Overview
| Rules | Requirement | Main Risks |
|---|---|---|
| Agent (IAST & RASP) |
Use a supported server | OWASP Benchmark 100% covered with 0 false positives OWASP 2013 A1, A3, A6, A8, A9 OWASP 2017 A1, A3, A4, A7, A8, A9 SANS 25 CWE 31, 78, 79, 327 etc. |
| Library (RASP) Automated Real Time Whitelist |
Use a supported framework | OWASP 2013 A4, A7, A8, A10 OWASP 2017 A5 SANS 25 CWE 862, 863, 22, 434, 829, 807, 601, 352, etc. Many Zero-Days |
Agent (IAST & RASP)¶
Java¶
| Server | Supported Versions | More Details |
|---|---|---|
| ColdFusion | 11.x | here |
| JBoss AS | 4.2.x, 5.x, 6.x and 7.x | here |
| JBoss EAP | 4.2.x, 5.x, 6.x and 7.x | here |
| Jetty | 9.x | here |
| JRun | 4.x | here |
| Payara Server | 5.x | here |
| Tomcat | 6 or greater | here |
| Undertow | 1.x, 2.x | here |
| Vert.x | 3.x | here |
| Weblogic | 11g and 12c | here |
| WebSphere | 7, 8, 8.5 and 9 | here |
| WebSphere Liberty | 18 | here |
| Wildfly | 8 or greater | here |
Your server is not on the list?
Contact us to ask for an integration at support@hdivsecurity.com
.NET¶
| Server | Supported Versions | More Details |
|---|---|---|
| IIS | 7.0, 7.5, 8.0, 8.5, 10.0 | here |
| IIS Express | 7.0, 7.5, 8.0, 8.5, 10.0 | here |
| Kestrel | 2.0.0 or greater | here |
Your server is not on the list?
Contact us to ask for an integration at support@hdivsecurity.com
Node.js¶
| Versions | More info |
|---|---|
| 4.x | here |
| 6.x | here |
| 8.x | here |
| 10.x | here |
| 12.x | here |
| 14.x | here |
| 16.x | here |
PHP¶
| Language | Versions |
|---|---|
| PHP 5 | 5.3 - 5.4 - 5.5 - 5.6 |
| PHP 7 | 7.0 - 7.1 - 7.2 - 7.3 - 7.4 |
| PHP 8 | 8.0 |
| Server | More Details |
|---|---|
| Apache | here |
| Nginx | here |
Your server is not on the list?
Contact us to ask for an integration at support@hdivsecurity.com
Python¶
| Language | Versions |
|---|---|
| Python 2 | 2.7 |
| Python 3 | 3.6 - 3.9 |
| Web Servers | Versions |
|---|---|
| Apache2 / mod_wsgi | 2.4.38 (Debian) / 4.7.1 |
| Gunicorn | 19.10.0 - 20.0.4 |
| Nginx / uWSGI | 1.14.2 / 2.0.19.1 |
| Runserver | Django 1.11 - 3.2 |
Your server is not on the list?
Contact us to ask for an integration at support@hdivsecurity.com
Library (RASP)¶
Java¶
| Type | Framework | More Details |
|---|---|---|
| Server MVC | Spring MVC | here |
| Server MVC | Thymeleaf | here |
| Server MVC | Struts 1 | here |
| Server MVC | Struts 2 | here |
| Server MVC | JSTL | here |
| Server MVC | JSF | here |
| Server MVC | Primefaces | here |
| Server MVC | Grails | here |
| Server MVC | Spring Web Flow | here |
| Server MVC | Struts-Layout | |
| REST | Spring REST | here |
| REST | Spring HATEOAS | here |
| REST | Spring Data REST | here |
| REST | JAX-RS (Jersey, Dropwizard) | here |
Your technology is not on the list?
Contact us to ask for an integration at support@hdivsecurity.com
.NET¶
| Type | Framework | More Details |
|---|---|---|
| Server MVC | ASP.NET MVC 4.x, 5.x | here |
| Server MVC | ASP.NET Web Forms | here |
| Server MVC | Telerik UI for ASP.NET MVC 2015.1.429 or greater | |
| REST | ASP.NET Web API 2 | here |
Your technology is not on the list?
Contact us to ask for an integration at support@hdivsecurity.com