BinarySEC for Apache looking beta testing
Posted by Pierre in
PHP
Friday, August 11. 2006
Mykii (well known leak hunter on #pecl 
is working on a product called BinarySEC and embeds PHP. As a result of his work, many leaks have been recently fixed recently in the TSRM mode.
It is now in the beta phase and looks for beta testers:
BinarySEC is a Web Application Firewall embedding an Artificial Intelligence engine. The software includes a NLP server (Neural Learning Protocol, developed with University Lab support) and an Apache module.
The NLP compares incoming HTTP requests to existing modelization of legitimate traffic. This action is optimized through a neural network with illimited pipeline (a real one !). Alerts are displayed in a unique interface to consolidate various remote Apache servers. BinarySEC embeds PHP in static mode.
BinarySEC for Apache installs within 15 minutes. It runs on any Linux / Apache version and stops major web attacks : commands injection, cross site scripting, sql injection, directory traversal, buffer overflow, …
We are actively looking for beta testers to : check installation and administration on as many distros / Linux kernel / Apache version as possible (we already checked around 20 combinations), check low number of false positives (after the learning period) and high volume real traffic (our tests show 2% CPU and 128 Mo RAM max usage). Test it here and give your feed back ! Your opinion matters !
