SummaryXyberShield is a funny name for a very serious product that deals with an even more serious problem. Attacks against port 80 web access alone numbered nearly 114,000 on a single day and that number is by no means unique. Of course web application attacks are not limited to port 80. On the same day, for example, port 443 experienced over 94,000, according to dshield.org. Of course those only are the attacks reported to dshield.org. There likely are a great many more.
XyberShield combats web application attacks, such as SQL injection or cross-site scripting, by using a form of behavior profiling called XyberFrames. This, by the way, is another up-and-coming product/service that uses software-as-a-service (SaaS) as a delivery method in cooperation with local ISPs. You create application protection rules and XyberShield protects your web applications - with 55 detection points in 22 countries, comprising multiple ISPs in each location. The company has very good global coverage.
These detection points, or "Shield Points," are located at tactical operations centers and they constantly are monitoring activity against web apps in their areas. As new behavior patterns emerge, they are characterized into XyberFrames and added to the malicious profile collection. Now, all similar applications at all XyberShield customers are protected against that particular type of behavior.
We liked this service because it is comprehensive within its niche and because of its innovative way of delivering protection. In fact, the company claims to monitor over one million web sessions per month. MARSYS, the parent company, developed XyberShield as a response to internal requirements and expanded it into a generally available service. We tend to like that approach because it tells us that the product or service solves a genuine problem and that at some point in its lifecycle it was used successfully by its developer. XyberShield is one of those interesting answers to a genuine problem.
One thing we noted with all of these innovators was the increasing use of behavioral profiling to protect targets. This works today because we have the technology to collect huge amounts of data globally, analyze the data and extract useful information that can then be used to protect those targets.
Cost: Starts at $99.95 per month.
The problem it solves: Attacks against web applications.
What we liked: Credible behavior profiling turned to target protection.
What we didn't like: I would like to see more shield points in Asia, India and South America. These areas are huge sources of attacks.