Overview

Rules	Requirement	Main Risks
Agent (IAST & RASP) SQL Injection XSS XXE CSRF Untrusted Deserialization and up to 50 more	Use a supported server	OWASP Benchmark 100% covered with 0 false positives OWASP 2013 A1, A3, A6, A8, A9 OWASP 2017 A1, A3, A4, A7, A8, A9 SANS 25 CWE 31, 78, 79, 327 etc.
Library (RASP) Automated Real Time Whitelist Binding Tampering Confidentiality etc. Anti-CSRF	Use a supported framework	OWASP 2013 A4, A7, A8, A10 OWASP 2017 A5 SANS 25 CWE 862, 863, 22, 434, 829, 807, 601, 352, etc. Many Zero-Days

Agent (IAST & RASP)

Java

Server	Supported Versions	More Details
ColdFusion	11.x	here
JBoss AS	4.2.x, 5.x, 6.x and 7.x	here
JBoss EAP	4.2.x, 5.x, 6.x and 7.x	here
Jetty	9.x	here
JRun	4.x	here
Tomcat	6 or greater	here
Undertow	1.x, 2.x	here
Vert.x	3.x	here
Weblogic	11g and 12c	here
WebSphere	7, 8, 8.5 and 9	here
WebSphere Liberty	18	here
Wildfly	8 or greater	here

Your server is not on the list?

Contact us to ask for an integration at support@hdivsecurity.com

.NET

Server	Supported Versions	More Details
IIS	7.0, 7.5, 8.0, 8.5, 10.0	here

Your server is not on the list?

Contact us to ask for an integration at support@hdivsecurity.com

Library (RASP)

Java

Type	Framework	More Details
Server MVC	Spring MVC	here
Server MVC	Thymeleaf	here
Server MVC	Struts 1	here
Server MVC	Struts 2	here
Server MVC	JSTL	here
Server MVC	JSF	here
Server MVC	Primefaces	here
Server MVC	Grails	here
Server MVC	Spring Web Flow	here
Server MVC	Struts-Layout
REST	Spring REST	here
REST	Spring HATEOAS	here
REST	Spring Data REST	here
REST	JAX-RS (Jersey, Dropwizard)	here

Your technology is not on the list?

Contact us to ask for an integration at support@hdivsecurity.com

.NET

Type	Framework	More Details
Server MVC	ASP.NET MVC 4.x, 5.x	here
Server MVC	ASP.NET Web Forms	here
Server MVC	Telerik UI for ASP.NET MVC 2015.1.429 or greater
REST	ASP.NET Web API 2	here

Your technology is not on the list?

Contact us to ask for an integration at support@hdivsecurity.com