Paragon Initiative Enterprises Blog

The latest information from the team that develops cryptographically secure PHP software.

Introducing Ward: Web Application Realtime Defender - WAF, IDS, Automatic Security Updates for PHP Software

If you're a business owner, every hour spent worrying about criminals breaking into your website and stealing your customer's financial information is an hour you're not making your business more profitable.

That's why we created Ward.

Ward: Realtime Defense for your Websites

Ward is a full featured security suite built by Paragon Initiative Enterprises. Ward offers hands-free security so you can get back to what makes your business successful. Just installing Ward will make your web applications less vulnerable to attacks. Learn more about how Ward works.

Ward puts you in a better position simply by virtue of being deployed, but it also comes with a diverse and growing toolkit to assist highly technical teams to prevent cybersecurity risks more effectively.

Ward is appropriate for companies of all sizes. Small to medium businesses will benefit from the hands-free security benefits, while large enterprises will benefit from the value-added features Ward offers.

What Ward Does Today

Ward includes everything you'd expect a website security suite to offer, and more.

Intelligent Web Application Firewall

Ward only blocks threats that are relevant to the software you are running. For example, Ward won't waste CPU cycles attempting to block exploits targeting a Magento 1.9.0.1 vulnerability if your website is on version 1.9.3.4.

Meticulous Intrusion Detection

There are many Intrusion Detection Systems (IDS) on the market, but the ones available to PHP-based websites aren't up to our standards. Many of them use weak hash functions like MD5 to fingerprint files. Even beyond the risk of false positives/negatives caused by the use of weak hash functions, many IDS products are limited in their scope and efficacy. For example, they'll only check the filesystem for known malware samples.

Ward's IDS strives for excellence. At a base, our product uses BLAKE2 (a hash function more secure than SHA2 but faster than MD5) to identify known good/bad files. Ward also isn't limited to inspecting the filesystem; it also checks database tables, server configuration files, and shared memory for evidence of unauthorized and/or malicious code.

Automatic Security Updates

Have you ever heard about thousands of unpatched Magento sites being targeted by credit card thieves?

Or about how, if you didn't apply a critical Drupal security patch 7 hours after it was released, you should have considered your website to be hacked?

It's difficult to overstate the importance of automatic security updates to defend against ecosystem-level security threats. When implemented correctly, they keep your software robust; always adapting.

Our company has spent years making it possible to implement automatic updates to fix vulnerabilities in a way that is still secure, even if the update server gets hacked. And now you can benefit from our hard work into secure software updates, without any extra effort.

Ward will securely keep your software patched against the latest vulnerabilities. Even if our network is compromised, your systems will never be at risk.

Real-Time Application Hardening

In addition to blocking known threats and anomalous traffic, inspecting your system for indicators of compromise, and keeping your application software up to date, Ward includes a few runtime application hardening features that eliminate entire classes of vulnerabilities from ever being exploitable. It does this primarily through three mechanisms:

  1. Monkey-patching defensible alternatives in place of dangerous subroutines in the underlying framework of your application.
  2. Runtime reconfiguration (e.g. seeding weak random number generators with the kernel's CSPRNG on each request).
  3. Adding security headers to your HTTP responses to protect your customers.

Many of these are, presently, very specific to a product (e.g. Magento), but over time more will be introduced.

Additionally, mitigations any unpatched vulnerabilities we discover as a part of our open source security research will be provided automatically to Ward customers.

Ward Features Planned for Future Releases

In addition to the features released today, we have a lot of value-added features planned for future releases. These features will be offered at no extra cost to current customers at the time of their release:

  1. Encrypted backups that pass the mud puddle test.
  2. Security event logging with an audit trail.
  3. An optional firewall mode where Ward learns what good traffic looks like, and then blocks anything that looks different.

Where to get Ward?

Visit https://ward.paragonie.com to get started, and say goodbye to the security pain points that needlessly reduce your business's agility.

About the Author

P.I.E. Staff

Paragon Initiative Enterprises

Paragon Initiative Enterprises is a Florida-based company that provides software consulting, application development, code auditing, and security engineering services. We specialize in PHP Security and applied cryptography.


Need Technology Consultants?

Will tomorrow bring costly and embarrassing data breaches? Or will it bring growth, success, and peace of mind?

Our team of technology consultants have extensive knowledge and experience with application security and web/application development.

We specialize in cryptography and secure PHP development.

Let's Work Together Towards Success

Our Security Newsletters

Want the latest from Paragon Initiative Enterprises delivered straight to your inbox? We have two newsletters to choose from.

The first mails quarterly and often showcases our behind-the-scenes projects.

The other is unscheduled and gives you a direct feed into the findings of our open source security research initiatives.

Quarterly Newsletter   Security Announcements