOS, in addition to a web-based GUI and traditional Linux system commands, provides configuration of the system and applications. In recent versions of Vyatta, web-based management interface is supplied only in the subscription edition. However, all functionality is available through KVM, serial console or SSH/telnet protocols. The software runs on standard x86-64 servers.

Junos OS is a FreeBSD-based network operating system used in Juniper Networks routing, switching and security devices.

NetScreen Technologies was an American technology company that was acquired by Juniper Networks for US$4 billion stock for stock in 2004.

<span class="mw-page-title-main">Firewall (computing)</span> Software or hardware-based network security system

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

The Golden Shield Project, also named National Public Security Work Informational Project, is the Chinese nationwide network-security fundamental constructional project by the e-government of the People's Republic of China. This project includes a security management information system, a criminal information system, an exit and entry administration information system, a supervisor information system, a traffic management information system, among others.

HCL AppScan, previously known as IBM AppScan, is a family of desktop and web security testing and monitoring tools, formerly a part of the Rational Software division of IBM. In July 2019, the product was acquired by HCL Technologies and is currently marketed under HCL Software, a product development division of HCL Technologies. AppScan is intended to test both on-premise and web applications for security vulnerabilities during the development process, when it is least expensive to fix such problems. The product scans the behavior of each application, whether an off-the-shelf application or internally developed, and develops a program intended to test all of its functions for both common and application-specific vulnerabilities. This family of products is capable of performing SAST, DAST, IAST and Mobile Analysis against the user's source code and check for vulnerabilities.

<span class="mw-page-title-main">Web application firewall</span> HTTP specific network security system

A web application firewall (WAF) is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. By inspecting HTTP traffic, it can prevent attacks exploiting a web application's known vulnerabilities, such as SQL injection, cross-site scripting (XSS), file inclusion, and improper system configuration.

<span class="mw-page-title-main">Gili Raanan</span> Israeli inventor

Gili Raanan is an Israeli venture capitalist and one of the inventors of CAPTCHA, the WAF and many other inventions in the fields of application security and discovery. Raanan started Sanctum in 1997, and invented the first Web application firewall AppShield and the first Web application penetration testing software AppScan. He later started NLayers which was acquired by EMC Corporation pioneering the science of Application discovery and understanding. He is an investor and a General Partner at Sequoia Capital, the Founder of Cyberstarts, and was a board member at Adallom, Armis Security, Onavo, Moovit, Innovid (NYSE:CTV) and Snaptu.

Sanctum was a Santa Clara, California-based information technology company focused on application security. Sanctum offered a firewall, AppShield, and scanner, AppScan, for application-layer security for Web environments.

DingTalk is an enterprise communication and collaboration platform developed by Alibaba Group. It was founded in 2014 and headquartered in Hangzhou. By 2018, it was one of the world's largest professional communication and management mobile apps in China with over 100 million users. International market intentions were announced in 2018. DingTalk provides iOS and Android apps as well as Mac and PC clients.

References

↑ "Perfecto Technologies Delivers AppShield for E-Business - InternetNews". www.internetnews.com. 27 August 1999. Retrieved 2016-09-12.
↑ Cheng, Yueqiang; Ding, Xuhua; Deng, Robert H. (2015-04-14). "Efficient Virtualization-Based Application Protection Against Untrusted Operating System". Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ASIA CCS '15. New York, NY, USA: Association for Computing Machinery: 345–356. doi:10.1145/2714576.2714618. ISBN 978-1-4503-3245-3. S2CID 16097790.
↑ "Method and system for dynamic refinement of security policies". Google Patents . 2002-12-31.
↑ "Method and system for extracting application protocol characteristics". Google Patents . 1999-07-01.
↑ Cheng, Yueqiang; Ding, Xuhua; Deng, Robert (2013-10-31). "AppShield: Protecting Applications Against Untrusted Operating System" (PDF). Retrieved 2022-04-14.
↑ Messmer, Ellen. "CNN - New tool blocks wily e-comm hacker tricks - September 7, 1999". www.cnn.com. Retrieved 2016-09-12.
↑ "Game Over? - Information Security Magazine" . Retrieved 2016-09-12.
↑ Kolochenko, Ilia (16 February 2016). "Web Application Firewall: a must-have security control or an outdated technology?" . Retrieved 2016-09-12.
↑ Qu, Zhengyang; Guo, Guanyu; Shao, Zhengyue; Rastogi, Vaibhav; Chen, Yan; Chen, Hao; Hong, Wangjun (2017). Deng, Robert; Weng, Jian; Ren, Kui; Yegneswaran, Vinod (eds.). "AppShield: Enabling Multi-entity Access Control Cross Platforms for Mobile App Management". Security and Privacy in Communication Networks. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Cham: Springer International Publishing. 198: 3–23. doi:10.1007/978-3-319-59608-2_1. ISBN 978-3-319-59608-2.

This computer security article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Perfecto Technologies Delivers AppShield for E-Business - InternetNews". www.internetnews.com. 27 August 1999. Retrieved 2016-09-12.

[2] Cheng, Yueqiang; Ding, Xuhua; Deng, Robert H. (2015-04-14). "Efficient Virtualization-Based Application Protection Against Untrusted Operating System". Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ASIA CCS '15. New York, NY, USA: Association for Computing Machinery: 345–356. doi:10.1145/2714576.2714618. ISBN 978-1-4503-3245-3. S2CID 16097790.

[3] "Method and system for dynamic refinement of security policies". Google Patents . 2002-12-31.

[4] "Method and system for extracting application protocol characteristics". Google Patents . 1999-07-01.

[5] Cheng, Yueqiang; Ding, Xuhua; Deng, Robert (2013-10-31). "AppShield: Protecting Applications Against Untrusted Operating System" (PDF). Retrieved 2022-04-14.

[6] Messmer, Ellen. "CNN - New tool blocks wily e-comm hacker tricks - September 7, 1999". www.cnn.com. Retrieved 2016-09-12.

[7] "Game Over? - Information Security Magazine" . Retrieved 2016-09-12.

[8] Kolochenko, Ilia (16 February 2016). "Web Application Firewall: a must-have security control or an outdated technology?" . Retrieved 2016-09-12.

[9] Qu, Zhengyang; Guo, Guanyu; Shao, Zhengyue; Rastogi, Vaibhav; Chen, Yan; Chen, Hao; Hong, Wangjun (2017). Deng, Robert; Weng, Jian; Ren, Kui; Yegneswaran, Vinod (eds.). "AppShield: Enabling Multi-entity Access Control Cross Platforms for Mobile App Management". Security and Privacy in Communication Networks. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Cham: Springer International Publishing. 198: 3–23. doi:10.1007/978-3-319-59608-2_1. ISBN 978-3-319-59608-2.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]