AppDefend Overview

AppDefend is an intrusion prevention system and web application firewall specifically written for the Oracle E-Business Suite Release R12 and Oracle PeopleSoft.  The purpose of AppDefend is to block most types of web attacks against Oracle E-Business Suite and PeopleSoft before they reach the application.  AppDefend is a new concept in intrusion prevention - direct application protection.  By directly protecting the application, AppDefend protection is more effective than generic web application firewalls. Utilizing Integrigy's proprietary Deep Request Inspection™ technology, every request and every parameter is analyzed for common web attacks, such as SQL injection and cross-site scripting (XSS).

AppDefend is designed specifically for the application it is protecting. Thus, when implementing for the Oracle E-Business Suite or PeopleSoft, there is no analysis or other configuration required to provide maximum protection for the application. Integrigy has already performed all this work for you -- all modules, all versions.  AppDefend is highly configurable, but is delivered with a pre-defined configuration that should require little modification for most organizations.  This allows for a highly effective web application firewall to be installed rapidly and avoid the lengthy tuning process associated with deploying a generic web application firewall for a complex application like the Oracle E-Business Suite and PeopleSoft.

AppDefend Features

Prevents Web Attacks

Detects and reacts to SQL Injection, XSS, and known Oracle EBS/PeopleSoft vulnerabilities

Virtual Patching

Blocks known Oracle EBS/PeopleSoft web security vulnerabilities

Limits EBS Modules

More flexibility and capabilities than URL firewall to identify EBS modules

Application Logging

Enhanced application logging for compliance requirements like PCI-DSS 10.2

Protects Web Services

Detects and reacts to attacks against native Oracle EBS web services (SOA, SOAP, REST)

User/Location Security

Limit application access based on users, responsibilities, and location

Adaptive Multi-Factor Authentication (MFA/2FA)

AppDefend enables Adaptive Multi-Factor Authentication (MFA/2FA) for Oracle E-Business Suite and PeopleSoft using DUO Security, TOTP (Microsoft Authenticator/Google Authenticator), PKI (smartcards), or hardware/software tokens.  AppDefend enhances the application login security by integrating with 2FA to provide secondary authentication at the user login, responsibility/role, function, and/or page.  AppDefend MFA provides flexibility and robustness to solve security and compliance challenges like phishing and excessive privileges with SYSADMIN.  AppDefend can be implemented in hours rather than months that other identity management solutions require. [Learn More]

Unique Application Protection

Beyond a web application firewall, AppDefend is able to provide unique protection and security for the application.  As an example, AppDefend is able to block access to thousands of unused web pages and servlets when deploying the Oracle E-Business Suite externally in a DMZ.  When deploying a module like iSupplier, AppDefend will ensure only the required iSupplier web pages are externally accessible — thus dramatically reducing the surface area of the application from over 250 modules down to one.

AppDefend is implemented as a standard Java Servlet Filter and is executing within the application Java containers.  By embedding within the Java containers, AppDefend is able to hook into the Oracle E-Business Suite or PeopleSoft request stream to detect security anomalies unlike any other web application firewall.  AppDefend examines the incoming request and outgoing response, but also can inspect the internal application context to see application information such as application user names, responsibilities, functions, and internal errors.  Using this information, AppDefend can block, alert, log, or sanitize incoming requests or outgoing responses based on over 30 different detection points.

AppDefend Specifications

Supported Applications

  • Oracle E-Business Suite 12.2
  • Oracle E-Business Suite 12.1
  • Oracle E-Business Suite 12.0
  • PeopleSoft 9.2
  • PeopleSoft 9.1

     

Supported Operating Systems

  • Linux (all supported distributions)
  • Oracle Solaris
  • HP HP/UX
  • IBM AIX
  • Microsoft Windows Server

Supported Integrations

  • Syslog
  • Splunk
  • Restful Services