The signature-based DragonWAF activates defense mechanism when IIS server is under attack, it records all attack patterns using intellectual filtration techniques, webmasters are able to add more filtration strings by themselves, customize warning messages. The multiple graphic reports facilitate log management, making optimal security control an easy task. DragonWAF 2010 is capable of blocking any SQL Injection target at database (Oracle, MySQL..), DragonSoft offers the online updater and continuously to update database.

DragonWAF 2010 effectively prevent against 18 common web application attack methods: 1. SQL Injection 2. Server-Side Include 3. Directory Indexing 4. Path Traversal 5. Cross-Site Scripting 6. Buffer Overflow 7. LDAP Injection 8. Phishing 9. HTTP Response Splitting 10. Content Spoofing 11. Predictable Resource Location 12. Denial of Service 13. Application Fingerprinting 14. Insufficient Session Expiration 15. Session Fixation 16. Web Server Fingerprinting 17. Abuse of Functionality (emails, spiders, data theft) 18. Command Injection