Unfiltered HTTP traffic causes dangerous threats to Web applications. The HTTP protocol as well as the Web

application server, its components and business logic are too complex and diverse. A specific Web application

only requires a small set of valid HTTP requests and data to be sent. Many attack and manipulation methods can

be successfully prevented if the HTTP traffic is thoroughly filtered and validated before it gets to the server.

For an attacker it is enough to be successful on one layer to attack an application server. Therefore only a

sophisticated filter combination covering all different layers leads to success.

Cyan Secure App provides a multi-stage filter engine that is highly customizable. The out-of-the-box product

includes well-known, attack-blocking rules to prevent SQL injection, Cross Site Scripting, HTTP Response

Splitting, Directory Traversal or other attacks. On top of that, application-specific filter patterns can be configured

on all HTTP components such as client IP address, HTTP headers, URLs, cookies, request method, content-type

and parameters. Furthermore, the innovative and patent pending URL encryption and smart form protection technology protects all URLs and HTML forms from manipulations.

An incoming request needs to pass the multi-stage filter verification before it is sent to a back-end
server. Every request is thoroughly checked on all different layers through the following filter stages: